Windows
Analysis Report
http://click.ewellix.com/s/055-381137bc-b499-4c3a-80bb-8a9aa9cb2fe1?enr=naahiaduabyaa4yahiac6abpabsaamyan4agiadkab2aazqaouadaadcab4qa5aapiadkaboabrqa3aan4ahkadeabtaa4qan4ag4aduaaxaa3qamuahiabpaayaamaageac2absaa2qayqaguadeabyabrqanqafuagcadfaa2qaoaafuadiadbabtaamiafuageadeaazqayyafuadaaddaazqayqameag
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 4564 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 4148 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2208 --fi eld-trial- handle=216 8,i,205359 4383329877 07,1257612 0220741081 305,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 2260 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://click. ewellix.co m/s/055-38 1137bc-b49 9-4c3a-80b b-8a9aa9cb 2fe1?enr=n aahiaduaby aa4yahiac6 abpabsaamy an4agiadka b2aazqaoua daadcab4qa 5aapiadkab oabrqa3aan 4ahkadeabt aa4qan4ag4 aduaaxaa3q amuahiabpa ayaamaagea c2absaa2qa yqaguadeab yabrqanqaf uagcadfaa2 qaoaafuadi adbabtaami afuageadea azqayyafua daaddaazqa yqameageab waa4aaniag iageadfaax qatqaieae2 abfaazaama ajeag2adba btqaziaoma c6acfab3qa zianqagyad jab4aajiag iadaaccabq qa3qanmack absaayaaqy anaagcadoa btqaziaeua deabqabcaa ziaoqagcad jabwaa4yae uadeabqaay aamyafuade abqaazaana afyahaadea btaa7aanqa g6advabsaa 3yanyac4ad gabzaaziam magqadfab2 aa5aamuaea adhabwaa3y amiagcadma btaa3yaoua g4adeabzaa 2iamuahgab oabrqa3yan uahyabrab6 aaqyajiafi acfabeqaqi agaadaabra a2aaviai4a hyabqaa2qa mqafuadaab raa3aanyag qageadcabs qaliageagc absaa2qali agqadcabwa braaliamia dsabsaazqa liaheadeab raayaamaam uagkabxaaz aaniagyadk ad4aayaani aheac2abxa a2aayiamma diabzaa3aa yqafuagiab vaa2qayyaf uadiabrabs aayyafuagc abxaazaaoi afuageabqa a4qaziagqa ggaddaa2aa zqageadmab wab6aamaag aadcabnaaz aaniamiadk absaa4aayy agyac2adba bsqaniahaa c2abuabqqa zqageac2ad cabsaamyam mac2abqabr qamyamiagc adcaa3aaoa aguadeadca bsqa7aaoaa euacuabcqa siaieadaab qaayaaqiai yadgad4aba qa7aa" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- Acrobat.exe (PID: 2972 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Downloads \downloade d.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 4092 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 2380 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --user-d ata-dir="C :\Users\us er\AppData \Local\CEF \User Data " --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=21 20 --field -trial-han dle=1528,i ,842396996 072084598, 1934659045 707896709, 131072 --d isable-fea tures=Back ForwardCac he,Calcula teNativeWi nOcclusion ,WinUseBro wserSpellC hecker /pr efetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | File opened: | Jump to behavior |
Source: | Window detected: |
Source: | File created: | |||
Source: | File created: | Jump to dropped file |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 11 Masquerading | OS Credential Dumping | 1 System Information Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 4 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 5 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
chrome.cloudflare-dns.com | 162.159.61.3 | true | false | unknown | |
alb-uw2-ig-trans-968983241.us-west-2.elb.amazonaws.com | 35.82.168.99 | true | false | high | |
www.google.com | 172.253.62.106 | true | false | high | |
d3odjtfu0bytz5.cloudfront.net | 13.249.178.69 | true | false | high | |
click.ewellix.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false | high | ||
false |
| unknown | |
false |
| low | |
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
23.48.8.182 | unknown | United States | 20940 | AKAMAI-ASN1EU | false | |
13.249.178.69 | d3odjtfu0bytz5.cloudfront.net | United States | 16509 | AMAZON-02US | false | |
162.159.61.3 | chrome.cloudflare-dns.com | United States | 13335 | CLOUDFLARENETUS | false | |
35.82.168.99 | alb-uw2-ig-trans-968983241.us-west-2.elb.amazonaws.com | United States | 237 | MERIT-AS-14US | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
172.253.62.106 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1417182 |
Start date and time: | 2024-03-28 18:24:09 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 44s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://click.ewellix.com/s/055-381137bc-b499-4c3a-80bb-8a9aa9cb2fe1?enr=naahiaduabyaa4yahiac6abpabsaamyan4agiadkab2aazqaouadaadcab4qa5aapiadkaboabrqa3aan4ahkadeabtaa4qan4ag4aduaaxaa3qamuahiabpaayaamaageac2absaa2qayqaguadeabyabrqanqafuagcadfaa2qaoaafuadiadbabtaamiafuageadeaazqayyafuadaaddaazqayqameageabwaa4aaniagiageadfaaxqatqaieae2abfaazaamaajeag2adbabtqaziaomac6acfab3qazianqagyadjab4aajiagiadaaccabqqa3qanmackabsaayaaqyanaagcadoabtqaziaeuadeabqabcaaziaoqagcadjabwaa4yaeuadeabqaayaamyafuadeabqaazaanaafyahaadeabtaa7aanqag6advabsaa3yanyac4adgabzaaziammagqadfab2aa5aamuaeaadhabwaa3yamiagcadmabtaa3yaouag4adeabzaa2iamuahgaboabrqa3yanuahyabrab6aaqyajiafiacfabeqaqiagaadaabraa2aaviai4ahyabqaa2qamqafuadaabraa3aanyagqageadcabsqaliageagcabsaa2qaliagqadcabwabraaliamiadsabsaazqaliaheadeabraayaamaamuagkabxaazaaniagyadkad4aayaaniaheac2abxaa2aayiammadiabzaa3aayqafuagiabvaa2qayyafuadiabrabsaayyafuagcabxaazaaoiafuageabqaa4qaziagqaggaddaa2aazqageadmabwab6aamaagaadcabnaazaaniamiadkabsaa4aayyagyac2adbabsqaniahaac2abuabqqazqageac2adcabsaamyammac2abqabrqamyamiagcadcaa3aaoaaguadeadcabsqa7aaoaaeuacuabcqasiaieadaabqaayaaqiaiyadgad4abaqa7aa |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 12 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@36/54@8/7 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 172.253.115.94, 172.253.62.139, 172.253.62.100, 172.253.62.138, 172.253.62.113, 172.253.62.102, 172.253.62.101, 142.251.111.84, 34.104.35.123, 23.215.0.10, 69.164.0.0, 192.229.211.108, 142.251.16.94, 72.21.81.240, 23.54.44.182, 18.213.11.84, 34.237.241.83, 54.224.241.105, 50.16.47.176, 142.251.16.138, 142.251.16.102, 142.251.16.113, 142.251.16.139, 142.251.16.101, 142.251.16.100, 23.198.214.134, 23.198.214.140, 23.40.179.21, 23.40.179.48, 23.40.179.56, 23.40.179.35, 23.40.179.63, 23.40.179.19, 142.251.167.94
- Excluded domains from analysis (whitelisted): clients1.google.com, e4578.dscg.akamaiedge.net, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com, clientservices.googleapis.com, p13n.adobe.io, acroipm2.adobe.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, update.googleapis.com, clients.l.google.com, www.gstatic.com, geo2.adobe.com
- HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: http://click.ewellix.com/s/055-381137bc-b499-4c3a-80bb-8a9aa9cb2fe1?enr=naahiaduabyaa4yahiac6abpabsaamyan4agiadkab2aazqaouadaadcab4qa5aapiadkaboabrqa3aan4ahkadeabtaa4qan4ag4aduaaxaa3qamuahiabpaayaamaageac2absaa2qayqaguadeabyabrqanqafuagcadfaa2qaoaafuadiadbabtaamiafuageadeaazqayyafuadaaddaazqayqameageabwaa4aaniagiageadfaaxqatqaieae2abfaazaamaajeag2adbabtqaziaomac6acfab3qazianqagyadjab4aajiagiadaaccabqqa3qanmackabsaayaaqyanaagcadoabtqaziaeuadeabqabcaaziaoqagcadjabwaa4yaeuadeabqaayaamyafuadeabqaazaanaafyahaadeabtaa7aanqag6advabsaa3yanyac4adgabzaaziammagqadfab2aa5aamuaeaadhabwaa3yamiagcadmabtaa3yaouag4adeabzaa2iamuahgaboabrqa3yanuahyabrab6aaqyajiafiacfabeqaqiagaadaabraa2aaviai4ahyabqaa2qamqafuadaabraa3aanyagqageadcabsqaliageagcabsaa2qaliagqadcabwabraaliamiadsabsaazqaliaheadeabraayaamaamuagkabxaazaaniagyadkad4aayaaniaheac2abxaa2aayiammadiabzaa3aayqafuagiabvaa2qayyafuadiabrabsaayyafuagcabxaazaaoiafuageabqaa4qaziagqaggaddaa2aazqageadmabwab6aamaagaadcabnaazaaniamiadkabsaa4aayyagyac2adbabsqania
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.2564442840307475 |
Encrypted: | false |
SSDEEP: | 6:FIpT54q2P92nKuAl9OmbnIFUt88IpJZmw+8IpDkwO92nKuAl9OmbjLJ:Rv4HAahFUt8F/+X5LHAaSJ |
MD5: | 12E2405481D8542B5232F9E23F566013 |
SHA1: | 33DB0B630A02385715037F8424803CB9247C98B0 |
SHA-256: | EEDC9EB26F6687FA6EFDB313E892D47BD416D1C7F57FEBEE4FAB45170813ABDB |
SHA-512: | D06A612828DD321CC8B7BDF12F289202F228EFD740F79857C83AD1FD976516F5375750718388B06819958E4AB1008A504FF8905C70865B19737C5327DB8202E6 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.2564442840307475 |
Encrypted: | false |
SSDEEP: | 6:FIpT54q2P92nKuAl9OmbnIFUt88IpJZmw+8IpDkwO92nKuAl9OmbjLJ:Rv4HAahFUt8F/+X5LHAaSJ |
MD5: | 12E2405481D8542B5232F9E23F566013 |
SHA1: | 33DB0B630A02385715037F8424803CB9247C98B0 |
SHA-256: | EEDC9EB26F6687FA6EFDB313E892D47BD416D1C7F57FEBEE4FAB45170813ABDB |
SHA-512: | D06A612828DD321CC8B7BDF12F289202F228EFD740F79857C83AD1FD976516F5375750718388B06819958E4AB1008A504FF8905C70865B19737C5327DB8202E6 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 335 |
Entropy (8bit): | 5.205778848837733 |
Encrypted: | false |
SSDEEP: | 6:FItxq2P92nKuAl9Ombzo2jMGIFUt88IrsZmw+8INRFzkwO92nKuAl9Ombzo2jMmd:yxv4HAa8uFUt8S/+zRF5LHAa8RJ |
MD5: | DECFC827BF0545F7320D854D2E314677 |
SHA1: | C945C3A5A2A491B3183D1B7DD7220EDEDDF06CEF |
SHA-256: | 15285CAB0C37D71CD9309EBCB17F538BA2BC89BD6F24441B3011351DC7039313 |
SHA-512: | 9C829E3EC18CD2FA445FBB5DC906B77BE06E0675180C2EBEF7DFB6C65D67A383F4C51B9EB7A79C44DC269FECA81FDDC9C759A7592047FAF2379B4BDDCF265A0B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 335 |
Entropy (8bit): | 5.205778848837733 |
Encrypted: | false |
SSDEEP: | 6:FItxq2P92nKuAl9Ombzo2jMGIFUt88IrsZmw+8INRFzkwO92nKuAl9Ombzo2jMmd:yxv4HAa8uFUt8S/+zRF5LHAa8RJ |
MD5: | DECFC827BF0545F7320D854D2E314677 |
SHA1: | C945C3A5A2A491B3183D1B7DD7220EDEDDF06CEF |
SHA-256: | 15285CAB0C37D71CD9309EBCB17F538BA2BC89BD6F24441B3011351DC7039313 |
SHA-512: | 9C829E3EC18CD2FA445FBB5DC906B77BE06E0675180C2EBEF7DFB6C65D67A383F4C51B9EB7A79C44DC269FECA81FDDC9C759A7592047FAF2379B4BDDCF265A0B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4099 |
Entropy (8bit): | 5.236426019596657 |
Encrypted: | false |
SSDEEP: | 96:QqBpCqGp3Al+NehBmkID2w6bNMhugoKTNY+No/KTNcygLPGLLUBvW+n0:rBpJGp3AoqBmki25ZEVoKTNY+NoCTNLj |
MD5: | 171E15BCD7C3754472D18B8B679C1518 |
SHA1: | D1C4AD5B5C69E798D8A42906B47B5F823C38C18B |
SHA-256: | D4D9CC0490723DEF0F99A1E7EC03C28F1CB295125E0E4EB77A67A8BCB1BB5EE1 |
SHA-512: | 65BA16C21D008AFD9B95AB92307C4E07FE54FE2B224800A6CA159E8B0EE08BF4DEF1E9D0531E1D0DC92DE4580F21A5A7AA98D58AD76CBEB15321C6C8A4CCE477 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 323 |
Entropy (8bit): | 5.211437899409826 |
Encrypted: | false |
SSDEEP: | 6:FIz4q2P92nKuAl9OmbzNMxIFUt88IzB5Zmw+8IzTFUTkwO92nKuAl9OmbzNMFLJ:rv4HAa8jFUt8B/+nUT5LHAa84J |
MD5: | D9CBF30DCFEF6B0F4979F2D68120E1CE |
SHA1: | 65281520B7817528194BB164592EEFCC68FA6132 |
SHA-256: | CE0981FF34F4AD06466FDBBD9BCAB07DDB545EED539C7CB9B44E0B85BC5A2691 |
SHA-512: | 0F527E3A7B8A5DDDDF067CD6EA21EB48E5C94C73710C67B0EF8C4DBA0DCB947441C6A56568F818F724B082E6594ABB3494DDD750A822464F74CEBB3C8AF6DBCE |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 323 |
Entropy (8bit): | 5.211437899409826 |
Encrypted: | false |
SSDEEP: | 6:FIz4q2P92nKuAl9OmbzNMxIFUt88IzB5Zmw+8IzTFUTkwO92nKuAl9OmbzNMFLJ:rv4HAa8jFUt8B/+nUT5LHAa84J |
MD5: | D9CBF30DCFEF6B0F4979F2D68120E1CE |
SHA1: | 65281520B7817528194BB164592EEFCC68FA6132 |
SHA-256: | CE0981FF34F4AD06466FDBBD9BCAB07DDB545EED539C7CB9B44E0B85BC5A2691 |
SHA-512: | 0F527E3A7B8A5DDDDF067CD6EA21EB48E5C94C73710C67B0EF8C4DBA0DCB947441C6A56568F818F724B082E6594ABB3494DDD750A822464F74CEBB3C8AF6DBCE |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240328172621Z-155.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71190 |
Entropy (8bit): | 1.2858292958217972 |
Encrypted: | false |
SSDEEP: | 192:SF19O9W1N6andyeu5/8nW70pNTgFpwhQgjy04A1l4+Y2Fr4Z3s:Sv9WWv6adyeu5/8nUkTdhkAwH258c |
MD5: | 8BBE9D17718598A3163099742D6E2BC6 |
SHA1: | 15FE70D1FDFCB2406071F1FACBFC40C80B10B5F2 |
SHA-256: | 6337C695FF88B28837DD29CC0BB948B39D3E40D5CBA8DD77DE74BFCFCCDB1F07 |
SHA-512: | B989EBBF74B06FE72B7ADCF25ABA88F07DEC2439E7E875967D842694F5FE52FBB7F2345447F3B7504B711B756F1413567EF5A83839F46C3E3BE4E43D283B63F1 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1233 |
Entropy (8bit): | 5.233980037532449 |
Encrypted: | false |
SSDEEP: | 24:kk8id8HxPsMTtrid8OPgx4sMDHFidZxDWksMwEidMKRxCsMWaOtidMLgxT2sMW0l:pkxPhtgNgx4pyZxakazxCIK2gxap |
MD5: | 8BA9D8BEBA42C23A5DB405994B54903F |
SHA1: | FC1B1646EC8A7015F492AA17ADF9712B54858361 |
SHA-256: | 862DE2165B9D44422E84E25FFE267A5E1ADE23F46F04FC6F584C4943F76EB75C |
SHA-512: | 26AD41BB89AF6198515674F21B4F0F561DC9BDC91D5300C154065C57D49CCA61B4BA60E5F93FD17869BDA1123617F26CDA0EF39935A9C2805F930A3DB1956D5A |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1233 |
Entropy (8bit): | 5.233980037532449 |
Encrypted: | false |
SSDEEP: | 24:kk8id8HxPsMTtrid8OPgx4sMDHFidZxDWksMwEidMKRxCsMWaOtidMLgxT2sMW0l:pkxPhtgNgx4pyZxakazxCIK2gxap |
MD5: | 8BA9D8BEBA42C23A5DB405994B54903F |
SHA1: | FC1B1646EC8A7015F492AA17ADF9712B54858361 |
SHA-256: | 862DE2165B9D44422E84E25FFE267A5E1ADE23F46F04FC6F584C4943F76EB75C |
SHA-512: | 26AD41BB89AF6198515674F21B4F0F561DC9BDC91D5300C154065C57D49CCA61B4BA60E5F93FD17869BDA1123617F26CDA0EF39935A9C2805F930A3DB1956D5A |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1233 |
Entropy (8bit): | 5.233980037532449 |
Encrypted: | false |
SSDEEP: | 24:kk8id8HxPsMTtrid8OPgx4sMDHFidZxDWksMwEidMKRxCsMWaOtidMLgxT2sMW0l:pkxPhtgNgx4pyZxakazxCIK2gxap |
MD5: | 8BA9D8BEBA42C23A5DB405994B54903F |
SHA1: | FC1B1646EC8A7015F492AA17ADF9712B54858361 |
SHA-256: | 862DE2165B9D44422E84E25FFE267A5E1ADE23F46F04FC6F584C4943F76EB75C |
SHA-512: | 26AD41BB89AF6198515674F21B4F0F561DC9BDC91D5300C154065C57D49CCA61B4BA60E5F93FD17869BDA1123617F26CDA0EF39935A9C2805F930A3DB1956D5A |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 10880 |
Entropy (8bit): | 5.214360287289079 |
Encrypted: | false |
SSDEEP: | 192:SgAYm4DAv6oq6oCf6ocL6oz6o46ok6o16ok6oKls6oVtfZ6ojtou6o2ti16oGwX/:SV548vvqvSvivzv4vkv1vkvKlsvVtfZp |
MD5: | B60EE534029885BD6DECA42D1263BDC0 |
SHA1: | 4E801BA6CA503BDAE7E54B7DB65BE641F7C23375 |
SHA-256: | B5F094EFF25215E6C35C46253BA4BB375BC29D055A3E90E08F66A6FDA1C35856 |
SHA-512: | 52221F919AEA648B57E567947806F71922B604F90AC6C8805E5889AECB131343D905D94703EA2B4CEC9B0C1813DDA6EAE2677403F58D3B340099461BBCD355AE |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 10880 |
Entropy (8bit): | 5.214360287289079 |
Encrypted: | false |
SSDEEP: | 192:SgAYm4DAv6oq6oCf6ocL6oz6o46ok6o16ok6oKls6oVtfZ6ojtou6o2ti16oGwX/:SV548vvqvSvivzv4vkv1vkvKlsvVtfZp |
MD5: | B60EE534029885BD6DECA42D1263BDC0 |
SHA1: | 4E801BA6CA503BDAE7E54B7DB65BE641F7C23375 |
SHA-256: | B5F094EFF25215E6C35C46253BA4BB375BC29D055A3E90E08F66A6FDA1C35856 |
SHA-512: | 52221F919AEA648B57E567947806F71922B604F90AC6C8805E5889AECB131343D905D94703EA2B4CEC9B0C1813DDA6EAE2677403F58D3B340099461BBCD355AE |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.333550638441353 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDNynV+FIbRI6XVW7+0YZWUoAvJM3g98kUwPeUkwRe9:YvXKXJYpW7IiGMbLUkee9 |
MD5: | 027901BC73C9C817F2FD3E54EC694150 |
SHA1: | B072494338DBDF9819DE05F246EF9DBB006F0042 |
SHA-256: | 993307FEC52C71B570BE4BFD788AB0F38F68A4180D08BC3C2C358ED28EDF7247 |
SHA-512: | 876BE7B3C054C012E15D3CA65892355AD39F2F3AE945DCF35BD84C31C5643BE9D8308E0C9379B7A239AB4D9BF408A030EACBCECF62350236EDEC2BA4809FFB50 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.271801684841424 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDNynV+FIbRI6XVW7+0YZWUoAvJfBoTfXpnrPeUkwRe9:YvXKXJYpW7IiGWTfXcUkee9 |
MD5: | CC42AC1EBD9221404D25F0C539A3B58A |
SHA1: | 3B1C664E0335D6F563B9D6403EC1C2EB5AC41411 |
SHA-256: | 005AB13F0DEC93F5CA14530D20F857F38EAE2E538CFFCEC25E0CC19D95255357 |
SHA-512: | A6CB1E76BABA3757CB404A35671DB7E318FE8EA938ACBBB2C27BFF1655AA84DFA97CB94265CB6F231DEE1209B2310C802536914DAB9281036228E03600C7E615 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.250507899068302 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDNynV+FIbRI6XVW7+0YZWUoAvJfBD2G6UpnrPeUkwRe9:YvXKXJYpW7IiGR22cUkee9 |
MD5: | F4C34B34C61510E099A521F4087B8647 |
SHA1: | 3D82EC2225FDC94470E06555141FB8DB85FCA7D5 |
SHA-256: | 9F46CBF9F7572F3834158F32F5D6A957F0BBC551D2A7D698AE0E6EC00EF46514 |
SHA-512: | 2F00985D835A2B1F504F11B0CB60E8BFFC0A79DCF8DE66A97D9D956FC498E15F738580DD5BD84E2E19BE12D356F14BAE62556287834EB85BD3E16C52092CBB89 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.311397454766311 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDNynV+FIbRI6XVW7+0YZWUoAvJfPmwrPeUkwRe9:YvXKXJYpW7IiGH56Ukee9 |
MD5: | C7D2389A3E517489FB5C133A6D7DAE76 |
SHA1: | E8F27D7E04AE309E1A4412FFF70A1C91466F530E |
SHA-256: | 78241D2ED8A70F1DCDA65E1C8CCA8701A923CE14C467D36B6084ECA67365FE5F |
SHA-512: | 9821DA4DA3BEF36B05217B228DAED53E980C368C8E7AC26F763415DEE1BD0C4029E2C5F560F78C7C043787ECC89B498F38C0F6F99DEE2E4746A6CBB2243E4513 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.271947703784846 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDNynV+FIbRI6XVW7+0YZWUoAvJfJWCtMdPeUkwRe9:YvXKXJYpW7IiGBS8Ukee9 |
MD5: | FD89792C8D27AA6ADB140C6265089A8B |
SHA1: | 8EF43BC20F3B8DE7AE25D0EAE4DAE4179C8B63A9 |
SHA-256: | 5F6B2481839F34E2F540CE6859FC8E39D3F343CD41BB9F10E7D20ECA49E5445F |
SHA-512: | 7C6B1C4988FA49684583CCAE73EFF362A0C7BCD111A4BAAB3843F3DBCADB893B5DDC9A3FF4678DAD94C27E240878BBDDC10327C8C1CF143D620BED5BC7D2DE42 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.257969018573078 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDNynV+FIbRI6XVW7+0YZWUoAvJf8dPeUkwRe9:YvXKXJYpW7IiGU8Ukee9 |
MD5: | F47DC7927724E0D24F72BDC907AD9735 |
SHA1: | 6D8C625CBCD8D2FE876AFBF41D8238CB70FF0186 |
SHA-256: | 724C79AA07D85143D5720D28AA64643F0B4587CFF8C31793CCDA828A38BD7E92 |
SHA-512: | 2BF3E01FFA9170B0CFA3BA6302D7C15AD264FBFF93043D1091453864C3F0A3761445EDBA4C32A07F8FF0C0BF63028D6A3CAB19C99755E018B38BF634061F8CB8 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.259955841933399 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDNynV+FIbRI6XVW7+0YZWUoAvJfQ1rPeUkwRe9:YvXKXJYpW7IiGY16Ukee9 |
MD5: | D5D12F8D05C097E4BDB691546909518B |
SHA1: | 9B4728AE447293765C4A8F412A543BF241EA95C8 |
SHA-256: | 98DFF9039DCFE877E3A930F0F6AA54BBEEA6EDD970DD4DDEFA09C19834342A60 |
SHA-512: | 9FC55796E83F143302C3D731D4CE31800EE6FD57B4AD179584293DDAFE48A240714A422E95D80E25A5C9961C4CED802504FC21BDAC02D4D35E8A8458F376EED2 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.2789912097166924 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDNynV+FIbRI6XVW7+0YZWUoAvJfFldPeUkwRe9:YvXKXJYpW7IiGz8Ukee9 |
MD5: | 84995EFB30CF64F9978E8AA8984DBF1B |
SHA1: | E935B45B8F22B15D49FB9AFA00D4F79E8CB10872 |
SHA-256: | 910CED5D37DF7CB794E0662BD3CE404AB362494FDCEDD06CBBFA13921984F74B |
SHA-512: | CA3041879E589E1229333062A4D967AE01BA871A35FB168163AE4F96ACC8231C78C0B51CA01E75F92D98947CE54E992A64B3666D84148CB3A1CF50F127DCF302 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.285516461061252 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDNynV+FIbRI6XVW7+0YZWUoAvJfzdPeUkwRe9:YvXKXJYpW7IiGb8Ukee9 |
MD5: | 9CDECCD54200CF7514CD92012B7CA578 |
SHA1: | 5B619C1B200333D83F77B4666608B99DA86E9CCC |
SHA-256: | 49C68E0971B6ED0AB347E0721173ED49ADA183A9994161B8C5F7CAF3A1A16C69 |
SHA-512: | 830264032F52B03791EDD11734B47D022D12E68FAA07B39F1B0ACC109A457A55130E356BF70B14F7DBE60BF0EA9F53B18A153CC98F5BC5200C8CF8AEC9289073 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.265734972158872 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDNynV+FIbRI6XVW7+0YZWUoAvJfYdPeUkwRe9:YvXKXJYpW7IiGg8Ukee9 |
MD5: | 1199055A22B6218798D436722E2E5E95 |
SHA1: | 47B2D262D31407D2AEC8BC2E0D39981341C8D8B2 |
SHA-256: | FA9644121F86CAF852862C9EF2B20564A0942BF511A9D64BDB8D50AEF88849DB |
SHA-512: | 0614C8AAE59F34426C0C471F20DCA404AB2658A84FA66AC5016F0B5A1418D174C54B9E26BDF4AF6C8160446DD5B63912BF8461F6E4DFA7B19CDF856E8CDBBC46 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.781343594796552 |
Encrypted: | false |
SSDEEP: | 24:Yv6Xqi8rLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJNJSY:YvC8HgDv3W2aYQfgB5OUupHrQ9FJ/ |
MD5: | 3EF7490D8589DB0219DFF1B1FA7B7244 |
SHA1: | 9E5CE3310222181E44423C3701FF027576C38865 |
SHA-256: | 427A2D8B9F13D51DDA87F671F19D10C21B43C2590E49E288AADC9DF3C2E65BD1 |
SHA-512: | 6E4B2B70CE9F4C0E7A4CC30C982A4CCE6E42107040C29C8EFB9E0D2FD7C219D1D6485AE49614E5AF7A7E2BA541E5BB352DC4ED28CD1F5B74E9572E9398E08C13 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.249517568305872 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDNynV+FIbRI6XVW7+0YZWUoAvJfbPtdPeUkwRe9:YvXKXJYpW7IiGDV8Ukee9 |
MD5: | FA5BD200402255770F60D8D6E80C916E |
SHA1: | 33C6D6D6FB08D9A469389E0177E9506402D39436 |
SHA-256: | 79A6377ED964BE21B2583BDD2AE4A5BB6B016E1DF6B519B9A6B80DC6F0A36AF0 |
SHA-512: | 043911A3C53CBF3DDF88D6C69F11647B6286ED147F8604155CA4A380CE229AE4475D08DDE24E3F6E6BA35A612371DD10F912D4D7CBE80057D236D45CFD547726 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.251012374021207 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDNynV+FIbRI6XVW7+0YZWUoAvJf21rPeUkwRe9:YvXKXJYpW7IiG+16Ukee9 |
MD5: | 0C82791BF1E3FC3854C67EE21D48FEDF |
SHA1: | 01F5B76DCC814B02A9DFD4122A1FEB33F8BBC23F |
SHA-256: | 88D49BBB99126BED498D6D42DBA89DBD26B0ACDB89C39016C5C3C71849EC501E |
SHA-512: | 6233FE48E7736D468E6D4A6115603DE31FF163DDB0BBC927D8EFDF3BE22A4D0ABF0C92183C7BD6CA6526CA55440CF3317BAB197A5BE3C91E8672CEC8EA4A6DB5 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.272276282842798 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDNynV+FIbRI6XVW7+0YZWUoAvJfbpatdPeUkwRe9:YvXKXJYpW7IiGVat8Ukee9 |
MD5: | 5A66799FBCF7967A515E7EDDB5466286 |
SHA1: | B620102D91968679968301A3E60FFC64E2E3401E |
SHA-256: | 375711C5D62986DDFEACDBC9DEAACC2BF30DE7F2D6A2CF0DB100D7E64ED7FF19 |
SHA-512: | 15993F83529C573395348087B4BE324682562057738B7085356A515E353D9DACBB44E704E8DB939520B7137A08E46B8E961E69415E1FC184834521F1138F3D64 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.225929898242329 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDNynV+FIbRI6XVW7+0YZWUoAvJfshHHrPeUkwRe9:YvXKXJYpW7IiGUUUkee9 |
MD5: | FC207884ACDD3928A59F50852BDC8A4D |
SHA1: | 724222661BD95D971FD8771D33D28D674EC5DCC6 |
SHA-256: | 7BF8834E588993345EEC5A0B924D61069AFED9C0B6C23DA743DC8143279ED6F8 |
SHA-512: | 79AF6108B68A009344C269CA7297015E2EA277BDA11CA90B789602F4E135EE3A87AA76554C0AA7E1CE60F6ADC81B6BC9F4138577001722C2839A1F471A54EC13 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.369039990324817 |
Encrypted: | false |
SSDEEP: | 12:YvXKXJYpW7IiGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWNSY:Yv6Xqih168CgEXX5kcIfANhoSY |
MD5: | 5E5C15067A4743579D888AC979193844 |
SHA1: | A86CEB6ADEFE1E79B5C3E4302F05D2C888334E0C |
SHA-256: | 8672DFD7B886557F9382A709634A9E7A68F48C42E22954AC2CB26482F588D749 |
SHA-512: | 76E499C035A6E75E694C9C05F7ADBF62C4B36FBA090B3AC18501327AD924CC749B508B446B505EC00BF82EF92352D252004E75280800304ACE5590103306DF63 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | 3:e:e |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2813 |
Entropy (8bit): | 5.1297646182718335 |
Encrypted: | false |
SSDEEP: | 24:YuNCCq7kvr5Op2PMj7hRqD6atoHis1aywJsHEuinc2ejYj0ShG0N2hN12LSjVYRf:Y0s7kB0vcoCsg6LaRGDZVrxCs9c |
MD5: | 58FD9055EB864E57708CBDB9FAA7F609 |
SHA1: | 1F5396D424F7E4FBCB6C62FAC22E6CCDD4F76FC4 |
SHA-256: | 84916F990FA86ADBF066CCEB9023E44674AB8682243FFF3E3CEA672E907CB1E5 |
SHA-512: | B7F12737B829043011BCC6F56C9856BD61D55BEE65C8FED45D659968E260F56E943F7A498AF2D3C93B121039D121EF35842679A7C28E25151BB8B6ABF44FB05A |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 0.9848304034408358 |
Encrypted: | false |
SSDEEP: | 24:TLHRx/XYKQvGJF7urs6I1RZKHs/Ds/Spp4zJwtNBwtNbRZ6bRZ4QF:TVl2GL7ms6ggOVpKzutYtp6PB |
MD5: | 456C14E17C4C16828FD6FCF9A2099BD9 |
SHA1: | 99FB3DAE736A45A96D57B10967D6373B52F8E5D9 |
SHA-256: | DB2DAA07E8A075F95ABD11209F55EEA5F195E31CF3478835B4D310781A856BEB |
SHA-512: | 698928E8F7E5CF3F6AA8F1DE69766C0FFF76F738ED0D6AE9A7A08DDD9C604F5A1673690A20CE4E323EE19BDA68C13A3C5EC5D033AFAA175F32AE01AE1F428286 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.337410874585046 |
Encrypted: | false |
SSDEEP: | 24:7+t9mAD1RZKHs/Ds/SppPzJwtNBwtNbRZ6bRZWf1RZK8qLBx/XYKQvGJF7ursd:7McGgOVpRzutYtp6PMhqll2GL7msd |
MD5: | 2D5E6D2E3E3AA89B5C9EA644F5222DC2 |
SHA1: | 8265B99B1F7E777F4F2F1AFF620646BECDF50FE8 |
SHA-256: | 1CD6A8BAA97316FC9F75558C13AC346A5128E80130BEC6F0BB3A02072C2CCC9B |
SHA-512: | D397F2776DA4EE050D03451BA43E70CD9F81F53F753C049546C3F36C93203F07D95A9CF656572FE0C7F58D369CD22BEA60C1767CBB2AA72A4F27CB58518AFDA8 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 66726 |
Entropy (8bit): | 5.392739213842091 |
Encrypted: | false |
SSDEEP: | 768:RNOpblrU6TBH44ADKZEg8dx1OjDMeaPh2ij6xLlJKp19G3i4Yyu:6a6TZ44ADE8dxIe/j6xONmxK |
MD5: | 3DCFD044051848CDD1DFC3178266E3E1 |
SHA1: | B253A27C6A68C445A890EBD64E56A46B2B66DDFF |
SHA-256: | E28A8D0C120553D183D5CBFF295BE8958FAD96F9F5C091E16A7DE4C3BA947DAD |
SHA-512: | 8961EBFE3B7C32F6DB52E84ED84CDBFF2976C51942D1A9060DB34BC5900AC2B17CA9784698F1956E2744FB4DE73C87B39D661697DFA9940B9BDE395A77985D37 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.5248044522866877 |
Encrypted: | false |
SSDEEP: | 6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8rFFv:Qw946cPbiOxDlbYnuRKCH |
MD5: | 80FBE8363088FBA1933898E5ACC615DC |
SHA1: | D59E62E27C5863CD530EB8379ADCAF0518762B4C |
SHA-256: | 63F48910D854575734E7AF6D34271E14A0549E050FE49A3B576F1BB34C45BF69 |
SHA-512: | C72725BAB053E10EF9D5CF0068892D1EC8388623B2F9BC21CB18555C794F15CFCE89F057A20C88A9265EBE498BF41197D9BFDFFA10ED8592B4B39C1F2D7171C7 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-03-28 18-26-19-340.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.376360055978702 |
Encrypted: | false |
SSDEEP: | 384:6b1sdmfenwop+WP21h2RPjRNg7JjO2on6oU6CyuJw1oaNIIu9EMuJuF6MKK9g9JQ:vIn |
MD5: | 1336667A75083BF81E2632FABAA88B67 |
SHA1: | 46E40800B27D95DAED0DBB830E0D0BA85C031D40 |
SHA-256: | F81B7C83E0B979F04D3763B4F88CD05BC8FBB2F441EBFAB75826793B869F75D1 |
SHA-512: | D039D8650CF7B149799D42C7415CBF94D4A0A4BF389B615EF7D1B427BC51727D3441AA37D8C178E7E7E89D69C95666EB14C31B56CDFBD3937E4581A31A69081A |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15112 |
Entropy (8bit): | 5.399520330596288 |
Encrypted: | false |
SSDEEP: | 384:sOorQapfM1zMERNcKNsce3S2afX1Lr9ZP6AOGwBdFjBLbYIOLoIe3e7CpvKPkc8E:Wo |
MD5: | 0E097AEBB02F9223B7BC163F2E0C3C9E |
SHA1: | 2F00E00497456E4481D4E100119FBEAA64FEB144 |
SHA-256: | ED2E82CB2C71E55BEC25C611A9D76BE5284786B2A6E63E5FAEA7F78FC0A22101 |
SHA-512: | A9E5B073A0A488DC5F912489F2416BF2C262EC6705BAC14C80DB64A891CA437B42A18FE5435A0952BD3127FEC1B1FBF4A973A8868A16DB6A3D0FF725D45B5D9C |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29752 |
Entropy (8bit): | 5.405092716174899 |
Encrypted: | false |
SSDEEP: | 768:GLxxlyVUFcAzWL8VWL1ANSFld5YjMWLvJ8Uy++NSXl3WLd5WLrbhhVClkVMwDGbu:iWWqp6nqPDHP1aj2qNebMR |
MD5: | 91F6122122F41069A583761D53379B40 |
SHA1: | 7C9586A95B4928F55BBC9E0BCDF6743B08C0D091 |
SHA-256: | EADE52FD029105132860477924D263AB40F2448310F8F96B96AFCD35DC04971C |
SHA-512: | 7E2D3DCEBA7A255EC345D94E4C5BD680150029488A2D715E9ACAE15671552984A524645D0D0D7C106BEFE993813A20F9D8BFC74B79265FA0CEE10F7F8012DB76 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | 24576:/xA7owWLaGZDwYIGNPJodpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:JVwWLaGZDwZGk3mlind9i4ufFXpAXkru |
MD5: | 18E3D04537AF72FDBEB3760B2D10C80E |
SHA1: | B313CD0B25E41E5CF0DFB83B33AB3E3C7678D5CC |
SHA-256: | BBEF113A2057EE7EAC911DC960D36D4A62C262DAE5B1379257908228243BD6F4 |
SHA-512: | 2A5B9B0A5DC98151AD2346055DF2F7BFDE62F6069A4A6A9AB3377B644D61AE31609B9FC73BEE4A0E929F84BF30DA4C1CDE628915AC37C7542FD170D12DE41298 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | 12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | 24576:/M7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R077WLaGZjZwYIGNPJe:RB3mlind9i4ufFXpAXkrfUs03WLaGZje |
MD5: | 716C2C392DCD15C95BBD760EEBABFCD0 |
SHA1: | 4B4CE9C6AED6A7F809236B2DAFA9987CA886E603 |
SHA-256: | DD3E6CFC38DA1B30D5250B132388EF73536D00628267E7F9C7E21603388724D8 |
SHA-512: | E164702386F24FF72111A53DA48DC57866D10DAE50A21D4737B5687E149FF9D673729C5D2F2B8DA9EB76A2E5727A2AFCFA5DE6CC0EEEF7D6EBADE784385460AF |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | 6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9804321282605724 |
Encrypted: | false |
SSDEEP: | 48:8WkN2dOTqeaH6idAKZdA19ehwiZUklqehTy+3:8Wy3Xrgy |
MD5: | 5C1C2AF0A32ADC8159134BE2A8501066 |
SHA1: | CB72C2805BF0C186E31EECB49FB1A46ED20BF2B2 |
SHA-256: | EE5A9A2552945287E3AADB5AE9A8E7F6005AB344D8368E36BE7CFC83F8B934F5 |
SHA-512: | 98FAAA9E322345EC5D92CDF427B66D496B08789B13D021586ACAC0B6A5FA7B0FEB4E9CB15908FE306E0388F33A24146859A4616BA7101ED71F4CFA5FFDDB036D |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.996492552724403 |
Encrypted: | false |
SSDEEP: | 48:8e2dOTqeaH6idAKZdA1weh/iZUkAQkqehQy+2:8e3XZ9Q5y |
MD5: | 4DDF804EE556C518A3EC4252D707A3A8 |
SHA1: | 120E117ACC52ED2DFBF3D2291D7289FA0F103C39 |
SHA-256: | 96D9C14936B74B42EEF71284505F9A1EBEFAB52FD404D54041BB79166CDC765E |
SHA-512: | 58360B4EE1DBBB9CB018FBAF34452354E79AF1FBCB511CCE1B177D91929966D9D233D8B5169DA0C36B4C0D39DFE84156F0EAB3D8FE66DC4436258C5713CEBAA4 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.008865323697647 |
Encrypted: | false |
SSDEEP: | 48:8x22dOTqesH6idAKZdA14tseh7sFiZUkmgqeh7suy+BX:8x23Xznsy |
MD5: | E5154C318041EAE381405264D99802F5 |
SHA1: | 06228C58ACD725AFBE14CC4FA2A96FE68CA6CD30 |
SHA-256: | 6F6436FF94823344F94C44D2362BED17A1B8D881C6929CF601E20FAD49ADEE8E |
SHA-512: | F5C0C1D6173DD42C164A891A1D2C6AD5A4E38927D0371B6E1C5306B5A770B876D8BC3F68D26E6F71AFA515E6B0EEE6B08BC229271D2E39445670BEA04012FBE8 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.996218955426677 |
Encrypted: | false |
SSDEEP: | 48:8A2dOTqeaH6idAKZdA1vehDiZUkwqehUy+R:8A3X62y |
MD5: | 7ACF5E3835D7A8AB1A0D44BC0638EDB4 |
SHA1: | 3238A5FD34D5956585D4C300BEEC6828B0EC0696 |
SHA-256: | 97EBF8CE369F11F908CE23CDD7513BDAE91A50F9CBF034F295EFAD1EACBFC673 |
SHA-512: | D2B8CAE23C31F679FF572CE966E440FC3EB0DE5537C20B472251BC529AA02C8B0FA11D23B9993A6196DD26B02E8B43361F1AD5CC0AB3304819004435E8AB73A7 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.983937167909853 |
Encrypted: | false |
SSDEEP: | 48:8SOF2dOTqeaH6idAKZdA1hehBiZUk1W1qehqy+C:8V3X69Ky |
MD5: | 3A3F336CD975BDF1939F91F13DEDEFF7 |
SHA1: | A3C5A7CB28C2F258E6606C750D907CE37EE2EE3B |
SHA-256: | CD6E78104CA2FE1A8676D834CA3ED18E64FD27F4F629D8F1FFDD355974CD684C |
SHA-512: | 85B5178C777DF29F5B97C85F784CA568441AA27E9DB4AEF8EC378F15038EE5E85B439B2E3B33FE18E5C1F1BF77D7EFB83B8FE7A8BB1B45B065C5EC846232FBF7 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.996796155789481 |
Encrypted: | false |
SSDEEP: | 48:8K2dOTqeaH6idAKZdA1duT+ehOuTbbiZUk5OjqehOuTbsy+yT+:8K3XET/TbxWOvTbsy7T |
MD5: | AF99AF2C7C578044038D42E7C2642CAE |
SHA1: | 7BD998F128AA7761B85ACFC3D97F24CEDE66D9F2 |
SHA-256: | 603F28E4786C0BD2C16AD6D40B95AB613ED3785C4BCCB0F585451BC9667BF7BE |
SHA-512: | 3B090117E7CCE74B613B94461C568920103B41BE08EAB5DAF625F863470246B7DFC9301D110062B603B616B961930D171659515B7169FEC309DA442462CD9D42 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 155572 |
Entropy (8bit): | 7.231198308355702 |
Encrypted: | false |
SSDEEP: | 3072:UcUEjwvzvwzgO6krCzkja9sLomgCQwd/VS0j:UcU8wvzvwzEkGeLJJQwq0j |
MD5: | 1482C8F1D4226653288A683C971831F5 |
SHA1: | B06D885753752A3DDEAACE551D857AAFB93ED884 |
SHA-256: | 0925C880DBD44B0D92366ACC777EEAF2D317977880CE1AAE9FAEA72642EF5507 |
SHA-512: | 76031569C877B61D8C29611C2BEA21206AF3941ABCE305A0BF83CC9C38365ECD540E0F9B2BBF698C42636B90283BB0E8553EACFFA636E2B6804F75A7BC1FCFAF |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 155572 |
Entropy (8bit): | 7.231198308355702 |
Encrypted: | false |
SSDEEP: | 3072:UcUEjwvzvwzgO6krCzkja9sLomgCQwd/VS0j:UcU8wvzvwzEkGeLJJQwq0j |
MD5: | 1482C8F1D4226653288A683C971831F5 |
SHA1: | B06D885753752A3DDEAACE551D857AAFB93ED884 |
SHA-256: | 0925C880DBD44B0D92366ACC777EEAF2D317977880CE1AAE9FAEA72642EF5507 |
SHA-512: | 76031569C877B61D8C29611C2BEA21206AF3941ABCE305A0BF83CC9C38365ECD540E0F9B2BBF698C42636B90283BB0E8553EACFFA636E2B6804F75A7BC1FCFAF |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 243 |
Entropy (8bit): | 5.627597543471282 |
Encrypted: | false |
SSDEEP: | 6:TMVBd/ZbZjZvKtWRVzjCjj5d5EUXVrYhL3c4DPAOnOan:TMHd9BZKtWRUj35DmDTPAOnOa |
MD5: | 80743299B8B10495EA9940353A893E3C |
SHA1: | 040ADB56ED3757242ABDC10DD058FE8B56EF7CA1 |
SHA-256: | 50AFED1F5543B84ADCF416B5CB59AD1747F8D5D99B2B685058003521A395D1BC |
SHA-512: | E2FAE6121180DBA8114864C54AE12F8D326EADFB98ED0BE7312E12BE0811243E65503227BBB7FF3DE6EBB97ED28782BC9F6BE56236C37C98DF41B63A10239D5E |
Malicious: | false |
Reputation: | low |
URL: | https://d3odjtfu0bytz5.cloudfront.net/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 155572 |
Entropy (8bit): | 7.231198308355702 |
Encrypted: | false |
SSDEEP: | 3072:UcUEjwvzvwzgO6krCzkja9sLomgCQwd/VS0j:UcU8wvzvwzEkGeLJJQwq0j |
MD5: | 1482C8F1D4226653288A683C971831F5 |
SHA1: | B06D885753752A3DDEAACE551D857AAFB93ED884 |
SHA-256: | 0925C880DBD44B0D92366ACC777EEAF2D317977880CE1AAE9FAEA72642EF5507 |
SHA-512: | 76031569C877B61D8C29611C2BEA21206AF3941ABCE305A0BF83CC9C38365ECD540E0F9B2BBF698C42636B90283BB0E8553EACFFA636E2B6804F75A7BC1FCFAF |
Malicious: | false |
Reputation: | low |
URL: | https://d3odjtfu0bytz5.cloudfront.net/001-25b528c6-ae58-4af1-bd3c-0c3bab6852be/NAM%20Images/Ewellix%20Bank%20Change%20Details%2003-2024.pdf |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 28, 2024 18:24:51.402116060 CET | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 18:24:51.402121067 CET | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 18:24:51.527129889 CET | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 18:25:00.543504953 CET | 49709 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:25:00.543541908 CET | 443 | 49709 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:25:00.543600082 CET | 49709 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:25:00.544284105 CET | 49709 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:25:00.544296980 CET | 443 | 49709 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:25:00.705969095 CET | 49711 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:25:00.706279993 CET | 49712 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:25:00.737169027 CET | 49714 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:25:00.755553007 CET | 443 | 49709 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:25:00.755913973 CET | 49709 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:25:00.755928040 CET | 443 | 49709 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:25:00.756969929 CET | 443 | 49709 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:25:00.757034063 CET | 49709 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:25:00.758013010 CET | 49709 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:25:00.758081913 CET | 443 | 49709 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:25:00.805250883 CET | 49709 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:25:00.805259943 CET | 443 | 49709 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:25:00.851521969 CET | 49709 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:25:00.884072065 CET | 80 | 49711 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:25:00.884151936 CET | 49711 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:25:00.886212111 CET | 80 | 49712 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:25:00.886301041 CET | 49712 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:25:00.889971018 CET | 49712 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:25:00.917248964 CET | 80 | 49714 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:25:00.917321920 CET | 49714 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:25:01.005275965 CET | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 18:25:01.005511999 CET | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 18:25:01.069971085 CET | 80 | 49712 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:25:01.070046902 CET | 80 | 49712 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:25:01.132134914 CET | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 18:25:01.202475071 CET | 80 | 49712 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:25:01.255028009 CET | 49712 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:25:01.318984032 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.319014072 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.319082975 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.319463968 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.319477081 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.538942099 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.539241076 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.539264917 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.540225029 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.540307045 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.542155981 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.542207956 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.542330980 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.542336941 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.584295988 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.745208979 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.761938095 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.761945963 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.761955976 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.762011051 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.762038946 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.762053967 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.762089968 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.779499054 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.779514074 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.779577017 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.779582977 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.820029974 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.858397961 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.858417034 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.858443975 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.858450890 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.858470917 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.858537912 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.858552933 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.858599901 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.876058102 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.876094103 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.876130104 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.876136065 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.876179934 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.894943953 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.894959927 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.895026922 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.895034075 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.895064116 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.917143106 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.954200029 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.954217911 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.954271078 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.954277992 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.954317093 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.965459108 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.965473890 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.965542078 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.965548038 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.965586901 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.980973959 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.980988026 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.981048107 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.981054068 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.981093884 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.995349884 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.995363951 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.995433092 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:01.995439053 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:01.995481968 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:02.004000902 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:02.004072905 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:02.004076004 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:02.004101038 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:02.004158020 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:02.014640093 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:02.170954943 CET | 49715 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:02.170973063 CET | 443 | 49715 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:02.520222902 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 18:25:02.520314932 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 18:25:03.031934977 CET | 49716 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:03.031968117 CET | 443 | 49716 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:03.036433935 CET | 49716 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:03.036433935 CET | 49716 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:03.036461115 CET | 443 | 49716 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:03.253021955 CET | 443 | 49716 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:03.300715923 CET | 49716 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:03.300740957 CET | 443 | 49716 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:03.301184893 CET | 443 | 49716 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:03.345263004 CET | 49716 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:03.356374979 CET | 49716 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:03.356374979 CET | 49716 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:03.356383085 CET | 443 | 49716 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:03.356515884 CET | 443 | 49716 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:03.401618004 CET | 49716 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:03.767030954 CET | 443 | 49716 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:03.767163038 CET | 443 | 49716 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:03.767205954 CET | 49716 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:03.769542933 CET | 49716 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:03.769563913 CET | 443 | 49716 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:03.875921965 CET | 49717 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:03.875947952 CET | 443 | 49717 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:03.876010895 CET | 49717 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:03.877716064 CET | 49717 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:03.877727032 CET | 443 | 49717 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:04.226708889 CET | 443 | 49717 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:04.226783991 CET | 49717 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:04.239310980 CET | 49717 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:04.239326000 CET | 443 | 49717 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:04.239634037 CET | 443 | 49717 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:04.285886049 CET | 49717 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:04.502269030 CET | 49717 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:04.541980028 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:04.542018890 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:04.544121981 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:04.544667006 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:04.544676065 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:04.548228979 CET | 443 | 49717 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:04.672565937 CET | 443 | 49717 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:04.672643900 CET | 443 | 49717 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:04.675335884 CET | 49717 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:04.751266956 CET | 49717 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:04.751266956 CET | 49717 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:04.751285076 CET | 443 | 49717 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:04.751295090 CET | 443 | 49717 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:04.760726929 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:04.762959957 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:04.762974977 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:04.763307095 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:04.767544031 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:04.767607927 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:04.769922972 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:04.812226057 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:04.828342915 CET | 49719 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:04.828370094 CET | 443 | 49719 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:04.828519106 CET | 49719 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:04.828949928 CET | 49719 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:04.828963041 CET | 443 | 49719 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:04.969670057 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:04.984328985 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:04.984347105 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:04.984457016 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:04.984457016 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:04.984488964 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:04.984592915 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.002710104 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.002741098 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.002854109 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.002861977 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.051409006 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.083547115 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.083573103 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.083609104 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.083647013 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.083679914 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.103993893 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.104016066 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.104145050 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.104159117 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.104231119 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.122967958 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.122989893 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.123126984 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.123135090 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.123236895 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.178690910 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.178714991 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.178829908 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.178829908 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.178842068 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.180372000 CET | 443 | 49719 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:05.180464983 CET | 49719 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:05.180464983 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.186017036 CET | 49719 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:05.186023951 CET | 443 | 49719 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:05.186328888 CET | 443 | 49719 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:05.189527035 CET | 49719 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:05.192629099 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.192656994 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.192764997 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.192764997 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.192770004 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.194307089 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.204062939 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.204103947 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.204204082 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.204204082 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.204212904 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.206568003 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.223054886 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.223077059 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.223180056 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.223186016 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.226005077 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.230240107 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.230279922 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.230309963 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.230315924 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.230329037 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.230344057 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.230446100 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.232228041 CET | 443 | 49719 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:05.233916044 CET | 49718 | 443 | 192.168.2.5 | 13.249.178.69 |
Mar 28, 2024 18:25:05.233932972 CET | 443 | 49718 | 13.249.178.69 | 192.168.2.5 |
Mar 28, 2024 18:25:05.548242092 CET | 443 | 49719 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:05.548326015 CET | 443 | 49719 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:05.548388004 CET | 49719 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:05.549061060 CET | 49719 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:05.549078941 CET | 443 | 49719 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:05.549083948 CET | 49719 | 443 | 192.168.2.5 | 23.54.46.90 |
Mar 28, 2024 18:25:05.549088955 CET | 443 | 49719 | 23.54.46.90 | 192.168.2.5 |
Mar 28, 2024 18:25:10.761059046 CET | 443 | 49709 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:25:10.761120081 CET | 443 | 49709 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:25:10.761195898 CET | 49709 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:25:11.509923935 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:11.509967089 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:11.510040998 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:11.511084080 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:11.511094093 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.034635067 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.034712076 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:12.038022995 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:12.038034916 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.038364887 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.145423889 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:12.427505970 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:12.472233057 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.570595026 CET | 49709 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:25:12.570625067 CET | 443 | 49709 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:25:12.754259109 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 18:25:12.754327059 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 18:25:12.754695892 CET | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 18:25:12.754730940 CET | 443 | 49726 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 18:25:12.754972935 CET | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 18:25:12.755742073 CET | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 18:25:12.755752087 CET | 443 | 49726 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 18:25:12.765691996 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.765712976 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.765718937 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.765747070 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.765758991 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.765769005 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.765788078 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:12.765808105 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.765818119 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.765824080 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:12.765839100 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.765849113 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.765853882 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:12.765863895 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:12.765882015 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:12.765892029 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.765918016 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.766467094 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:12.914231062 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 18:25:12.914244890 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 18:25:12.984113932 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:12.984139919 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:12.984160900 CET | 49721 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:12.984165907 CET | 443 | 49721 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:13.083703995 CET | 443 | 49726 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 18:25:13.083781958 CET | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 18:25:32.239408016 CET | 443 | 49726 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 18:25:32.239490986 CET | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 18:25:45.884908915 CET | 49711 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:25:45.931539059 CET | 49714 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:25:46.063038111 CET | 80 | 49711 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:25:46.112602949 CET | 80 | 49714 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:25:46.207645893 CET | 49712 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:25:46.387975931 CET | 80 | 49712 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:25:49.359694004 CET | 49729 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:49.359786034 CET | 443 | 49729 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:49.359894037 CET | 49729 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:49.360292912 CET | 49729 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:49.360321045 CET | 443 | 49729 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:49.875962019 CET | 443 | 49729 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:49.876061916 CET | 49729 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:49.888572931 CET | 49729 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:49.888618946 CET | 443 | 49729 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:49.888885975 CET | 443 | 49729 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:49.916973114 CET | 49729 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:49.960237980 CET | 443 | 49729 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:50.384433031 CET | 443 | 49729 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:50.384455919 CET | 443 | 49729 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:50.384471893 CET | 443 | 49729 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:50.384552956 CET | 49729 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:50.384572983 CET | 443 | 49729 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:50.384591103 CET | 443 | 49729 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:50.384654045 CET | 49729 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:50.390214920 CET | 49729 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:50.390233994 CET | 443 | 49729 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:25:50.390258074 CET | 49729 | 443 | 192.168.2.5 | 40.127.169.103 |
Mar 28, 2024 18:25:50.390264034 CET | 443 | 49729 | 40.127.169.103 | 192.168.2.5 |
Mar 28, 2024 18:26:00.506674051 CET | 49731 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:26:00.506706953 CET | 443 | 49731 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:26:00.506850958 CET | 49731 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:26:00.507205963 CET | 49731 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:26:00.507217884 CET | 443 | 49731 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:26:00.720596075 CET | 443 | 49731 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:26:00.721041918 CET | 49731 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:26:00.721052885 CET | 443 | 49731 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:26:00.721345901 CET | 443 | 49731 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:26:00.721820116 CET | 49731 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:26:00.721896887 CET | 443 | 49731 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:26:00.766851902 CET | 49731 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:26:01.065196991 CET | 80 | 49711 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:26:01.065274000 CET | 49711 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:26:01.101325035 CET | 80 | 49714 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:26:01.101388931 CET | 49714 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:26:01.203402996 CET | 80 | 49712 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:26:01.203461885 CET | 49712 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:26:02.558473110 CET | 49711 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:26:02.558557034 CET | 49714 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:26:02.558558941 CET | 49712 | 80 | 192.168.2.5 | 35.82.168.99 |
Mar 28, 2024 18:26:02.737603903 CET | 80 | 49711 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:26:02.738552094 CET | 80 | 49712 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:26:02.738558054 CET | 80 | 49714 | 35.82.168.99 | 192.168.2.5 |
Mar 28, 2024 18:26:10.750144958 CET | 443 | 49731 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:26:10.750205040 CET | 443 | 49731 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:26:10.750408888 CET | 49731 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:26:12.559065104 CET | 49731 | 443 | 192.168.2.5 | 172.253.62.106 |
Mar 28, 2024 18:26:12.559089899 CET | 443 | 49731 | 172.253.62.106 | 192.168.2.5 |
Mar 28, 2024 18:26:23.291598082 CET | 49736 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.291640043 CET | 443 | 49736 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.291790009 CET | 49736 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.291894913 CET | 49737 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.291939974 CET | 443 | 49737 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.291974068 CET | 49736 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.291986942 CET | 443 | 49736 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.292004108 CET | 49737 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.292269945 CET | 49737 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.292277098 CET | 443 | 49737 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.494266987 CET | 443 | 49736 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.494596958 CET | 49736 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.494632006 CET | 443 | 49736 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.495610952 CET | 443 | 49736 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.495677948 CET | 49736 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.497502089 CET | 49736 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.497751951 CET | 443 | 49736 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.497754097 CET | 49736 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.498409033 CET | 443 | 49737 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.498805046 CET | 49737 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.498828888 CET | 443 | 49737 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.499712944 CET | 443 | 49737 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.499917984 CET | 49737 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.501382113 CET | 49737 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.501437902 CET | 443 | 49737 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.501614094 CET | 49737 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.501621008 CET | 443 | 49737 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.544239044 CET | 443 | 49736 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.581978083 CET | 49737 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.582094908 CET | 49736 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.582123041 CET | 443 | 49736 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.632591963 CET | 49736 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.720299006 CET | 443 | 49736 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.720377922 CET | 443 | 49736 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.720500946 CET | 49736 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.720669031 CET | 49736 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.720691919 CET | 443 | 49736 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.725049019 CET | 443 | 49737 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.725105047 CET | 443 | 49737 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:23.725210905 CET | 49737 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.725338936 CET | 49737 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:23.725353003 CET | 443 | 49737 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:29.830882072 CET | 49739 | 443 | 192.168.2.5 | 23.48.8.182 |
Mar 28, 2024 18:26:29.830914021 CET | 443 | 49739 | 23.48.8.182 | 192.168.2.5 |
Mar 28, 2024 18:26:29.831129074 CET | 49739 | 443 | 192.168.2.5 | 23.48.8.182 |
Mar 28, 2024 18:26:29.831182957 CET | 49739 | 443 | 192.168.2.5 | 23.48.8.182 |
Mar 28, 2024 18:26:29.831192017 CET | 443 | 49739 | 23.48.8.182 | 192.168.2.5 |
Mar 28, 2024 18:26:30.369894028 CET | 443 | 49739 | 23.48.8.182 | 192.168.2.5 |
Mar 28, 2024 18:26:30.370592117 CET | 49739 | 443 | 192.168.2.5 | 23.48.8.182 |
Mar 28, 2024 18:26:30.370606899 CET | 443 | 49739 | 23.48.8.182 | 192.168.2.5 |
Mar 28, 2024 18:26:30.371587992 CET | 443 | 49739 | 23.48.8.182 | 192.168.2.5 |
Mar 28, 2024 18:26:30.371702909 CET | 49739 | 443 | 192.168.2.5 | 23.48.8.182 |
Mar 28, 2024 18:26:30.373353004 CET | 49739 | 443 | 192.168.2.5 | 23.48.8.182 |
Mar 28, 2024 18:26:30.373466015 CET | 443 | 49739 | 23.48.8.182 | 192.168.2.5 |
Mar 28, 2024 18:26:30.373572111 CET | 49739 | 443 | 192.168.2.5 | 23.48.8.182 |
Mar 28, 2024 18:26:30.420227051 CET | 443 | 49739 | 23.48.8.182 | 192.168.2.5 |
Mar 28, 2024 18:26:30.430881023 CET | 49739 | 443 | 192.168.2.5 | 23.48.8.182 |
Mar 28, 2024 18:26:30.430888891 CET | 443 | 49739 | 23.48.8.182 | 192.168.2.5 |
Mar 28, 2024 18:26:30.478796959 CET | 49739 | 443 | 192.168.2.5 | 23.48.8.182 |
Mar 28, 2024 18:26:30.552166939 CET | 443 | 49739 | 23.48.8.182 | 192.168.2.5 |
Mar 28, 2024 18:26:30.552407980 CET | 443 | 49739 | 23.48.8.182 | 192.168.2.5 |
Mar 28, 2024 18:26:30.552963018 CET | 49739 | 443 | 192.168.2.5 | 23.48.8.182 |
Mar 28, 2024 18:26:30.552973032 CET | 443 | 49739 | 23.48.8.182 | 192.168.2.5 |
Mar 28, 2024 18:26:30.552999020 CET | 49739 | 443 | 192.168.2.5 | 23.48.8.182 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 28, 2024 18:24:58.349685907 CET | 53 | 56290 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:24:58.354849100 CET | 53 | 62146 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:24:58.987791061 CET | 53 | 51119 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:25:00.211245060 CET | 64156 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 28, 2024 18:25:00.211357117 CET | 50897 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 28, 2024 18:25:00.445795059 CET | 52955 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 28, 2024 18:25:00.446017027 CET | 62792 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 28, 2024 18:25:00.540904999 CET | 53 | 62792 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:25:00.540925026 CET | 53 | 52955 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:25:00.618932962 CET | 53 | 64156 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:25:00.731764078 CET | 53 | 50897 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:25:01.206142902 CET | 50177 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 28, 2024 18:25:01.206298113 CET | 62891 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 28, 2024 18:25:01.310482025 CET | 53 | 62891 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:25:01.316504955 CET | 53 | 50177 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:25:15.994404078 CET | 53 | 53049 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:25:34.901618958 CET | 53 | 63120 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:25:57.408617020 CET | 53 | 56804 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:25:58.107042074 CET | 53 | 56462 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:26:23.194477081 CET | 56677 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 28, 2024 18:26:23.290431023 CET | 53 | 56677 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:26:26.898700953 CET | 53 | 63693 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:26:29.624901056 CET | 54344 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:29.721501112 CET | 443 | 54344 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:29.721529961 CET | 443 | 54344 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:29.721594095 CET | 443 | 54344 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:29.723104954 CET | 54344 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:29.730777979 CET | 54344 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:29.731080055 CET | 54344 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:29.731347084 CET | 54344 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:29.825658083 CET | 443 | 54344 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:29.825664997 CET | 443 | 54344 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:29.825676918 CET | 443 | 54344 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:29.825716019 CET | 443 | 54344 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:29.826065063 CET | 54344 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:29.826154947 CET | 54344 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:29.826581955 CET | 443 | 54344 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:29.830126047 CET | 443 | 54344 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:29.857211113 CET | 54344 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:29.920655966 CET | 443 | 54344 | 162.159.61.3 | 192.168.2.5 |
Mar 28, 2024 18:26:29.946491957 CET | 54344 | 443 | 192.168.2.5 | 162.159.61.3 |
Mar 28, 2024 18:26:41.947514057 CET | 65507 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 28, 2024 18:26:42.042932034 CET | 53 | 65507 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Mar 28, 2024 18:25:00.731993914 CET | 192.168.2.5 | 1.1.1.1 | c2ae | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 28, 2024 18:25:00.211245060 CET | 192.168.2.5 | 1.1.1.1 | 0x3fa2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 28, 2024 18:25:00.211357117 CET | 192.168.2.5 | 1.1.1.1 | 0xb4c9 | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 28, 2024 18:25:00.445795059 CET | 192.168.2.5 | 1.1.1.1 | 0x8ace | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 28, 2024 18:25:00.446017027 CET | 192.168.2.5 | 1.1.1.1 | 0xda22 | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 28, 2024 18:25:01.206142902 CET | 192.168.2.5 | 1.1.1.1 | 0xbd0a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 28, 2024 18:25:01.206298113 CET | 192.168.2.5 | 1.1.1.1 | 0x458d | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 28, 2024 18:26:23.194477081 CET | 192.168.2.5 | 1.1.1.1 | 0x56cf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 28, 2024 18:26:41.947514057 CET | 192.168.2.5 | 1.1.1.1 | 0x31d9 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 28, 2024 18:25:00.540904999 CET | 1.1.1.1 | 192.168.2.5 | 0xda22 | No error (0) | 65 | IN (0x0001) | false | |||
Mar 28, 2024 18:25:00.540925026 CET | 1.1.1.1 | 192.168.2.5 | 0x8ace | No error (0) | 172.253.62.106 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:00.540925026 CET | 1.1.1.1 | 192.168.2.5 | 0x8ace | No error (0) | 172.253.62.147 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:00.540925026 CET | 1.1.1.1 | 192.168.2.5 | 0x8ace | No error (0) | 172.253.62.103 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:00.540925026 CET | 1.1.1.1 | 192.168.2.5 | 0x8ace | No error (0) | 172.253.62.104 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:00.540925026 CET | 1.1.1.1 | 192.168.2.5 | 0x8ace | No error (0) | 172.253.62.105 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:00.540925026 CET | 1.1.1.1 | 192.168.2.5 | 0x8ace | No error (0) | 172.253.62.99 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:00.618932962 CET | 1.1.1.1 | 192.168.2.5 | 0x3fa2 | No error (0) | email.inbox.guru | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:00.618932962 CET | 1.1.1.1 | 192.168.2.5 | 0x3fa2 | No error (0) | lb_capture.inbox.guru | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:00.618932962 CET | 1.1.1.1 | 192.168.2.5 | 0x3fa2 | No error (0) | alb-uw2-ig-trans-968983241.us-west-2.elb.amazonaws.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:00.618932962 CET | 1.1.1.1 | 192.168.2.5 | 0x3fa2 | No error (0) | 35.82.168.99 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:00.618932962 CET | 1.1.1.1 | 192.168.2.5 | 0x3fa2 | No error (0) | 52.88.13.221 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:00.731764078 CET | 1.1.1.1 | 192.168.2.5 | 0xb4c9 | No error (0) | email.inbox.guru | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:00.731764078 CET | 1.1.1.1 | 192.168.2.5 | 0xb4c9 | No error (0) | lb_capture.inbox.guru | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:00.731764078 CET | 1.1.1.1 | 192.168.2.5 | 0xb4c9 | No error (0) | alb-uw2-ig-trans-968983241.us-west-2.elb.amazonaws.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:01.316504955 CET | 1.1.1.1 | 192.168.2.5 | 0xbd0a | No error (0) | 13.249.178.69 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:01.316504955 CET | 1.1.1.1 | 192.168.2.5 | 0xbd0a | No error (0) | 13.249.178.148 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:01.316504955 CET | 1.1.1.1 | 192.168.2.5 | 0xbd0a | No error (0) | 13.249.178.214 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:25:01.316504955 CET | 1.1.1.1 | 192.168.2.5 | 0xbd0a | No error (0) | 13.249.178.116 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:26:23.290431023 CET | 1.1.1.1 | 192.168.2.5 | 0x56cf | No error (0) | 162.159.61.3 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:26:23.290431023 CET | 1.1.1.1 | 192.168.2.5 | 0x56cf | No error (0) | 172.64.41.3 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:26:42.042932034 CET | 1.1.1.1 | 192.168.2.5 | 0x31d9 | No error (0) | 162.159.61.3 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:26:42.042932034 CET | 1.1.1.1 | 192.168.2.5 | 0x31d9 | No error (0) | 172.64.41.3 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49712 | 35.82.168.99 | 80 | 4148 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 28, 2024 18:25:00.889971018 CET | 1535 | OUT | |
Mar 28, 2024 18:25:01.202475071 CET | 885 | IN | |
Mar 28, 2024 18:25:46.207645893 CET | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49711 | 35.82.168.99 | 80 | 4148 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 28, 2024 18:25:45.884908915 CET | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49714 | 35.82.168.99 | 80 | 4148 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 28, 2024 18:25:45.931539059 CET | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49715 | 13.249.178.69 | 443 | 4148 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 17:25:01 UTC | 773 | OUT | |
2024-03-28 17:25:01 UTC | 504 | IN | |
2024-03-28 17:25:01 UTC | 16384 | IN | |
2024-03-28 17:25:01 UTC | 16384 | IN | |
2024-03-28 17:25:01 UTC | 16384 | IN | |
2024-03-28 17:25:01 UTC | 14808 | IN | |
2024-03-28 17:25:01 UTC | 16384 | IN | |
2024-03-28 17:25:01 UTC | 16384 | IN | |
2024-03-28 17:25:01 UTC | 16384 | IN | |
2024-03-28 17:25:01 UTC | 16384 | IN | |
2024-03-28 17:25:01 UTC | 310 | IN | |
2024-03-28 17:25:01 UTC | 16384 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49716 | 13.249.178.69 | 443 | 4148 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 17:25:03 UTC | 715 | OUT | |
2024-03-28 17:25:03 UTC | 357 | IN | |
2024-03-28 17:25:03 UTC | 249 | IN | |
2024-03-28 17:25:03 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49717 | 23.54.46.90 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 17:25:04 UTC | 161 | OUT | |
2024-03-28 17:25:04 UTC | 468 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.5 | 49718 | 13.249.178.69 | 443 | 4148 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 17:25:04 UTC | 445 | OUT | |
2024-03-28 17:25:04 UTC | 504 | IN | |
2024-03-28 17:25:04 UTC | 16384 | IN | |
2024-03-28 17:25:04 UTC | 16384 | IN | |
2024-03-28 17:25:05 UTC | 16384 | IN | |
2024-03-28 17:25:05 UTC | 16384 | IN | |
2024-03-28 17:25:05 UTC | 16384 | IN | |
2024-03-28 17:25:05 UTC | 16384 | IN | |
2024-03-28 17:25:05 UTC | 16384 | IN | |
2024-03-28 17:25:05 UTC | 13232 | IN | |
2024-03-28 17:25:05 UTC | 16384 | IN | |
2024-03-28 17:25:05 UTC | 11268 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.5 | 49719 | 23.54.46.90 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 17:25:05 UTC | 239 | OUT | |
2024-03-28 17:25:05 UTC | 805 | IN | |
2024-03-28 17:25:05 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.5 | 49721 | 40.127.169.103 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 17:25:12 UTC | 306 | OUT | |
2024-03-28 17:25:12 UTC | 560 | IN | |
2024-03-28 17:25:12 UTC | 15824 | IN | |
2024-03-28 17:25:12 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.5 | 49729 | 40.127.169.103 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 17:25:49 UTC | 306 | OUT | |
2024-03-28 17:25:50 UTC | 560 | IN | |
2024-03-28 17:25:50 UTC | 15824 | IN | |
2024-03-28 17:25:50 UTC | 9633 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.5 | 49736 | 162.159.61.3 | 443 | 2380 | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 17:26:23 UTC | 245 | OUT | |
2024-03-28 17:26:23 UTC | 128 | OUT | |
2024-03-28 17:26:23 UTC | 247 | IN | |
2024-03-28 17:26:23 UTC | 468 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.5 | 49737 | 162.159.61.3 | 443 | 2380 | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 17:26:23 UTC | 245 | OUT | |
2024-03-28 17:26:23 UTC | 128 | OUT | |
2024-03-28 17:26:23 UTC | 247 | IN | |
2024-03-28 17:26:23 UTC | 468 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
9 | 192.168.2.5 | 49739 | 23.48.8.182 | 443 | 2380 | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 17:26:30 UTC | 475 | OUT | |
2024-03-28 17:26:30 UTC | 198 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 18:24:51 |
Start date: | 28/03/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 18:24:54 |
Start date: | 28/03/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 18:24:59 |
Start date: | 28/03/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 7 |
Start time: | 18:26:16 |
Start date: | 28/03/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff686a00000 |
File size: | 5'641'176 bytes |
MD5 hash: | 24EAD1C46A47022347DC0F05F6EFBB8C |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 8 |
Start time: | 18:26:16 |
Start date: | 28/03/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6413e0000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 9 |
Start time: | 18:26:16 |
Start date: | 28/03/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6413e0000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |