Windows
Analysis Report
file.exe
Overview
General Information
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- file.exe (PID: 5520 cmdline:
"C:\Users\ user\Deskt op\file.ex e" MD5: 594BAF3349F36A497A12A0D40C2B27A1) - conhost.exe (PID: 2836 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: 0D698AF330FD17BEE3BF90011D49251D) - RegAsm.exe (PID: 1972 cmdline:
"C:\Window s\Microsof t.NET\Fram ework\v4.0 .30319\Reg Asm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13) - RegAsm.exe (PID: 3996 cmdline:
"C:\Window s\Microsof t.NET\Fram ework\v4.0 .30319\Reg Asm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13) - WerFault.exe (PID: 2436 cmdline:
C:\Windows \SysWOW64\ WerFault.e xe -u -p 5 520 -s 920 MD5: C31336C1EFC2CCB44B4326EA793040F2)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_RiseProStealer | Yara detected RisePro Stealer | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_RiseProStealer | Yara detected RisePro Stealer | Joe Security | ||
JoeSecurity_RiseProStealer | Yara detected RisePro Stealer | Joe Security | ||
JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security |
System Summary |
---|
Source: | Author: Christian Burkard (Nextron Systems): |
Timestamp: | 03/28/24-18:55:12.392688 |
SID: | 2046266 |
Source Port: | 50500 |
Destination Port: | 49721 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/28/24-18:55:07.976970 |
SID: | 2049660 |
Source Port: | 50500 |
Destination Port: | 49710 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/28/24-18:54:59.765115 |
SID: | 2049060 |
Source Port: | 49710 |
Destination Port: | 50500 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/28/24-18:54:59.975602 |
SID: | 2046266 |
Source Port: | 50500 |
Destination Port: | 49710 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
AV Detection |
---|
Source: | ReversingLabs: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: |
Change of critical system settings |
---|
Source: | Registry key created or modified: | Jump to behavior | ||
Source: | Registry key created or modified: | Jump to behavior |
Source: | Code function: | 3_2_03A3718E | |
Source: | Code function: | 3_2_039EB590 | |
Source: | Code function: | 3_2_03A1C4EB | |
Source: | Code function: | 3_2_039EAD70 | |
Source: | Code function: | 3_2_004DC7AB | |
Source: | Code function: | 3_2_004DC7CB |
Networking |
---|
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | TCP traffic: |
Source: | IP Address: | ||
Source: | IP Address: | ||
Source: | IP Address: |
Source: | ASN Name: |
Source: | JA3 fingerprint: |
Source: | DNS query: | ||
Source: | DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | Code function: | 3_2_03A011D0 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 3_2_03A0BAC0 |
Source: | Code function: | 3_2_039F32B0 |
System Summary |
---|
Source: | Large array initialization: |
Source: | Process Stats: |
Source: | Code function: | 3_2_039EBF60 |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | Code function: | 0_2_01500EEF | |
Source: | Code function: | 3_2_039F32B0 | |
Source: | Code function: | 3_2_03A011D0 | |
Source: | Code function: | 3_2_03A0C6B0 | |
Source: | Code function: | 3_2_039E94A0 | |
Source: | Code function: | 3_2_03A0BF70 | |
Source: | Code function: | 3_2_039E9CC0 | |
Source: | Code function: | 3_2_039E4380 | |
Source: | Code function: | 3_2_03A273E0 | |
Source: | Code function: | 3_2_03A052B0 | |
Source: | Code function: | 3_2_039F0230 | |
Source: | Code function: | 3_2_039EC240 | |
Source: | Code function: | 3_2_03A2709E | |
Source: | Code function: | 3_2_03A350D0 | |
Source: | Code function: | 3_2_03A21070 | |
Source: | Code function: | 3_2_039EF060 | |
Source: | Code function: | 3_2_03A087D0 | |
Source: | Code function: | 3_2_03A2773F | |
Source: | Code function: | 3_2_03A2B6F0 | |
Source: | Code function: | 3_2_039EF4E0 | |
Source: | Code function: | 3_2_039F1BE0 | |
Source: | Code function: | 3_2_03A03B40 | |
Source: | Code function: | 3_2_03A06B50 | |
Source: | Code function: | 3_2_03A398CD | |
Source: | Code function: | 3_2_03A35869 | |
Source: | Code function: | 3_2_03A3AF5B | |
Source: | Code function: | 3_2_0045E160 | |
Source: | Code function: | 3_2_004421C0 | |
Source: | Code function: | 3_2_004261AD | |
Source: | Code function: | 3_2_0048E350 | |
Source: | Code function: | 3_2_00456320 | |
Source: | Code function: | 3_2_00420440 | |
Source: | Code function: | 3_2_004485E0 | |
Source: | Code function: | 3_2_00458670 | |
Source: | Code function: | 3_2_0043A7A0 | |
Source: | Code function: | 3_2_004569A0 | |
Source: | Code function: | 3_2_00562A3E | |
Source: | Code function: | 3_2_00430AE0 | |
Source: | Code function: | 3_2_00428AEC | |
Source: | Code function: | 3_2_00422C68 | |
Source: | Code function: | 3_2_0042CE07 | |
Source: | Code function: | 3_2_00436F7F | |
Source: | Code function: | 3_2_0048F040 | |
Source: | Code function: | 3_2_0054F0B4 | |
Source: | Code function: | 3_2_00431250 | |
Source: | Code function: | 3_2_004612C0 | |
Source: | Code function: | 3_2_0043D4D0 | |
Source: | Code function: | 3_2_0041F9F0 | |
Source: | Code function: | 3_2_0043BBC0 | |
Source: | Code function: | 3_2_0042DBB0 | |
Source: | Code function: | 3_2_0040DC50 | |
Source: | Code function: | 3_2_004DBC20 | |
Source: | Code function: | 3_2_0048DDB0 | |
Source: | Code function: | 3_2_0043BF1C | |
Source: | Code function: | 3_2_00553F91 | |
Source: | Code function: | 3_2_00441FA0 | |
Source: | Code function: | 3_2_00440004 | |
Source: | Code function: | 3_2_0053803E | |
Source: | Code function: | 3_2_004960E0 | |
Source: | Code function: | 3_2_005A20E3 | |
Source: | Code function: | 3_2_0059014D | |
Source: | Code function: | 3_2_004261C5 | |
Source: | Code function: | 3_2_0057E1C0 | |
Source: | Code function: | 3_2_00550262 | |
Source: | Code function: | 3_2_005AE267 | |
Source: | Code function: | 3_2_0045A219 | |
Source: | Code function: | 3_2_005502D0 | |
Source: | Code function: | 3_2_0045E2C8 | |
Source: | Code function: | 3_2_00426333 | |
Source: | Code function: | 3_2_0054A3C9 | |
Source: | Code function: | 3_2_00486390 | |
Source: | Code function: | 3_2_0044A3A8 | |
Source: | Code function: | 3_2_0044E3B0 | |
Source: | Code function: | 3_2_0057A462 | |
Source: | Code function: | 3_2_00536417 | |
Source: | Code function: | 3_2_004024F0 | |
Source: | Code function: | 3_2_00426554 | |
Source: | Code function: | 3_2_00430530 | |
Source: | Code function: | 3_2_004605C8 | |
Source: | Code function: | 3_2_0044A5F9 | |
Source: | Code function: | 3_2_00460748 | |
Source: | Code function: | 3_2_0045E779 | |
Source: | Code function: | 3_2_0057C79A | |
Source: | Code function: | 3_2_005968CD | |
Source: | Code function: | 3_2_004A0930 | |
Source: | Code function: | 3_2_0045A9C8 | |
Source: | Code function: | 3_2_0042E9D9 | |
Source: | Code function: | 3_2_0044A9F9 | |
Source: | Code function: | 3_2_00484990 | |
Source: | Code function: | 3_2_004EAA7F | |
Source: | Code function: | 3_2_00492AB0 | |
Source: | Code function: | 3_2_00552B55 | |
Source: | Code function: | 3_2_005B2B78 | |
Source: | Code function: | 3_2_00590B7F | |
Source: | Code function: | 3_2_0048EB70 | |
Source: | Code function: | 3_2_0056EB2B | |
Source: | Code function: | 3_2_00408CC0 | |
Source: | Code function: | 3_2_0059CCF9 | |
Source: | Code function: | 3_2_00428CA3 | |
Source: | Code function: | 3_2_00484D20 | |
Source: | Code function: | 3_2_0048EE10 | |
Source: | Code function: | 3_2_00458E19 | |
Source: | Code function: | 3_2_00428EC8 | |
Source: | Code function: | 3_2_00586EC2 | |
Source: | Code function: | 3_2_00422E98 | |
Source: | Code function: | 3_2_00458F79 | |
Source: | Code function: | 3_2_00426FF7 | |
Source: | Code function: | 3_2_0069506D | |
Source: | Code function: | 3_2_00429073 | |
Source: | Code function: | 3_2_004370E8 | |
Source: | Code function: | 3_2_004890B0 | |
Source: | Code function: | 3_2_0043F159 | |
Source: | Code function: | 3_2_0042D208 | |
Source: | Code function: | 3_2_00481220 | |
Source: | Code function: | 3_2_00427289 | |
Source: | Code function: | 3_2_004852B0 | |
Source: | Code function: | 3_2_0054336D | |
Source: | Code function: | 3_2_0054531E | |
Source: | Code function: | 3_2_0045F3E7 | |
Source: | Code function: | 3_2_0042939B | |
Source: | Code function: | 3_2_0053345D | |
Source: | Code function: | 3_2_0059553E | |
Source: | Code function: | 3_2_0048B5C0 | |
Source: | Code function: | 3_2_004295ED | |
Source: | Code function: | 3_2_00417630 | |
Source: | Code function: | 3_2_00491630 | |
Source: | Code function: | 3_2_00459639 | |
Source: | Code function: | 3_2_004196C0 | |
Source: | Code function: | 3_2_0044B750 | |
Source: | Code function: | 3_2_00535781 | |
Source: | Code function: | 3_2_00483790 | |
Source: | Code function: | 3_2_00429804 | |
Source: | Code function: | 3_2_0053788A | |
Source: | Code function: | 3_2_004E18B0 | |
Source: | Code function: | 3_2_00449900 | |
Source: | Code function: | 3_2_0053FA64 | |
Source: | Code function: | 3_2_00539B16 | |
Source: | Code function: | 3_2_0045BBD0 | |
Source: | Code function: | 3_2_00539BC9 | |
Source: | Code function: | 3_2_00543C20 | |
Source: | Code function: | 3_2_00485CE0 | |
Source: | Code function: | 3_2_00415D0F | |
Source: | Code function: | 3_2_0045FDE8 | |
Source: | Code function: | 3_2_00491DF0 | |
Source: | Code function: | 3_2_00579E59 | |
Source: | Code function: | 3_2_0043BE50 |
Source: | Process created: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 3_2_039F0230 |
Source: | File created: | Jump to behavior |
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: |
Source: | File created: | Jump to behavior |
Source: | Static PE information: |
Source: | Static file information: |
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | ReversingLabs: |
Source: | String found in binary or memory: |
Source: | File read: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | File written: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static file information: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: |
Source: | Code function: | 3_2_03A0BF70 |
Source: | Code function: | 3_2_03A1F3F2 | |
Source: | Code function: | 3_2_03A4524E | |
Source: | Code function: | 3_2_004DE69C | |
Source: | Code function: | 3_2_00446F4F | |
Source: | Code function: | 3_2_00446F68 | |
Source: | Code function: | 3_2_00446F81 | |
Source: | Code function: | 3_2_00446FD2 | |
Source: | Code function: | 3_2_00446FE5 | |
Source: | Code function: | 3_2_00446FF8 | |
Source: | Code function: | 3_2_00446FAF | |
Source: | Code function: | 3_2_00446FC2 | |
Source: | Code function: | 3_2_00695185 | |
Source: | Code function: | 3_2_0044700B | |
Source: | Code function: | 3_2_00445A6D |
Source: | Code function: | 3_2_03A16E70 |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Sandbox detection routine: | graph_3-160431 |
Source: | Evasive API call chain: | graph_3-160433 |
Source: | Stalling execution: | graph_3-160370 |
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior |
Source: | Code function: | 3_2_0056E207 |
Source: | Code function: | 3_2_00463320 |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | Last function: | ||
Source: | Last function: |
Source: | Code function: | 3_2_03A3718E | |
Source: | Code function: | 3_2_039EB590 | |
Source: | Code function: | 3_2_03A1C4EB | |
Source: | Code function: | 3_2_039EAD70 | |
Source: | Code function: | 3_2_004DC7AB | |
Source: | Code function: | 3_2_004DC7CB |
Source: | Thread delayed: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Process information queried: | Jump to behavior |
Source: | Process queried: | Jump to behavior | ||
Source: | Process queried: | Jump to behavior |
Source: | Code function: | 3_2_0056E207 |
Source: | Code function: | 3_2_03A1F7D9 |
Source: | Code function: | 3_2_004641D9 |
Source: | Code function: | 3_2_03A0BF70 |
Source: | Code function: | 3_2_004641D9 | |
Source: | Code function: | 3_2_004645FC | |
Source: | Code function: | 3_2_00562A3E | |
Source: | Code function: | 3_2_00562A3E | |
Source: | Code function: | 3_2_00562A3E | |
Source: | Code function: | 3_2_00562A3E | |
Source: | Code function: | 3_2_00562A3E | |
Source: | Code function: | 3_2_00562A3E | |
Source: | Code function: | 3_2_00562A3E | |
Source: | Code function: | 3_2_00562A3E | |
Source: | Code function: | 3_2_00562A3E | |
Source: | Code function: | 3_2_00562A3E | |
Source: | Code function: | 3_2_0043CD3B | |
Source: | Code function: | 3_2_00463320 | |
Source: | Code function: | 3_2_00463320 | |
Source: | Code function: | 3_2_0041B4D0 | |
Source: | Code function: | 3_2_00553F91 | |
Source: | Code function: | 3_2_00553F91 | |
Source: | Code function: | 3_2_0041B4D0 | |
Source: | Code function: | 3_2_00414090 | |
Source: | Code function: | 3_2_004643B6 | |
Source: | Code function: | 3_2_0041B4D0 | |
Source: | Code function: | 3_2_004646E9 | |
Source: | Code function: | 3_2_0041B4D0 | |
Source: | Code function: | 3_2_0041F3B0 | |
Source: | Code function: | 3_2_0046375F | |
Source: | Code function: | 3_2_0041B4D0 | |
Source: | Code function: | 3_2_00463A47 | |
Source: | Code function: | 3_2_00463A47 | |
Source: | Code function: | 3_2_00465B43 |
Source: | Code function: | 3_2_03A38383 |
Source: | Code function: | 3_2_03A1F7D9 | |
Source: | Code function: | 3_2_03A1FAC6 | |
Source: | Code function: | 3_2_03A28865 |
Source: | Memory allocated: | Jump to behavior |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | Reference to suspicious API methods: | ||
Source: | Reference to suspicious API methods: | ||
Source: | Reference to suspicious API methods: |
Source: | Memory allocated: | Jump to behavior |
Source: | Code function: | 0_2_02EB2115 |
Source: | Code function: | 3_2_00419360 |
Source: | Registry value deleted: | Jump to behavior |
Source: | Memory written: | Jump to behavior |
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior |
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Code function: | 3_2_03A1F5CC |
Source: | Code function: | 3_2_03A1C308 | |
Source: | Code function: | 3_2_03A3A234 | |
Source: | Code function: | 3_2_03A3A1A9 | |
Source: | Code function: | 3_2_03A2E107 | |
Source: | Code function: | 3_2_03A3A10E | |
Source: | Code function: | 3_2_03A3A0C3 | |
Source: | Code function: | 3_2_03A3A78C | |
Source: | Code function: | 3_2_03A3A6B6 | |
Source: | Code function: | 3_2_03A3A5B0 | |
Source: | Code function: | 3_2_03A3A487 | |
Source: | Code function: | 3_2_03A2DB9B | |
Source: | Code function: | 3_2_03A39E17 |
Source: | Registry key value queried: | Jump to behavior | ||
Source: | Registry key value queried: | Jump to behavior |
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior |
Source: | Code function: | 3_2_03A1EADA |
Source: | Code function: | 3_2_03A0BF70 |
Source: | Key value queried: | Jump to behavior |
Lowering of HIPS / PFW / Operating System Security Settings |
---|
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior |
Source: | Registry value created: | Jump to behavior |
Source: | File written: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 1 Valid Accounts | 21 Native API | 1 DLL Side-Loading | 1 DLL Side-Loading | 51 Disable or Modify Tools | 1 OS Credential Dumping | 1 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | 2 Command and Scripting Interpreter | 1 Create Account | 1 Bypass User Account Control | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 3 File and Directory Discovery | Remote Desktop Protocol | 2 Data from Local System | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | 1 Valid Accounts | 1 Valid Accounts | 2 Obfuscated Files or Information | Security Account Manager | 45 System Information Discovery | SMB/Windows Admin Shares | 1 Screen Capture | 1 Non-Standard Port | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 1 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 171 Security Software Discovery | Distributed Component Object Model | 1 Email Collection | 2 Non-Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 511 Process Injection | 1 Bypass User Account Control | LSA Secrets | 131 Virtualization/Sandbox Evasion | SSH | Keylogging | 13 Application Layer Protocol | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 11 Masquerading | Cached Domain Credentials | 2 Process Discovery | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 1 Valid Accounts | DCSync | 1 Application Window Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 1 Access Token Manipulation | Proc Filesystem | 1 System Network Configuration Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | 131 Virtualization/Sandbox Evasion | /etc/passwd and /etc/shadow | Network Sniffing | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
IP Addresses | Compromise Infrastructure | Supply Chain Compromise | PowerShell | Cron | Cron | 511 Process Injection | Network Sniffing | Network Service Discovery | Shared Webroot | Local Data Staging | File Transfer Protocols | Exfiltration Over Asymmetric Encrypted Non-C2 Protocol | External Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
21% | ReversingLabs | ByteCode-MSIL.Trojan.Generic |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
ipinfo.io | 34.117.186.192 | true | false | high | |
db-ip.com | 172.67.75.166 | true | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false | high |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
34.117.186.192 | ipinfo.io | United States | 139070 | GOOGLE-AS-APGoogleAsiaPacificPteLtdSG | false | |
172.67.75.166 | db-ip.com | United States | 13335 | CLOUDFLARENETUS | false | |
193.233.132.114 | unknown | Russian Federation | 2895 | FREE-NET-ASFREEnetEU | true |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1417199 |
Start date and time: | 2024-03-28 18:54:09 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 8m 46s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 14 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | file.exe |
Detection: | MAL |
Classification: | mal100.troj.spyw.evad.winEXE@7/33@2/3 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WerFault.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 20.42.73.29
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, login.live.com, slscr.update.microsoft.com, blobcollector.events.data.trafficmanager.net, onedsblobprdeus15.eastus.cloudapp.azure.com, ctldl.windowsupdate.com, umwatson.events.data.microsoft.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing behavior information.
- Report size exceeded maximum capacity and may have missing disassembly code.
- Report size getting too big, too many NtCreateFile calls found.
- Report size getting too big, too many NtOpenFile calls found.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtProtectVirtualMemory calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- VT rate limit hit for: file.exe
Time | Type | Description |
---|---|---|
18:55:04 | API Interceptor | |
18:55:04 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
34.117.186.192 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Planet Stealer | Browse |
| ||
Get hash | malicious | Planet Stealer | Browse |
| ||
Get hash | malicious | Xmrig | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | RedLine | Browse |
| ||
Get hash | malicious | RedLine | Browse |
| ||
172.67.75.166 | Get hash | malicious | LummaC, PureLog Stealer, RisePro Stealer | Browse | ||
Get hash | malicious | RisePro Stealer | Browse | |||
Get hash | malicious | LummaC, PureLog Stealer, RisePro Stealer | Browse | |||
Get hash | malicious | RisePro Stealer | Browse | |||
Get hash | malicious | Amadey, Mars Stealer, PureLog Stealer, RisePro Stealer, SmokeLoader, Stealc, Vidar | Browse | |||
Get hash | malicious | RisePro Stealer | Browse | |||
Get hash | malicious | RisePro Stealer | Browse | |||
Get hash | malicious | Amadey, RisePro Stealer | Browse | |||
Get hash | malicious | RisePro Stealer | Browse | |||
Get hash | malicious | Amadey, RisePro Stealer | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
ipinfo.io | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | Amadey, Glupteba, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoader | Browse |
| ||
Get hash | malicious | DCRat, PureLog Stealer, zgRAT | Browse |
| ||
Get hash | malicious | NovaSentinel | Browse |
| ||
Get hash | malicious | LummaC, PureLog Stealer, RisePro Stealer | Browse |
| ||
Get hash | malicious | RisePro Stealer | Browse |
| ||
Get hash | malicious | RisePro Stealer | Browse |
| ||
Get hash | malicious | RisePro Stealer | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
db-ip.com | Get hash | malicious | Amadey, Glupteba, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoader | Browse |
| |
Get hash | malicious | LummaC, PureLog Stealer, RisePro Stealer | Browse |
| ||
Get hash | malicious | RisePro Stealer | Browse |
| ||
Get hash | malicious | RisePro Stealer | Browse |
| ||
Get hash | malicious | RisePro Stealer | Browse |
| ||
Get hash | malicious | LummaC, Amadey, LummaC Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoader | Browse |
| ||
Get hash | malicious | LummaC, PureLog Stealer, RisePro Stealer | Browse |
| ||
Get hash | malicious | LummaC, PureLog Stealer, RisePro Stealer | Browse |
| ||
Get hash | malicious | RisePro Stealer | Browse |
| ||
Get hash | malicious | RisePro Stealer | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
FREE-NET-ASFREEnetEU | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Amadey, Glupteba, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoader | Browse |
| ||
Get hash | malicious | LummaC, PureLog Stealer, RisePro Stealer | Browse |
| ||
Get hash | malicious | Amadey, PureLog Stealer, RedLine, SmokeLoader, XWorm, zgRAT | Browse |
| ||
Get hash | malicious | RisePro Stealer | Browse |
| ||
Get hash | malicious | RisePro Stealer | Browse |
| ||
Get hash | malicious | RisePro Stealer | Browse |
| ||
Get hash | malicious | Glupteba, Mars Stealer, Stealc, Vidar | Browse |
| ||
Get hash | malicious | LummaC, Amadey, LummaC Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoader | Browse |
| ||
Get hash | malicious | LummaC, PureLog Stealer, RisePro Stealer | Browse |
| ||
GOOGLE-AS-APGoogleAsiaPacificPteLtdSG | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Amadey, Glupteba, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoader | Browse |
| ||
Get hash | malicious | DCRat, PureLog Stealer, zgRAT | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
CLOUDFLARENETUS | Get hash | malicious | LummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, SmokeLoader | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | LummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, SmokeLoader | Browse |
| ||
Get hash | malicious | HtmlDropper, HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
a0e9f5d64349fb13191bc781f81f42e1 | Get hash | malicious | LummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, SmokeLoader | Browse |
| |
Get hash | malicious | LummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, SmokeLoader | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | LummaC | Browse |
| ||
Get hash | malicious | LummaC | Browse |
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_file.exe_f0dd97822b734f48bb93146822a7469b1ddcd7_c7a49cb5_42ec796d-5abc-499e-a351-cec9f6777abe\Report.wer
Download File
Process: | C:\Windows\SysWOW64\WerFault.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 65536 |
Entropy (8bit): | 0.909543907542709 |
Encrypted: | false |
SSDEEP: | 192:izImBIEvwP4Gac0BU/7ExaOszuiFsZ24IO8IB:+I8LwnaXBU/qaVzuiFsY4IO88 |
MD5: | B524CD951EFEB812C55BDA37EC420A6A |
SHA1: | FC1CEE850984CA1889F961916DDDC9993B31412B |
SHA-256: | EFF1D7D4E96CF47219EC1AFBA7A37D686F48AB72A09F3223CE2ECDEA4B1CF8E5 |
SHA-512: | 6C30BD0167B9EEC67DB664AEDE183F713BDE861CD1049C1C0BE8C089487C11DFF464200AF0803831D87525B84DC918AA570086F6388C4C60D71BDFB4CA356C45 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Windows\SysWOW64\WerFault.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 175598 |
Entropy (8bit): | 3.9046718784064365 |
Encrypted: | false |
SSDEEP: | 1536:nxPpN4uE2aOESVXaZLTg78XLpAX8O/MCDEtTnztuBojR3sz2:nl4uEqEyaLTgJjH+nLc |
MD5: | BEE0FD3ABB89C9937D9806CFBA5E958C |
SHA1: | C1CDF2E31FE98BAD0ACE4E25AD9712215F233FE9 |
SHA-256: | A5CF481FE88F15F342F9B5D8F0E9F5BB8F87322E91704E9636314BB2A3C1555F |
SHA-512: | 0D71077964CD3A8E1F13AF0914F44A3349EB1475B752E98499C324A17B42C48F386A0DFD17B4E256670A4BBBE3D859AC5AE02D59458F15B1A720D09FB63D0057 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Windows\SysWOW64\WerFault.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8310 |
Entropy (8bit): | 3.700094402372481 |
Encrypted: | false |
SSDEEP: | 192:R6l7wVeJGCR6z6YEIGSU9jLrZgmfBu4JFpr189bD+sfg9Bm:R6lXJT6z6YEJSU9frZgmfU4JqD9fgy |
MD5: | BE23C8ED36F90F7872826F13C3F7A932 |
SHA1: | 86FA9EF1D8CA62E5D7F2F151E9158829427467A5 |
SHA-256: | ADC9BCE7FD944AF8E1BBF4E4A1529CF0D5C1D8AF8A07AB468135B8FE01761C95 |
SHA-512: | 485C0E469B0735C78136375CC223F5184A6D973180061D7DBB79C359F52AD27CA6632A06EDB2186951DCF7C2CACA67A862A67E551C498547C6BA5D23F5267D92 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Windows\SysWOW64\WerFault.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4633 |
Entropy (8bit): | 4.456060634563152 |
Encrypted: | false |
SSDEEP: | 48:cvIwWl8zsOJg77aI9bAWpW8VYyPYm8M4JyAFF+q8emJs2VGd:uIjfEI7h57VDSJ7GJs2wd |
MD5: | 9C9A8C25BF790E5E7CB34F7A9E154BE7 |
SHA1: | B985113BF3D1D96BA5A7D0EA8A14E6ACFD0E5446 |
SHA-256: | E1C5554E59D6B436C851F2E2E6EABFA674A0BC140123DB64949C8BCDD45DE38F |
SHA-512: | 366EED0C0FBACF7BFAEDF86BF4C54956DDB7926C6E82CCAC51D1C097F9094D335D776B3D43A5FCAB4BA7E979022CAC66771133CA847A1B32185E74C5AF86C2A7 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 530 |
Entropy (8bit): | 5.999391385907715 |
Encrypted: | false |
SSDEEP: | 12:copYxSlufq7gCx7Fbyr4rOSlTfJJADr6HDsZQZ7gC6:KauS79Gr4iSllJALQZ7c |
MD5: | 06ED2CD304730F55A5C7001509E128BE |
SHA1: | 49651485B2CE3D239172BD52BF5A265AB3EB8E18 |
SHA-256: | 66851B5AA77B3DEE71B842F53D4E30F664F5A08F9754B9E87B323871981516A4 |
SHA-512: | 0163A8537DE695D34865EEB9C872F15A1827644D8797344A2D36E776F174E5901E77AA560488B0D7D7359B3648614F818B85A7D51F59CCDF2831B5715F5A9334 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
C:\Users\user\AppData\Local\Temp\adobe1duyuAkrglNe\Browsers\Firefox\v6zchhhv.default-release\History.txt
Download File
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 112 |
Entropy (8bit): | 4.9113057226932435 |
Encrypted: | false |
SSDEEP: | 3:N8DSLvIJiMgTE2WdkQVjDSLvIJiMhKVX3L2WdkQVQ:2OLciodFOLciA8dq |
MD5: | 0CE7E561D96623E70DD177304D3B56DA |
SHA1: | 27B4131817E71657AED90C086E01E7E925BF641E |
SHA-256: | E0B2F92CFB58B7D5EDFBB1FDF3E81194D4E55A90706986C389BDF21D2AD2325D |
SHA-512: | 48154E76523305BBB7ED39FEAD22CB4DD6FDD568259DC8D0E70ABA4A21030DAF6D1274E0DC5D7F10DFCF7B3B61BD2401FFB4768F301AEF04F142AF23EF335AB5 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 530 |
Entropy (8bit): | 5.999391385907715 |
Encrypted: | false |
SSDEEP: | 12:copYxSlufq7gCx7Fbyr4rOSlTfJJADr6HDsZQZ7gC6:KauS79Gr4iSllJALQZ7c |
MD5: | 06ED2CD304730F55A5C7001509E128BE |
SHA1: | 49651485B2CE3D239172BD52BF5A265AB3EB8E18 |
SHA-256: | 66851B5AA77B3DEE71B842F53D4E30F664F5A08F9754B9E87B323871981516A4 |
SHA-512: | 0163A8537DE695D34865EEB9C872F15A1827644D8797344A2D36E776F174E5901E77AA560488B0D7D7359B3648614F818B85A7D51F59CCDF2831B5715F5A9334 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 6326 |
Entropy (8bit): | 5.528550298130443 |
Encrypted: | false |
SSDEEP: | 96:xu6/kMJ8uReyTlc2KBhA6tsxODslJR8E45TYcANUbg3x:xd/t3TlX6tsxPlJR8EisB |
MD5: | B0C227F5AC9A9B358E49B901379B65FB |
SHA1: | 6AD46931187BD24D00FC128E73E3E5DDA94A3434 |
SHA-256: | 26DF2F51D1C1D77D36EC6B4F7532CAC7D2D1E6EA81F83F01BE490A5EBC5E370A |
SHA-512: | ABB50BE282D695E0C41CD9DCCD3619D55C22581B87E5146B3D92D76DE9C0FE3918C2EF570BBA9E4CC1255051FE30B226BD46C8D54108575BC0524948624F02D6 |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4897 |
Entropy (8bit): | 2.518316437186352 |
Encrypted: | false |
SSDEEP: | 48:4MMMMMMMMMMdMMMM1MMMMMMMM1MMMMMMMM1MMMMMMMM1MMMMMMMMMMdMMMMMMMM3:q |
MD5: | B3E9D0E1B8207AA74CB8812BAAF52EAE |
SHA1: | A2DCE0FB6B0BBC955A1E72EF3D87CADCC6E3CC6B |
SHA-256: | 4993311FC913771ACB526BB5EF73682EDA69CD31AC14D25502E7BDA578FFA37C |
SHA-512: | B17ADF4AA80CADC581A09C72800DA22F62E5FB32953123F2C513D2E88753C430CC996E82AAE7190C8CB3340FCF2D9E0D759D99D909D2461369275FBE5C68C27A |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 712250 |
Entropy (8bit): | 7.9235962696855635 |
Encrypted: | false |
SSDEEP: | 12288:ecXEFVrMc4ReDZo4LQvmulo9nR6DMSFveAQev0wbfQiz1nP8fbRiKGJiLOGo8:evVDn0oeD7heNgfrB2FmwLk8 |
MD5: | 06F0662467103F9AD0CED74D85B0F256 |
SHA1: | F9D61491A29E7A51DA97B4C1B4C57E8C675B9D0D |
SHA-256: | 71CCAF743AA9FA09BB60414B312F30F7F898F835947BC6269E40ED1301906E80 |
SHA-512: | E2F2465B4E44EB6E8984DEDE6ECAFD64612A803B1EC8722EE36741E7C3B928285A76B19A0EF1790D6F418E02FC629B4B5842EFD3245EA1BE20E76A1E8C375E68 |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 98304 |
Entropy (8bit): | 0.08235737944063153 |
Encrypted: | false |
SSDEEP: | 12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO |
MD5: | 369B6DD66F1CAD49D0952C40FEB9AD41 |
SHA1: | D05B2DE29433FB113EC4C558FF33087ED7481DD4 |
SHA-256: | 14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D |
SHA-512: | 771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928 |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 20480 |
Entropy (8bit): | 0.6732424250451717 |
Encrypted: | false |
SSDEEP: | 24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B |
MD5: | CFFF4E2B77FC5A18AB6323AF9BF95339 |
SHA1: | 3AA2C2115A8EB4516049600E8832E9BFFE0C2412 |
SHA-256: | EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE |
SHA-512: | 0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 5242880 |
Entropy (8bit): | 0.03859996294213402 |
Encrypted: | false |
SSDEEP: | 192:58rJQaXoMXp0VW9FxWHxDSjENbx56p3DisuwAyHI:58r54w0VW3xWdkEFxcp3y/y |
MD5: | D2A38A463B7925FE3ABE31ECCCE66ACA |
SHA1: | A1824888F9E086439B287DEA497F660F3AA4B397 |
SHA-256: | 474361353F00E89A9ECB246EC4662682392EBAF4F2A4BE9ABB68BBEBE33FA4A0 |
SHA-512: | 62DB46A530D952568EFBFF7796106E860D07754530B724E0392862EF76FDF99043DA9538EC0044323C814DF59802C3BB55454D591362CB9B6E39947D11E981F7 |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 40960 |
Entropy (8bit): | 0.8553638852307782 |
Encrypted: | false |
SSDEEP: | 48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil |
MD5: | 28222628A3465C5F0D4B28F70F97F482 |
SHA1: | 1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14 |
SHA-256: | 93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4 |
SHA-512: | C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7 |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 5242880 |
Entropy (8bit): | 0.03859996294213402 |
Encrypted: | false |
SSDEEP: | 192:58rJQaXoMXp0VW9FxWHxDSjENbx56p3DisuwAyHI:58r54w0VW3xWdkEFxcp3y/y |
MD5: | D2A38A463B7925FE3ABE31ECCCE66ACA |
SHA1: | A1824888F9E086439B287DEA497F660F3AA4B397 |
SHA-256: | 474361353F00E89A9ECB246EC4662682392EBAF4F2A4BE9ABB68BBEBE33FA4A0 |
SHA-512: | 62DB46A530D952568EFBFF7796106E860D07754530B724E0392862EF76FDF99043DA9538EC0044323C814DF59802C3BB55454D591362CB9B6E39947D11E981F7 |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 196608 |
Entropy (8bit): | 1.121297215059106 |
Encrypted: | false |
SSDEEP: | 384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow |
MD5: | D87270D0039ED3A5A72E7082EA71E305 |
SHA1: | 0FBACFA8029B11A5379703ABE7B392C4E46F0BD2 |
SHA-256: | F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA |
SHA-512: | 18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 40960 |
Entropy (8bit): | 0.8553638852307782 |
Encrypted: | false |
SSDEEP: | 48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil |
MD5: | 28222628A3465C5F0D4B28F70F97F482 |
SHA1: | 1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14 |
SHA-256: | 93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4 |
SHA-512: | C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7 |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 196608 |
Entropy (8bit): | 1.121297215059106 |
Encrypted: | false |
SSDEEP: | 384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow |
MD5: | D87270D0039ED3A5A72E7082EA71E305 |
SHA1: | 0FBACFA8029B11A5379703ABE7B392C4E46F0BD2 |
SHA-256: | F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA |
SHA-512: | 18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 20480 |
Entropy (8bit): | 0.8439810553697228 |
Encrypted: | false |
SSDEEP: | 24:TLyAF1kwNbXYFpFNYcw+6UwcQVXH5fBO9p7n52GmCWGf+dyMDCFVE1:TeAFawNLopFgU10XJBOB2Gbf+ba+ |
MD5: | 9D46F142BBCF25D0D495FF1F3A7609D3 |
SHA1: | 629BD8CD800F9D5B078B5779654F7CBFA96D4D4E |
SHA-256: | C11B443A512184E82D670BA6F7886E98B03C27CC7A3CEB1D20AD23FCA1DE57DA |
SHA-512: | AC90306667AFD38F73F6017543BDBB0B359D79740FA266F587792A94FDD35B54CCE5F6D85D5F6CB7F4344BEDAD9194769ABB3864AAE7D94B4FD6748C31250AC2 |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 196608 |
Entropy (8bit): | 1.121297215059106 |
Encrypted: | false |
SSDEEP: | 384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow |
MD5: | D87270D0039ED3A5A72E7082EA71E305 |
SHA1: | 0FBACFA8029B11A5379703ABE7B392C4E46F0BD2 |
SHA-256: | F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA |
SHA-512: | 18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 51200 |
Entropy (8bit): | 0.8746135976761988 |
Encrypted: | false |
SSDEEP: | 96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4 |
MD5: | 9E68EA772705B5EC0C83C2A97BB26324 |
SHA1: | 243128040256A9112CEAC269D56AD6B21061FF80 |
SHA-256: | 17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF |
SHA-512: | 312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 106496 |
Entropy (8bit): | 1.136413900497188 |
Encrypted: | false |
SSDEEP: | 192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84 |
MD5: | 429F49156428FD53EB06FC82088FD324 |
SHA1: | 560E48154B4611838CD4E9DF4C14D0F9840F06AF |
SHA-256: | 9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF |
SHA-512: | 1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 159744 |
Entropy (8bit): | 0.5394293526345721 |
Encrypted: | false |
SSDEEP: | 96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9 |
MD5: | 52701A76A821CDDBC23FB25C3FCA4968 |
SHA1: | 440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE |
SHA-256: | D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4 |
SHA-512: | 2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000 |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 155648 |
Entropy (8bit): | 0.5407252242845243 |
Encrypted: | false |
SSDEEP: | 96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb |
MD5: | 7B955D976803304F2C0505431A0CF1CF |
SHA1: | E29070081B18DA0EF9D98D4389091962E3D37216 |
SHA-256: | 987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC |
SHA-512: | CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 159744 |
Entropy (8bit): | 0.5394293526345721 |
Encrypted: | false |
SSDEEP: | 96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9 |
MD5: | 52701A76A821CDDBC23FB25C3FCA4968 |
SHA1: | 440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE |
SHA-256: | D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4 |
SHA-512: | 2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000 |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 106496 |
Entropy (8bit): | 1.136413900497188 |
Encrypted: | false |
SSDEEP: | 192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84 |
MD5: | 429F49156428FD53EB06FC82088FD324 |
SHA1: | 560E48154B4611838CD4E9DF4C14D0F9840F06AF |
SHA-256: | 9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF |
SHA-512: | 1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 106496 |
Entropy (8bit): | 1.136413900497188 |
Encrypted: | false |
SSDEEP: | 192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84 |
MD5: | 429F49156428FD53EB06FC82088FD324 |
SHA1: | 560E48154B4611838CD4E9DF4C14D0F9840F06AF |
SHA-256: | 9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF |
SHA-512: | 1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 155648 |
Entropy (8bit): | 0.5407252242845243 |
Encrypted: | false |
SSDEEP: | 96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb |
MD5: | 7B955D976803304F2C0505431A0CF1CF |
SHA1: | E29070081B18DA0EF9D98D4389091962E3D37216 |
SHA-256: | 987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC |
SHA-512: | CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 698489 |
Entropy (8bit): | 7.9977438269929975 |
Encrypted: | true |
SSDEEP: | 12288:SSfBizLS+WBrrp70HlZvYrTBfE2nzQ69K0j03CyCwsCwHDhgtVa35aaR:SOi/yBRDu2nVYTLwHDhgtV457R |
MD5: | 48660E1FBD3209D8013494405AB3C1E6 |
SHA1: | 8E0DA827E674895409E52C8E711170677F48AF8C |
SHA-256: | EA854693DDC0B9C3BEA84F51784B29DFA773F6C63A8E415A35015A078B7605C6 |
SHA-512: | 6098F7CB0F9271D48E2ECFEECD97F0A8D12410DB6A657DA3B26FBEA49315BDF667C72CDB8FA7333A07D7F8F8ADBF0E66AE75327645053619D661926E3BD42A26 |
Malicious: | true |
Yara Hits: |
|
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 11 |
Entropy (8bit): | 3.2776134368191165 |
Encrypted: | false |
SSDEEP: | 3:1EX:10 |
MD5: | EC3584F3DB838942EC3669DB02DC908E |
SHA1: | 8DCEB96874D5C6425EBB81BFEE587244C89416DA |
SHA-256: | 77C7C10B4C860D5DDF4E057E713383E61E9F21BCF0EC4CFBBC16193F2E28F340 |
SHA-512: | 35253883BB627A49918E7415A6BA6B765C86B516504D03A1F4FD05F80902F352A7A40E2A67A6D1B99A14B9B79DAB82F3AC7A67C512CCF6701256C13D0096855E |
Malicious: | false |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 127 |
Entropy (8bit): | 5.080093624462795 |
Encrypted: | false |
SSDEEP: | 3:1ELGUAgKLMzY+eWgTckbnnvjiBIFVTjSUgf4orFLsUov:1WsMzYHxbnvEcvgqv |
MD5: | 8EF9853D1881C5FE4D681BFB31282A01 |
SHA1: | A05609065520E4B4E553784C566430AD9736F19F |
SHA-256: | 9228F13D82C3DC96B957769F6081E5BAC53CFFCA4FFDE0BA1E102D9968F184A2 |
SHA-512: | 5DDEE931A08CFEA5BB9D1C36355D47155A24D617C2A11D08364FFC54E593064011DEE4FEA8AC5B67029CAB515D3071F0BA0422BB76AF492A3115272BA8FEB005 |
Malicious: | true |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1926 |
Entropy (8bit): | 3.310422749310586 |
Encrypted: | false |
SSDEEP: | 24:wSLevFeSLe5BeSwbv5qweSw4q7j/eScdepWDbVeScden2W8eScdemevtmeScdeRg:KFIBkbv5qwk4qfKV2QxVCZ |
MD5: | CDFD60E717A44C2349B553E011958B85 |
SHA1: | 431136102A6FB52A00E416964D4C27089155F73B |
SHA-256: | 0EE08DA4DA3E4133E1809099FC646468E7156644C9A772F704B80E338015211F |
SHA-512: | DFEA0D0B3779059E64088EA9A13CD6B076D76C64DB99FA82E6612386CAE5CDA94A790318207470045EF51F0A410B400726BA28CB6ECB6972F081C532E558D6A8 |
Malicious: | false |
Preview: |
Process: | C:\Windows\SysWOW64\WerFault.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1835008 |
Entropy (8bit): | 4.421615277235657 |
Encrypted: | false |
SSDEEP: | 6144:LSvfpi6ceLP/9skLmb0OTrWSPHaJG8nAgeMZMMhA2fX4WABlEnN20uhiTw:2vloTrW+EZMM6DFy403w |
MD5: | 714EF27E8AD5FECB8932BFCD009E461C |
SHA1: | FB081EB56BCF5DEC55A93585FCEA6077074477C4 |
SHA-256: | 0D481CF30C578A6E1AD71D0DD6B7739B6071C94FC0EC7A0E16648A3EF948EA58 |
SHA-512: | 40DD6DD333D9ED568655DFEE1304D2D6EC3504B4E99CDEE65E3A0C1752D4549D553DDE9A976C9A054E61DBCAE63BFA509541CAEA6351EF6574FC75421B98F15F |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 7.998215041812139 |
TrID: |
|
File name: | file.exe |
File size: | 2'242'184 bytes |
MD5: | 594baf3349f36a497a12a0d40c2b27a1 |
SHA1: | 2d0a636e0a1951cda559ee5fb55e06037c265294 |
SHA256: | 4e706b9f8cb686e8a99477df73e2c100db282ef6fdf51cc0f6043bedeed8fe17 |
SHA512: | ab69e93bb3934447ddc68754398dabffe24185d633f816b625a44438efcddb3a6cefe8d78b3421d5a23610c75606ab4535ebe7265a4ab6cc0c579959da3c2f8b |
SSDEEP: | 49152:7zCnVL68FUbN2qDQFLWhv2DTQC4kY42bVDXU1HkAG:7g6QMMqUAZ2DTJE2H9G |
TLSH: | 45A533F25040F271CDF35075BC14E7BA49BE1FD3A191DA51298DEA22CB8CB12199FA36 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..."..f..................!...........!.. ...."...@.. .......................@"......."...`................................ |
Icon Hash: | 3e3767e1e1670f3c |
Entrypoint: | 0x61ea0e |
Entrypoint Section: | .text |
Digitally signed: | true |
Imagebase: | 0x400000 |
Subsystem: | windows cui |
Image File Characteristics: | EXECUTABLE_IMAGE, 32BIT_MACHINE |
DLL Characteristics: | HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x66058B22 [Thu Mar 28 15:22:10 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | f34d5f2d4577ed6d9ceec516c1f5a744 |
Signature Valid: | |
Signature Issuer: | |
Signature Validation Error: | |
Error Number: | |
Not Before, Not After | |
Subject Chain | |
Version: | |
Thumbprint MD5: | |
Thumbprint SHA-1: | |
Thumbprint SHA-256: | |
Serial: |
Instruction |
---|
jmp dword ptr [00402000h] |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x21e9b8 | 0x53 | .text |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x220000 | 0x169a | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x21d600 | 0x4e88 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x222000 | 0xc | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x21e880 | 0x1c | .text |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x2000 | 0x8 | .text |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x2008 | 0x48 | .text |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x2000 | 0x21ca14 | 0x21cc00 | 01a794e75c2c1b2b1b28544a7767c0c6 | unknown | unknown | unknown | unknown | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rsrc | 0x220000 | 0x169a | 0x1800 | 1441dcc6204354934835ebb05a56f91c | False | 0.4765625 | data | 4.6430362898603965 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0x222000 | 0xc | 0x200 | db0db524e66688c6719a0994b0ba6ce6 | False | 0.044921875 | data | 0.10191042566270775 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0x220140 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 4096 | 0.5185272045028143 | ||
RT_GROUP_ICON | 0x2211e8 | 0x14 | data | 1.1 | ||
RT_VERSION | 0x2211fc | 0x2b4 | data | 0.4595375722543353 | ||
RT_MANIFEST | 0x2214b0 | 0x1ea | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | 0.5469387755102041 |
DLL | Import |
---|---|
mscoree.dll | _CorExeMain |
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
03/28/24-18:55:12.392688 | TCP | 2046266 | ET TROJAN [ANY.RUN] RisePro TCP (Token) | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
03/28/24-18:55:07.976970 | TCP | 2049660 | ET TROJAN RisePro CnC Activity (Outbound) | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
03/28/24-18:54:59.765115 | TCP | 2049060 | ET TROJAN RisePro TCP Heartbeat Packet | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
03/28/24-18:54:59.975602 | TCP | 2046266 | ET TROJAN [ANY.RUN] RisePro TCP (Token) | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 28, 2024 18:54:58.519411087 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:54:59.525985956 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:54:59.750591040 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:54:59.750749111 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:54:59.765115023 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:54:59.975601912 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:00.026026964 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:00.037466049 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:00.250653028 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:00.291552067 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:00.370188951 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:00.427593946 CET | 49712 | 443 | 192.168.2.5 | 34.117.186.192 |
Mar 28, 2024 18:55:00.427625895 CET | 443 | 49712 | 34.117.186.192 | 192.168.2.5 |
Mar 28, 2024 18:55:00.427764893 CET | 49712 | 443 | 192.168.2.5 | 34.117.186.192 |
Mar 28, 2024 18:55:00.428951979 CET | 49712 | 443 | 192.168.2.5 | 34.117.186.192 |
Mar 28, 2024 18:55:00.428965092 CET | 443 | 49712 | 34.117.186.192 | 192.168.2.5 |
Mar 28, 2024 18:55:00.647592068 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:00.716671944 CET | 443 | 49712 | 34.117.186.192 | 192.168.2.5 |
Mar 28, 2024 18:55:00.716794014 CET | 49712 | 443 | 192.168.2.5 | 34.117.186.192 |
Mar 28, 2024 18:55:00.721066952 CET | 49712 | 443 | 192.168.2.5 | 34.117.186.192 |
Mar 28, 2024 18:55:00.721072912 CET | 443 | 49712 | 34.117.186.192 | 192.168.2.5 |
Mar 28, 2024 18:55:00.721280098 CET | 443 | 49712 | 34.117.186.192 | 192.168.2.5 |
Mar 28, 2024 18:55:00.767731905 CET | 49712 | 443 | 192.168.2.5 | 34.117.186.192 |
Mar 28, 2024 18:55:00.808231115 CET | 443 | 49712 | 34.117.186.192 | 192.168.2.5 |
Mar 28, 2024 18:55:00.998435020 CET | 443 | 49712 | 34.117.186.192 | 192.168.2.5 |
Mar 28, 2024 18:55:00.998675108 CET | 443 | 49712 | 34.117.186.192 | 192.168.2.5 |
Mar 28, 2024 18:55:00.998759031 CET | 49712 | 443 | 192.168.2.5 | 34.117.186.192 |
Mar 28, 2024 18:55:01.000854015 CET | 49712 | 443 | 192.168.2.5 | 34.117.186.192 |
Mar 28, 2024 18:55:01.000868082 CET | 443 | 49712 | 34.117.186.192 | 192.168.2.5 |
Mar 28, 2024 18:55:01.116388083 CET | 49713 | 443 | 192.168.2.5 | 172.67.75.166 |
Mar 28, 2024 18:55:01.116409063 CET | 443 | 49713 | 172.67.75.166 | 192.168.2.5 |
Mar 28, 2024 18:55:01.116693020 CET | 49713 | 443 | 192.168.2.5 | 172.67.75.166 |
Mar 28, 2024 18:55:01.118583918 CET | 49713 | 443 | 192.168.2.5 | 172.67.75.166 |
Mar 28, 2024 18:55:01.118594885 CET | 443 | 49713 | 172.67.75.166 | 192.168.2.5 |
Mar 28, 2024 18:55:01.323033094 CET | 443 | 49713 | 172.67.75.166 | 192.168.2.5 |
Mar 28, 2024 18:55:01.323110104 CET | 49713 | 443 | 192.168.2.5 | 172.67.75.166 |
Mar 28, 2024 18:55:01.324738979 CET | 49713 | 443 | 192.168.2.5 | 172.67.75.166 |
Mar 28, 2024 18:55:01.324744940 CET | 443 | 49713 | 172.67.75.166 | 192.168.2.5 |
Mar 28, 2024 18:55:01.324963093 CET | 443 | 49713 | 172.67.75.166 | 192.168.2.5 |
Mar 28, 2024 18:55:01.326257944 CET | 49713 | 443 | 192.168.2.5 | 172.67.75.166 |
Mar 28, 2024 18:55:01.372236967 CET | 443 | 49713 | 172.67.75.166 | 192.168.2.5 |
Mar 28, 2024 18:55:01.583621979 CET | 443 | 49713 | 172.67.75.166 | 192.168.2.5 |
Mar 28, 2024 18:55:01.583694935 CET | 443 | 49713 | 172.67.75.166 | 192.168.2.5 |
Mar 28, 2024 18:55:01.583781004 CET | 49713 | 443 | 192.168.2.5 | 172.67.75.166 |
Mar 28, 2024 18:55:01.584949970 CET | 49713 | 443 | 192.168.2.5 | 172.67.75.166 |
Mar 28, 2024 18:55:01.584949970 CET | 49713 | 443 | 192.168.2.5 | 172.67.75.166 |
Mar 28, 2024 18:55:01.584959030 CET | 443 | 49713 | 172.67.75.166 | 192.168.2.5 |
Mar 28, 2024 18:55:01.584965944 CET | 443 | 49713 | 172.67.75.166 | 192.168.2.5 |
Mar 28, 2024 18:55:01.585587978 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:01.827286005 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:01.838116884 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:02.077898026 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:02.119674921 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:02.167063951 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:02.404442072 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:02.447798967 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:02.497409105 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:02.735445976 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:02.775921106 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:02.855453968 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:03.093301058 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:03.135296106 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:04.521030903 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:04.524560928 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:04.894064903 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:04.894490957 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.119009018 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.119081020 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.119190931 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.119272947 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.119380951 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.119568110 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.343729019 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.343812943 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.343825102 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.343877077 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.344077110 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.344135046 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.344181061 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.344244003 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.344247103 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.344295025 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.344408035 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.344468117 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.568356991 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.568371058 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.568480968 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.568651915 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.568746090 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.568757057 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.568833113 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.568977118 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.569042921 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.569071054 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.569132090 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.569149971 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.569185972 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.569220066 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.569222927 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.569246054 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.569303989 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.793190002 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.793267012 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.793708086 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.793756008 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.793768883 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.793818951 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.793994904 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.794049978 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.794647932 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.794725895 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.794734001 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.794817924 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.794950008 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.795041084 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.795352936 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.795413971 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.795470953 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.795531034 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.795720100 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.795800924 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.795875072 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.795941114 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.796034098 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.796081066 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.796756029 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.796828032 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.796833992 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.796890020 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.797015905 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.797080994 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.797334909 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.797401905 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.797416925 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.797566891 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.797621965 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.797806978 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.797833920 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.797874928 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.797898054 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.797979116 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.798109055 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.798531055 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.798583984 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.798624992 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.798675060 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.798803091 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.798876047 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.798989058 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.799051046 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.799108028 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.799165010 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.799340010 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.799396992 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:05.799568892 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:05.799616098 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.017628908 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.017740011 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.017812967 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.017879963 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.018044949 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.018115997 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.018379927 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.018448114 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.018452883 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.018517971 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.019017935 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.019054890 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.019074917 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.019102097 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.019110918 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.019150019 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.019156933 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.019224882 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.019249916 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.019308090 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.019342899 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.019406080 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.019694090 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.019763947 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.020066977 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.020132065 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.020229101 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.020287037 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.020304918 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.020369053 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.021034002 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.021101952 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.021151066 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.021223068 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.021320105 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.021377087 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.021527052 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.021539927 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.021549940 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.021614075 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.021722078 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.021773100 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.021791935 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.021852970 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.021923065 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.021948099 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.021981955 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.022001982 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.022114038 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.022166014 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.022209883 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.022259951 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.022331953 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.022382021 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.022408009 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.022419930 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.022454023 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.022803068 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.022865057 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.022963047 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.022995949 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.023011923 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.023051023 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.023206949 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.023233891 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.023258924 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.023410082 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.023477077 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.023688078 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.023739100 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.023802996 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.023850918 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.024075985 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.024130106 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.242141008 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.242249966 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.242284060 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.242335081 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.242356062 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.242394924 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.242465019 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.242479086 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.242538929 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.242594004 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.242635965 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.242649078 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.242675066 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.242711067 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.242723942 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.242752075 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.242804050 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.243061066 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.243134975 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.243434906 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.243463039 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.243509054 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.243519068 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.243521929 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.243568897 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.243592024 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.243647099 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.243668079 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.243721008 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.243804932 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.243859053 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.243875027 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.243942976 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.244127035 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.244148970 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.244185925 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.244205952 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.244254112 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.244306087 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.244370937 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.244472980 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.244529009 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.244539022 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.244565010 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.244596958 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.244604111 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.244669914 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.244688034 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:06.244705915 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.244785070 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.244878054 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.245079994 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.245157957 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.245235920 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.245316982 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.245496988 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.245764017 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.245775938 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.245903015 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.246139050 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.246260881 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.246304989 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.246387005 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.246511936 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.246670008 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.246752024 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.246887922 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.246911049 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.246953964 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.247028112 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.247147083 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.247194052 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.247345924 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.247597933 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.247626066 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.247752905 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.248044014 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.248085022 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.248136997 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.248277903 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.248502970 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.466603041 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.466620922 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.466720104 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.466746092 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.466886044 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.466902018 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.466996908 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.467092037 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.467160940 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.467187881 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.467379093 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.467613935 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.467624903 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.467746973 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.467762947 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.467910051 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.467940092 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.467984915 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.468084097 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.468141079 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.468195915 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.468360901 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.468461037 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.468615055 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.468770027 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.468794107 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:06.469101906 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:07.960165977 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:07.976969957 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:07.977022886 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:07.977036953 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:07.977086067 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:07.977102041 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:07.977111101 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:07.977118969 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:07.977150917 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:07.977164030 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:07.977170944 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:07.977176905 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:07.977202892 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:07.977231026 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:07.977243900 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:07.977260113 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:07.977272034 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:07.977276087 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:07.977315903 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:07.977319002 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:07.977361917 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.201704979 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.201766968 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.201786995 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.201813936 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.201819897 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.201862097 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.201870918 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.201896906 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.201915979 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.201939106 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.201963902 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202004910 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.202042103 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202090025 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.202136040 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202178001 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.202223063 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202264071 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.202330112 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202378988 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202385902 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.202441931 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202481985 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.202497959 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202538967 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.202579021 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202626944 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.202642918 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202685118 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.202692032 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202735901 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.202752113 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202781916 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202821016 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.202850103 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202898026 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.202917099 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.202955961 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.202984095 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.203030109 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.203053951 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.203097105 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.426237106 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.426259995 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.426321030 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.426383972 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.426398039 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.426409006 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.426438093 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.426487923 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.426487923 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.426887989 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.426901102 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.426940918 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.426954031 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.426978111 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.427012920 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.427028894 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.427087069 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.427306890 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.427355051 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.427386999 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.427398920 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.427440882 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.427447081 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.427469969 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.427470922 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.427524090 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.651218891 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.651303053 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.651371002 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.651412010 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.651423931 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.651453018 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.652620077 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.652684927 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.652714968 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.652761936 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.652981043 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.653018951 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.653019905 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.653067112 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.653120995 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.653127909 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.653206110 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.653271914 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.653325081 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.653371096 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.875857115 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.875901937 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.875960112 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.875988007 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.876969099 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.876998901 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.877012968 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.877021074 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.877060890 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.877460957 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.877480030 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.877492905 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.877523899 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.877557039 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:08.877749920 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.877763987 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:08.877800941 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.100809097 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.100832939 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.100888968 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.100919008 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.101738930 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.101752043 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.101763964 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.101777077 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.101804018 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.101804018 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.101860046 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.102384090 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.102396965 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.102432013 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.102448940 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.102498055 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.102500916 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.102513075 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.102543116 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.151050091 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.325673103 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.325696945 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.325768948 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.326149940 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.326210976 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.326225996 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.326261044 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.326272011 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.326298952 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.326323032 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.326682091 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.326713085 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.326728106 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.326735020 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.326750040 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.326755047 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.326782942 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.326802969 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.375536919 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.416562080 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.550230980 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.550251007 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.550586939 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.550652027 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.550717115 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.550787926 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.550801039 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.550817013 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.550839901 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.550848007 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.551739931 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.551753044 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.551786900 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.551811934 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.551836014 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.551841021 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.551862955 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.604161024 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.640942097 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.682198048 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.775022030 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.775043011 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.775094032 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.775113106 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.775324106 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.775369883 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.776084900 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.776132107 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.776156902 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.776206017 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.776228905 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.776269913 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.776308060 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.776391029 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.776447058 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.776499033 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.776587009 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.776626110 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.828389883 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.869729996 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.907058001 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.947798014 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.999564886 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.999588966 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:09.999663115 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:09.999758005 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.000471115 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.000513077 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.000557899 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.000572920 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.000612974 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.000624895 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.000787973 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.000802040 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.000823021 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.000837088 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.000844955 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.000863075 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.000886917 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.094086885 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.135340929 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.172290087 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.213417053 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.224476099 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.224529982 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.224587917 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.224878073 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.225028038 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.225080967 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.225089073 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.225104094 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.225126028 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.225138903 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.225143909 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.225153923 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.225189924 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.225194931 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.225224972 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.225235939 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.225239992 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.225270033 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.225289106 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.359824896 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.400938034 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.437745094 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.449007034 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.449050903 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.449114084 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.449326038 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.449387074 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.449413061 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.449426889 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.449454069 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.449474096 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.449498892 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.449506044 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.449521065 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.449544907 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.449572086 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.449593067 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.449601889 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.449606895 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.449620962 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.449645996 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.494667053 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.625633955 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.666547060 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.673651934 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.673666000 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.673679113 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.673691034 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.673705101 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.673736095 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.673747063 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.673762083 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.673780918 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.673789024 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.673810959 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.673830986 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.673836946 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.673865080 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.673903942 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.673928976 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.673969984 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.719027042 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.719141960 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.891033888 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.898135900 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.898150921 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.898163080 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.898227930 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.898226023 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.898241997 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.898278952 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.898294926 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.898297071 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.898313046 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.898329020 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.898336887 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.898340940 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.898353100 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.898367882 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.898379087 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.898391962 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.898402929 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.898416042 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.898426056 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.898459911 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:10.943610907 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:10.994661093 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:11.122679949 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:11.122700930 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:11.122713089 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:11.122725010 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:11.122735977 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:11.122747898 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:11.122760057 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:11.122762918 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:11.122772932 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:11.122786999 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:11.122833014 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:11.122843981 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:11.122855902 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:11.122879028 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:11.219059944 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:11.260585070 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:11.347495079 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:11.347515106 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:11.347595930 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:11.347666979 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:11.347724915 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:11.347775936 CET | 50500 | 49710 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:11.400944948 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:11.942783117 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:12.167712927 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:12.167907953 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:12.392688036 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:12.393882990 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:12.618501902 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:12.618655920 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:12.891490936 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:15.041682005 CET | 49710 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:15.666950941 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:15.917042017 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:15.963401079 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:47.510514021 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:55:47.761919975 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:55:47.807239056 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:03.135497093 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:03.379755020 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:03.432106018 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:09.479034901 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:09.729233980 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:09.775927067 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:12.776117086 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:13.026881933 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:13.072726965 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:16.057220936 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:16.302354097 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:16.353955030 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:19.338536978 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:19.583129883 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:19.635299921 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:22.636406898 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:22.892015934 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:22.932085037 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:25.956664085 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:26.212488890 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:26.291448116 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:29.260607958 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:29.503958941 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:29.588313103 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:32.543761969 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:32.782010078 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:32.900825977 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:35.838443995 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:36.090692997 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:36.291441917 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:39.119663000 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:39.364057064 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:39.588314056 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:42.410574913 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:42.411839962 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:42.688906908 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:45.463432074 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:45.710866928 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:45.791599035 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:48.760235071 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:49.007766962 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:49.103914976 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:52.041611910 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:52.283297062 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:52.400779009 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:55.341711044 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:55.587177992 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:55.697674036 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:58.644078970 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:56:58.883197069 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:56:59.103986025 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:01.933763027 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:02.179001093 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:02.400784969 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:05.213777065 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:05.456006050 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:05.589747906 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:08.889926910 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:09.139058113 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:09.197838068 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:12.166501999 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:12.416619062 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:12.494535923 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:15.463383913 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:15.710032940 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:15.900851011 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:18.763695002 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:19.000873089 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:19.088257074 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:22.041496038 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:22.293448925 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:22.401859999 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:25.338356972 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:25.580106974 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:25.697642088 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:28.639702082 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:28.888952971 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:29.091692924 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:31.932094097 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:32.182919979 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:32.400774956 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:35.229119062 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:35.475939035 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:35.588251114 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:38.525876045 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:38.772232056 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:38.900765896 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:41.822844028 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:42.075016022 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:42.197621107 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:45.103919983 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:45.348015070 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:45.400729895 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:48.401787996 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:48.639444113 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:48.697880983 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:51.682972908 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:51.935961008 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:52.088207960 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:54.963387966 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:55.217212915 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:55.403980017 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:59.338288069 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:57:59.582182884 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:57:59.697588921 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:02.619585991 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:02.860367060 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:02.900834084 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:05.916451931 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:06.167185068 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:06.400753021 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:09.215702057 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:09.462003946 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:09.588191032 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:12.414285898 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:12.422148943 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:12.695331097 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:15.463344097 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:15.707077980 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:15.901940107 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:18.744712114 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:18.983999968 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:19.103804111 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:22.010144949 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:22.260620117 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:22.403738976 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:25.307028055 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:25.552515030 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:25.697546959 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:28.931885004 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:29.184823036 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:29.400667906 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:32.228857040 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:32.475936890 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:32.619410992 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:35.511682987 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:35.756025076 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:35.900777102 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:38.807214975 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:39.049550056 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:39.197560072 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:42.088447094 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:42.325062990 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:42.400675058 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:46.555636883 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:46.798033953 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:46.900655031 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:49.840610981 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:50.091706038 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:50.197524071 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:53.135683060 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:53.384128094 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:53.603755951 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:56.433737993 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:56.674556017 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:58:56.900666952 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:59.731307983 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Mar 28, 2024 18:58:59.982822895 CET | 50500 | 49721 | 193.233.132.114 | 192.168.2.5 |
Mar 28, 2024 18:59:00.103754997 CET | 49721 | 50500 | 192.168.2.5 | 193.233.132.114 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 28, 2024 18:55:00.327363014 CET | 65321 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 28, 2024 18:55:00.422775984 CET | 53 | 65321 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 18:55:01.003546000 CET | 56722 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 28, 2024 18:55:01.100511074 CET | 53 | 56722 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 28, 2024 18:55:00.327363014 CET | 192.168.2.5 | 1.1.1.1 | 0x4c08 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 28, 2024 18:55:01.003546000 CET | 192.168.2.5 | 1.1.1.1 | 0x57ff | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 28, 2024 18:55:00.422775984 CET | 1.1.1.1 | 192.168.2.5 | 0x4c08 | No error (0) | 34.117.186.192 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:55:01.100511074 CET | 1.1.1.1 | 192.168.2.5 | 0x57ff | No error (0) | 172.67.75.166 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:55:01.100511074 CET | 1.1.1.1 | 192.168.2.5 | 0x57ff | No error (0) | 104.26.5.15 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 18:55:01.100511074 CET | 1.1.1.1 | 192.168.2.5 | 0x57ff | No error (0) | 104.26.4.15 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49712 | 34.117.186.192 | 443 | 3996 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 17:55:00 UTC | 238 | OUT | |
2024-03-28 17:55:00 UTC | 514 | IN | |
2024-03-28 17:55:00 UTC | 738 | IN | |
2024-03-28 17:55:00 UTC | 283 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49713 | 172.67.75.166 | 443 | 3996 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 17:55:01 UTC | 262 | OUT | |
2024-03-28 17:55:01 UTC | 656 | IN | |
2024-03-28 17:55:01 UTC | 85 | IN | |
2024-03-28 17:55:01 UTC | 5 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 18:54:54 |
Start date: | 28/03/2024 |
Path: | C:\Users\user\Desktop\file.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x900000 |
File size: | 2'242'184 bytes |
MD5 hash: | 594BAF3349F36A497A12A0D40C2B27A1 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 1 |
Start time: | 18:54:54 |
Start date: | 28/03/2024 |
Path: | C:\Windows\System32\conhost.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6d64d0000 |
File size: | 862'208 bytes |
MD5 hash: | 0D698AF330FD17BEE3BF90011D49251D |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 2 |
Start time: | 18:54:55 |
Start date: | 28/03/2024 |
Path: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x1d0000 |
File size: | 65'440 bytes |
MD5 hash: | 0D5DF43AF2916F47D00C1573797C1A13 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 3 |
Start time: | 18:54:55 |
Start date: | 28/03/2024 |
Path: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0xe00000 |
File size: | 65'440 bytes |
MD5 hash: | 0D5DF43AF2916F47D00C1573797C1A13 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | high |
Has exited: | false |
Target ID: | 7 |
Start time: | 18:54:55 |
Start date: | 28/03/2024 |
Path: | C:\Windows\SysWOW64\WerFault.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x9e0000 |
File size: | 483'680 bytes |
MD5 hash: | C31336C1EFC2CCB44B4326EA793040F2 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Execution Graph
Execution Coverage: | 38.9% |
Dynamic/Decrypted Code Coverage: | 100% |
Signature Coverage: | 24.1% |
Total number of Nodes: | 54 |
Total number of Limit Nodes: | 2 |
Graph
Callgraph
Function 02EB2115 Relevance: 26.5, APIs: 11, Strings: 4, Instructions: 282threadinjectionmemoryCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 01501708 Relevance: 1.6, APIs: 1, Instructions: 75threadCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 01501710 Relevance: 1.6, APIs: 1, Instructions: 70threadCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 01501578 Relevance: 1.6, APIs: 1, Instructions: 63COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 01501651 Relevance: 1.6, APIs: 1, Instructions: 51threadCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 01501658 Relevance: 1.6, APIs: 1, Instructions: 50threadCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Execution Graph
Execution Coverage: | 7.8% |
Dynamic/Decrypted Code Coverage: | 3.6% |
Signature Coverage: | 7.2% |
Total number of Nodes: | 2000 |
Total number of Limit Nodes: | 179 |
Graph
Function 039F32B0 Relevance: 161.2, APIs: 81, Strings: 5, Instructions: 10669networkCOMMON
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00458670 Relevance: 151.4, APIs: 57, Strings: 26, Instructions: 6144COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0045E160 Relevance: 85.1, APIs: 32, Strings: 15, Instructions: 2882COMMON
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004421C0 Relevance: 76.1, APIs: 40, Strings: 2, Instructions: 2600fileCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 03A0BAC0 Relevance: 58.1, APIs: 32, Strings: 1, Instructions: 322threadsleepwindowCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004485E0 Relevance: 54.6, APIs: 14, Strings: 14, Instructions: 5584COMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 03A011D0 Relevance: 35.4, APIs: 18, Strings: 1, Instructions: 2111networkthreadsleepCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 03A0BF70 Relevance: 26.6, APIs: 12, Strings: 3, Instructions: 384threadlibraryloaderCOMMONLIBRARYCODE
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00562A3E Relevance: 21.9, APIs: 11, Strings: 1, Instructions: 855registryCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00419360 Relevance: 10.8, APIs: 2, Strings: 4, Instructions: 293injectionCOMMON
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041B4D0 Relevance: 8.8, Strings: 6, Instructions: 1267COMMON
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00463320 Relevance: 7.7, APIs: 5, Instructions: 156sleepCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 039E94A0 Relevance: 3.4, APIs: 2, Instructions: 430COMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004645FC Relevance: 2.6, Strings: 2, Instructions: 99COMMON
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004DC7AB Relevance: 1.3, APIs: 1, Instructions: 37COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004DC7CB Relevance: .0, Instructions: 23COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00464DD7 Relevance: 47.9, APIs: 4, Strings: 23, Instructions: 672threadCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041E5C0 Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 288networkCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041E5F9 Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 240networkCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00420219 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 205fileCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00420206 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 137fileCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00413720 Relevance: 6.1, APIs: 4, Instructions: 140fileCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 039E8B30 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 52COMMONLIBRARYCODE
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00420264 Relevance: 4.7, APIs: 3, Instructions: 200fileCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004201CD Relevance: 4.7, APIs: 3, Instructions: 168fileCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041382C Relevance: 4.5, APIs: 3, Instructions: 39fileCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040C26D Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 236registryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040C67D Relevance: 3.3, APIs: 2, Instructions: 251COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00468980 Relevance: 3.2, APIs: 2, Instructions: 187COMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 03A1F0C1 Relevance: 3.1, APIs: 2, Instructions: 76COMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 03A2FF82 Relevance: 3.1, APIs: 2, Instructions: 65COMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004F3493 Relevance: 3.1, APIs: 2, Instructions: 63COMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040A215 Relevance: 3.0, APIs: 2, Instructions: 36COMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041EC20 Relevance: 3.0, APIs: 1, Strings: 1, Instructions: 33sleepCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041EC90 Relevance: 3.0, APIs: 1, Strings: 1, Instructions: 33sleepCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041ED70 Relevance: 3.0, APIs: 1, Strings: 1, Instructions: 33sleepCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041ED00 Relevance: 3.0, APIs: 1, Strings: 1, Instructions: 33sleepCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041EDE0 Relevance: 3.0, APIs: 1, Strings: 1, Instructions: 33sleepCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 039F1A49 Relevance: 3.0, APIs: 2, Instructions: 25networkCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004F60EA Relevance: 3.0, APIs: 2, Instructions: 18COMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00468070 Relevance: 1.7, APIs: 1, Instructions: 238COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004250B0 Relevance: 1.6, APIs: 1, Instructions: 150COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00480EA0 Relevance: 1.6, APIs: 1, Instructions: 113COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 039E9400 Relevance: 1.5, APIs: 1, Instructions: 45COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402CDF Relevance: 1.5, APIs: 1, Instructions: 45COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 039F1BA0 Relevance: 1.5, APIs: 1, Instructions: 20COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040A2B0 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |