Edit tour
Windows
Analysis Report
file.exe
Overview
General Information
Detection
Socks5Systemz
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Antivirus / Scanner detection for submitted sample
Detected unpacking (changes PE section rights)
Detected unpacking (overwrites its own PE header)
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic
Yara detected Socks5Systemz
Contains functionality to infect the boot sector
Machine Learning detection for dropped file
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to launch a program with higher privileges
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to query network adapater information
Contains functionality to shutdown / reboot the system
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Dropped file seen in connection with other malware
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Extensive use of GetProcAddress (often used to hide API calls)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found evasive API chain (date check)
Found evasive API chain (may stop execution after checking a module file name)
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains executable resources (Code or Archives)
PE file contains more sections than normal
PE file contains sections with non-standard names
Queries disk information (often used to detect virtual machines)
Sample file is different than original file name gathered from version info
Tries to load missing DLLs
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Classification
- System is w10x64
- file.exe (PID: 6300 cmdline:
"C:\Users\ user\Deskt op\file.ex e" MD5: F306EA1FAA91611B7BC26E9CC0BD3956) - file.tmp (PID: 5004 cmdline:
"C:\Users\ user\AppDa ta\Local\T emp\is-4BC G1.tmp\fil e.tmp" /SL 5="$20446, 1681617,54 272,C:\Use rs\user\De sktop\file .exe" MD5: 8E02BC0DF97F95A1DF3FD1EEE341C73F) - metatoggermusiccollection.exe (PID: 5888 cmdline:
"C:\Users\ user\AppDa ta\Local\M etatogger Music Coll ection\met atoggermus iccollecti on.exe" -i MD5: CC6DE23FFDBD2BC10F9CFD9E44659A2D) - metatoggermusiccollection.exe (PID: 6408 cmdline:
"C:\Users\ user\AppDa ta\Local\M etatogger Music Coll ection\met atoggermus iccollecti on.exe" -s MD5: CC6DE23FFDBD2BC10F9CFD9E44659A2D)
- cleanup
⊘No configs have been found
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Socks5Systemz | Yara detected Socks5Systemz | Joe Security | ||
JoeSecurity_Socks5Systemz | Yara detected Socks5Systemz | Joe Security | ||
JoeSecurity_Socks5Systemz | Yara detected Socks5Systemz | Joe Security |
⊘No Sigma rule has matched
Timestamp: | 03/29/24-12:09:45.420994 |
SID: | 2049467 |
Source Port: | 49712 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:33.201024 |
SID: | 2049467 |
Source Port: | 49773 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:31.266790 |
SID: | 2049467 |
Source Port: | 49770 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:09:50.438859 |
SID: | 2049467 |
Source Port: | 49718 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:29.343836 |
SID: | 2049467 |
Source Port: | 49767 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:25.092185 |
SID: | 2049467 |
Source Port: | 49761 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:35.156161 |
SID: | 2049467 |
Source Port: | 49776 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:45.795139 |
SID: | 2049467 |
Source Port: | 49788 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:42.173450 |
SID: | 2049467 |
Source Port: | 49785 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:09:52.762235 |
SID: | 2049467 |
Source Port: | 49721 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:37.498093 |
SID: | 2049467 |
Source Port: | 49779 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:49.656205 |
SID: | 2049467 |
Source Port: | 49794 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:10.485514 |
SID: | 2049467 |
Source Port: | 49746 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:16.841602 |
SID: | 2049467 |
Source Port: | 49752 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:47.724356 |
SID: | 2049467 |
Source Port: | 49791 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:39.408449 |
SID: | 2049467 |
Source Port: | 49782 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:21.519109 |
SID: | 2049467 |
Source Port: | 49758 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:19.594654 |
SID: | 2049467 |
Source Port: | 49755 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:14.920798 |
SID: | 2049467 |
Source Port: | 49749 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:27.424287 |
SID: | 2049467 |
Source Port: | 49764 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:09:58.919317 |
SID: | 2049467 |
Source Port: | 49728 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:20.874262 |
SID: | 2049467 |
Source Port: | 49757 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:43.222189 |
SID: | 2049467 |
Source Port: | 49786 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:38.127296 |
SID: | 2049467 |
Source Port: | 49780 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:09:53.388422 |
SID: | 2049467 |
Source Port: | 49722 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:26.780979 |
SID: | 2049467 |
Source Port: | 49763 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:53.501609 |
SID: | 2049467 |
Source Port: | 49800 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:30.625360 |
SID: | 2049467 |
Source Port: | 49769 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:52.218008 |
SID: | 2049467 |
Source Port: | 49798 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:09:49.624355 |
SID: | 2049467 |
Source Port: | 49716 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:07.520008 |
SID: | 2049467 |
Source Port: | 49740 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:34.518099 |
SID: | 2049467 |
Source Port: | 49775 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:03.645340 |
SID: | 2049467 |
Source Port: | 49734 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:26.142227 |
SID: | 2049467 |
Source Port: | 49762 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:02.989420 |
SID: | 2049467 |
Source Port: | 49733 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:29.982779 |
SID: | 2049467 |
Source Port: | 49768 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:51.565445 |
SID: | 2049467 |
Source Port: | 49797 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:06.876572 |
SID: | 2049467 |
Source Port: | 49739 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:33.860666 |
SID: | 2049467 |
Source Port: | 49774 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:09:58.280004 |
SID: | 2049467 |
Source Port: | 49727 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:16.200826 |
SID: | 2049467 |
Source Port: | 49751 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:48.356929 |
SID: | 2049467 |
Source Port: | 49792 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:08.153311 |
SID: | 2049467 |
Source Port: | 49741 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:09.844842 |
SID: | 2049467 |
Source Port: | 49744 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:04.284502 |
SID: | 2049467 |
Source Port: | 49735 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:52.864072 |
SID: | 2049467 |
Source Port: | 49799 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:49.012408 |
SID: | 2049467 |
Source Port: | 49793 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:17.904399 |
SID: | 2049467 |
Source Port: | 49753 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:09:59.565419 |
SID: | 2049467 |
Source Port: | 49729 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:20.232000 |
SID: | 2049467 |
Source Port: | 49756 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:06.232200 |
SID: | 2049467 |
Source Port: | 49738 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:11.167852 |
SID: | 2049467 |
Source Port: | 49747 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:38.765184 |
SID: | 2049467 |
Source Port: | 49781 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:47.079531 |
SID: | 2049467 |
Source Port: | 49790 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:09:52.123640 |
SID: | 2049467 |
Source Port: | 49720 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:41.536693 |
SID: | 2049467 |
Source Port: | 49784 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:43.860067 |
SID: | 2049467 |
Source Port: | 49787 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:09:57.218726 |
SID: | 2049467 |
Source Port: | 49726 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:36.862357 |
SID: | 2049467 |
Source Port: | 49778 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:15.568464 |
SID: | 2049467 |
Source Port: | 49750 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:09:54.451755 |
SID: | 2049467 |
Source Port: | 49723 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:02.326674 |
SID: | 2049467 |
Source Port: | 49732 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:50.920566 |
SID: | 2049467 |
Source Port: | 49796 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:09:55.746985 |
SID: | 2049467 |
Source Port: | 49725 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:18.951435 |
SID: | 2049467 |
Source Port: | 49754 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:46.435554 |
SID: | 2049467 |
Source Port: | 49789 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:40.888750 |
SID: | 2049467 |
Source Port: | 49783 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:01.265583 |
SID: | 2049467 |
Source Port: | 49731 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:50.283368 |
SID: | 2049467 |
Source Port: | 49795 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:05.594232 |
SID: | 2049467 |
Source Port: | 49737 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:09:51.076317 |
SID: | 2049467 |
Source Port: | 49719 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:13.452004 |
SID: | 2049467 |
Source Port: | 49748 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:31.920222 |
SID: | 2049467 |
Source Port: | 49771 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:28.703817 |
SID: | 2049467 |
Source Port: | 49766 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:00.203383 |
SID: | 2049467 |
Source Port: | 49730 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:32.566269 |
SID: | 2049467 |
Source Port: | 49772 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:09:55.106879 |
SID: | 2049467 |
Source Port: | 49724 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:28.062365 |
SID: | 2049467 |
Source Port: | 49765 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:09:48.936277 |
SID: | 2049467 |
Source Port: | 49713 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:36.217358 |
SID: | 2049467 |
Source Port: | 49777 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:22.983300 |
SID: | 2049467 |
Source Port: | 49759 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:09.201668 |
SID: | 2049467 |
Source Port: | 49742 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:23.628743 |
SID: | 2049467 |
Source Port: | 49760 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:10:04.939736 |
SID: | 2049467 |
Source Port: | 49736 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Avira: |
Source: | Virustotal: | Perma Link |
Source: | Virustotal: | Perma Link |
Source: | Joe Sandbox ML: | ||
Source: | Joe Sandbox ML: |
Source: | Code function: | 1_2_0045B4AC | |
Source: | Code function: | 1_2_0045B560 | |
Source: | Code function: | 1_2_0045B578 | |
Source: | Code function: | 1_2_10001000 | |
Source: | Code function: | 1_2_10001130 |
Compliance |
---|
Source: | Unpacked PE file: | ||
Source: | Unpacked PE file: |
Source: | Static PE information: |
Source: | Code function: | 1_2_0047A44C | |
Source: | Code function: | 1_2_0047077C | |
Source: | Code function: | 1_2_004513E4 | |
Source: | Code function: | 1_2_004601DC | |
Source: | Code function: | 1_2_00478334 | |
Source: | Code function: | 1_2_00460658 | |
Source: | Code function: | 1_2_0045EC50 | |
Source: | Code function: | 1_2_00491EBC |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Networking |
---|
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | TCP traffic: |
Source: | IP Address: |
Source: | ASN Name: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | Code function: | 4_2_02AD72A7 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Code function: | 1_2_0042ED54 | |
Source: | Code function: | 1_2_00423AF4 | |
Source: | Code function: | 1_2_00412548 | |
Source: | Code function: | 1_2_00455448 | |
Source: | Code function: | 1_2_00473A10 |
Source: | Code function: | 1_2_0042E6DC |
Source: | Code function: | 0_2_0040936C | |
Source: | Code function: | 1_2_00453D4C |
Source: | Code function: | 0_2_00408330 | |
Source: | Code function: | 1_2_0046C0D0 | |
Source: | Code function: | 1_2_00434B5C | |
Source: | Code function: | 1_2_0047B0A3 | |
Source: | Code function: | 1_2_004637D4 | |
Source: | Code function: | 1_2_00444304 | |
Source: | Code function: | 1_2_0045C4C4 | |
Source: | Code function: | 1_2_00430700 | |
Source: | Code function: | 1_2_004449FC | |
Source: | Code function: | 1_2_00480B58 | |
Source: | Code function: | 1_2_00444E08 | |
Source: | Code function: | 1_2_00459498 | |
Source: | Code function: | 1_2_0043D5E4 | |
Source: | Code function: | 1_2_00465824 | |
Source: | Code function: | 1_2_00481A30 | |
Source: | Code function: | 1_2_00487BD4 | |
Source: | Code function: | 1_2_0042FB90 | |
Source: | Code function: | 1_2_00443D5C | |
Source: | Code function: | 1_2_00433E58 | |
Source: | Code function: | 1_2_022E1E90 | |
Source: | Code function: | 1_2_022E1200 | |
Source: | Code function: | 1_2_022E1730 | |
Source: | Code function: | 3_2_00401051 | |
Source: | Code function: | 3_2_00401C26 | |
Source: | Code function: | 4_2_00401051 | |
Source: | Code function: | 4_2_00401C26 | |
Source: | Code function: | 4_2_02B0BCEB | |
Source: | Code function: | 4_2_02B0BD58 | |
Source: | Code function: | 4_2_02AF53A0 | |
Source: | Code function: | 4_2_02AEE18D | |
Source: | Code function: | 4_2_02AE9E84 | |
Source: | Code function: | 4_2_02AF4E29 | |
Source: | Code function: | 4_2_02ADEFAD | |
Source: | Code function: | 4_2_02AEDC99 | |
Source: | Code function: | 4_2_02AEAC3A | |
Source: | Code function: | 4_2_02AE8442 | |
Source: | Code function: | 4_2_02AEE5A5 | |
Source: | Code function: | 4_2_02AF2DB4 |
Source: | Dropped File: | ||
Source: | Dropped File: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 4_2_02AE08B8 |
Source: | Code function: | 0_2_0040936C | |
Source: | Code function: | 1_2_00453D4C |
Source: | Code function: | 1_2_00454574 |
Source: | Code function: | 3_2_00402572 | |
Source: | Code function: | 4_2_00402572 |
Source: | Code function: | 0_2_00409AD0 |
Source: | Code function: | 3_2_00402345 |
Source: | Code function: | 3_2_00402345 | |
Source: | Code function: | 4_2_00402345 |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Key value created or modified: | Jump to behavior |
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior |
Source: | Virustotal: |
Source: | File read: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Key value created or modified: | Jump to behavior |
Source: | Window found: | Jump to behavior |
Source: | Window detected: |
Source: | Static file information: |
Data Obfuscation |
---|
Source: | Unpacked PE file: | ||
Source: | Unpacked PE file: |
Source: | Unpacked PE file: | ||
Source: | Unpacked PE file: |
Source: | Code function: | 1_2_00447DC0 |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_0040654D | |
Source: | Code function: | 0_2_0040802D | |
Source: | Code function: | 0_2_004040F1 | |
Source: | Code function: | 0_2_00404389 | |
Source: | Code function: | 0_2_00404389 | |
Source: | Code function: | 0_2_0040C219 | |
Source: | Code function: | 0_2_00404389 | |
Source: | Code function: | 0_2_00404389 | |
Source: | Code function: | 0_2_00408E87 | |
Source: | Code function: | 1_2_004098E9 | |
Source: | Code function: | 1_2_0047E26A | |
Source: | Code function: | 1_2_0045C1C1 | |
Source: | Code function: | 1_2_004062CD | |
Source: | Code function: | 1_2_00410645 | |
Source: | Code function: | 1_2_0040A6D1 | |
Source: | Code function: | 1_2_00430705 | |
Source: | Code function: | 1_2_004128F3 | |
Source: | Code function: | 1_2_00442CD8 | |
Source: | Code function: | 1_2_00450CAB | |
Source: | Code function: | 1_2_00472D25 | |
Source: | Code function: | 1_2_0040CF9A | |
Source: | Code function: | 1_2_004054A9 | |
Source: | Code function: | 1_2_0040F4FA | |
Source: | Code function: | 1_2_00405741 | |
Source: | Code function: | 1_2_00405741 | |
Source: | Code function: | 1_2_00405741 | |
Source: | Code function: | 1_2_00457718 | |
Source: | Code function: | 1_2_00405741 | |
Source: | Code function: | 1_2_0047F7ED | |
Source: | Code function: | 1_2_00419B9D | |
Source: | Code function: | 1_2_00455EA0 |
Source: | Static PE information: | ||
Source: | Static PE information: |
Persistence and Installation Behavior |
---|
Source: | Code function: | 3_2_00401A4F | |
Source: | Code function: | 4_2_00401A4F | |
Source: | Code function: | 4_2_02ADF7D6 |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | File created: | Jump to dropped file |
Boot Survival |
---|
Source: | Code function: | 3_2_00401A4F | |
Source: | Code function: | 4_2_00401A4F | |
Source: | Code function: | 4_2_02ADF7D6 |
Source: | Code function: | 3_2_00402345 |
Source: | Code function: | 1_2_00423B7C | |
Source: | Code function: | 1_2_00423B7C | |
Source: | Code function: | 1_2_0042414C | |
Source: | Code function: | 1_2_00424104 | |
Source: | Code function: | 1_2_004182F4 | |
Source: | Code function: | 1_2_004227CC | |
Source: | Code function: | 1_2_00417508 | |
Source: | Code function: | 1_2_0047DB50 | |
Source: | Code function: | 1_2_00417C40 | |
Source: | Code function: | 1_2_00417C3E |
Source: | Code function: | 1_2_0044AEEC |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | Code function: | 3_2_00401B4B | |
Source: | Code function: | 4_2_00401B4B | |
Source: | Code function: | 4_2_02ADF8DA |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file |
Source: | Evasive API call chain: | graph_0-6443 |
Source: | Evasive API call chain: | graph_3-2438 |
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Code function: | 1_2_0047A44C | |
Source: | Code function: | 1_2_0047077C | |
Source: | Code function: | 1_2_004513E4 | |
Source: | Code function: | 1_2_004601DC | |
Source: | Code function: | 1_2_00478334 | |
Source: | Code function: | 1_2_00460658 | |
Source: | Code function: | 1_2_0045EC50 | |
Source: | Code function: | 1_2_00491EBC |
Source: | Code function: | 0_2_00409A14 |
Source: | Thread delayed: | Jump to behavior |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | API call chain: | graph_0-6301 | ||
Source: | API call chain: | graph_4-20040 |
Source: | Code function: | 4_2_02AF00FE |
Source: | Code function: | 4_2_02AF00FE |
Source: | Code function: | 1_2_00447DC0 |
Source: | Code function: | 4_2_02AD6487 |
Source: | Code function: | 4_2_02AE9468 |
Source: | Code function: | 1_2_004734AC |
Source: | Code function: | 1_2_0045AEE4 |
Source: | Code function: | 4_2_02AE7FAD |
Source: | Code function: | 0_2_0040515C | |
Source: | Code function: | 0_2_004051A8 | |
Source: | Code function: | 1_2_004084D0 | |
Source: | Code function: | 1_2_0040851C |
Source: | Code function: | 1_2_004569D4 |
Source: | Code function: | 0_2_004026C4 |
Source: | Code function: | 1_2_00453D04 |
Source: | Code function: | 0_2_00405C44 |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 3 Native API | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 1 Deobfuscate/Decode Files or Information | OS Credential Dumping | 1 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | 2 Service Execution | 4 Windows Service | 1 DLL Side-Loading | 3 Obfuscated Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | 1 Bootkit | 1 Access Token Manipulation | 22 Software Packing | Security Account Manager | 3 File and Directory Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Non-Standard Port | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 4 Windows Service | 1 DLL Side-Loading | NTDS | 35 System Information Discovery | Distributed Component Object Model | Input Capture | 2 Non-Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 2 Process Injection | 1 Masquerading | LSA Secrets | 41 Security Software Discovery | SSH | Keylogging | 12 Application Layer Protocol | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 21 Virtualization/Sandbox Evasion | Cached Domain Credentials | 21 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 1 Access Token Manipulation | DCSync | 11 Application Window Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 2 Process Injection | Proc Filesystem | 3 System Owner/User Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | 1 Bootkit | /etc/passwd and /etc/shadow | 1 Remote System Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
IP Addresses | Compromise Infrastructure | Supply Chain Compromise | PowerShell | Cron | Cron | Dynamic API Resolution | Network Sniffing | 1 System Network Configuration Discovery | Shared Webroot | Local Data Staging | File Transfer Protocols | Exfiltration Over Asymmetric Encrypted Non-C2 Protocol | External Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
8% | Virustotal | Browse | ||
100% | Avira | HEUR/AGEN.1332570 |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Joe Sandbox ML | |||
100% | Joe Sandbox ML | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs |
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
1% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse | ||
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
8% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
csoodgx.net | 45.142.214.240 | true | true | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown | |
true |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| low | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
45.142.214.240 | csoodgx.net | Russian Federation | 200019 | ALEXHOSTMD | true | |
89.105.201.183 | unknown | Netherlands | 24875 | NOVOSERVE-ASNL | false |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1417474 |
Start date and time: | 2024-03-29 12:08:05 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 54s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | file.exe |
Detection: | MAL |
Classification: | mal100.troj.evad.winEXE@7/27@1/2 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
- Report size getting too big, too many NtDeviceIoControlFile calls found.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
Time | Type | Description |
---|---|---|
12:09:25 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
45.142.214.240 | Get hash | malicious | Socks5Systemz | Browse | ||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
89.105.201.183 | Get hash | malicious | Glupteba, Mars Stealer, Socks5Systemz, Stealc, Vidar | Browse |
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
ALEXHOSTMD | Get hash | malicious | Phisher | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | ScreenConnect Tool | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
NOVOSERVE-ASNL | Get hash | malicious | Glupteba, Mars Stealer, Socks5Systemz, Stealc, Vidar | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
|
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
C:\Users\user\AppData\Local\Metatogger Music Collection\is-6VPG9.tmp | Get hash | malicious | Amadey, Glupteba, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoader | Browse | ||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
C:\Users\user\AppData\Local\Metatogger Music Collection\is-2EOVT.tmp | Get hash | malicious | Amadey, Glupteba, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoader | Browse | ||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse |
Process: | C:\Users\user\AppData\Local\Metatogger Music Collection\metatoggermusiccollection.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1853204 |
Entropy (8bit): | 7.097039022655032 |
Encrypted: | false |
SSDEEP: | 24576:MpHpU1XpkfxgVpDRpGTpbi8p/Qup0dwJewzk+xfergEEMo947gNSqeB8xivxB1Lt:MR2pUxgV1RwT/xQu6dw0wQ+xY9VF72A |
MD5: | CC6DE23FFDBD2BC10F9CFD9E44659A2D |
SHA1: | 418C982C63DA06773421F92266BADA86761701EB |
SHA-256: | B7DFAAFB460D5AB8F2F0CE0FA5F12833EAAF20AAE9A9919A5EB83743EAF4FE1A |
SHA-512: | 9DAC3574E65E2F172620FBAA591E464C1331479480F2F5A25ABE6FFE52A9A8544222D219E84E8C72F4334B2D18053B62DA76C8EFAE2A3F5A45CC95D9311EED8B |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
Process: | C:\Users\user\AppData\Local\Metatogger Music Collection\metatoggermusiccollection.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | 3:E:E |
MD5: | 14791D7C7467A6BB2F140BCAF8B145F4 |
SHA1: | 44127D404CAAB816C2DDB4644A9B9FA6BCCC429D |
SHA-256: | 4A11C2997424CD7A381ECA1948DD4C442CB4B2A8086B676ECF67EFF032EAACEC |
SHA-512: | 0E342BD795A6B44B88CFC8DC3EFCFCAB0F77C44C4BDF943E94C838FBC416FB26FAEFD2F0D6CC9FE86DAC39C251D35AEDF0B8EF87D7C1ACB88DF6032E2C674970 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Users\user\AppData\Local\Metatogger Music Collection\metatoggermusiccollection.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 128 |
Entropy (8bit): | 2.9545817380615236 |
Encrypted: | false |
SSDEEP: | 3:SmwW3Fde9UUDrjStGs/:Smze7DPStGM |
MD5: | 98DDA7FC0B3E548B68DE836D333D1539 |
SHA1: | D0CB784FA2BBD3BDE2BA4400211C3B613638F1C6 |
SHA-256: | 870555CDCBA1F066D893554731AE99A21AE776D41BCB680CBD6510CB9F420E3D |
SHA-512: | E79BD8C2E0426DBEBA8AC2350DA66DC0413F79860611A05210905506FEF8B80A60BB7E76546B0CE9C6E6BC9DDD4BC66FF4C438548F26187EAAF6278F769B3AC1 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Users\user\AppData\Local\Metatogger Music Collection\metatoggermusiccollection.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 128 |
Entropy (8bit): | 1.2701231977328944 |
Encrypted: | false |
SSDEEP: | 3:WAmJuXDz8/:HHzc |
MD5: | 0D6174E4525CFDED5DD1C9440B9DC1E7 |
SHA1: | 173EF30A035CE666278904625EADCFAE09233A47 |
SHA-256: | 458677CDF0E1A4E87D32AB67D6A5EEA9E67CB3545D79A21A0624E6BB5E1087E7 |
SHA-512: | 86DA96385985A1BA3D67A8676A041CA563838F474DF33D82B6ECD90C101703B30747121A6B7281E025A3C11CE28ACCEDFC94DB4E8D38E391199458056C2CD27A |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Users\user\AppData\Local\Metatogger Music Collection\metatoggermusiccollection.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8 |
Entropy (8bit): | 2.0 |
Encrypted: | false |
SSDEEP: | 3:8Dll/:85t |
MD5: | 499E1B783576DBE7AC7AAF790755C813 |
SHA1: | 099C55F6EA301C88E0FA803E40BD99FF953E2D06 |
SHA-256: | 57B2FF1FB01C3647CFE413DF6539ADD7F9E663BC6687324011DD6195FC744534 |
SHA-512: | B34B93000C0041126F793497D1BA2CBD697FD9980E97D7C2A6F7AB458BADD6EB95F79DE17AB13ECCEDBB41D82C6449EE6E29ED4B58ED7ADAF9A540C107C6D8AA |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 105784 |
Entropy (8bit): | 6.258144336244945 |
Encrypted: | false |
SSDEEP: | 1536:2VpMEh4vFu4sry2jkEw0D2cXTY+sgmX18CGLganGc:2Vai3yjEw0DNX03gmqCOD3 |
MD5: | 0C6452935851B7CDB3A365AECD2DD260 |
SHA1: | 83EF3CD7F985ACC113A6DE364BDB376DBF8D2F48 |
SHA-256: | F8385D08BD44B213FF2A2C360FE01AE8A1EDA5311C7E1FC1A043C524E899A8ED |
SHA-512: | 5FF21A85EE28665C4E707C7044F122D1BAC8E408A06F8EA16E33A8C9201798D196FA65B24327F208C4FF415E24A5AD2414FE7A91D9C0B0D8CFF88299111F2E1D |
Malicious: | true |
Antivirus: |
|
Joe Sandbox View: |
|
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 125637 |
Entropy (8bit): | 6.2640431186303145 |
Encrypted: | false |
SSDEEP: | 3072:lRvT0WUWJXNEn9bufmWAHE9pQIAOBmuWR2:DT0WU6E9Kfms9p5guWc |
MD5: | 6231B452E676ADE27CA0CEB3A3CF874A |
SHA1: | F8236DBF9FA3B2835BBB5A8D08DAB3A155F310D1 |
SHA-256: | 9941EEE1CAFFFAD854AB2DFD49BF6E57B181EFEB4E2D731BA7A28F5AB27E91CF |
SHA-512: | F5882A3CDED0A4E498519DE5679EA12A0EA275C220E318AF1762855A94BDAC8DC5413D1C5D1A55A7CC31CFEBCF4647DCF1F653195536CE1826A3002CF01AA12C |
Malicious: | true |
Antivirus: |
|
Joe Sandbox View: |
|
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 176200 |
Entropy (8bit): | 6.647007817777345 |
Encrypted: | false |
SSDEEP: | 1536:9teve4OMTqM/iKAo+/zO9RhR9aPTxRm1TxStoBtwIbaU+yUsXxTTLRazIxSp/FjU:ze24OM+M/bAWK9Rm1NXwIl+/I9RtqIn |
MD5: | 6896DC57D056879F929206A0A7692A34 |
SHA1: | D2F709CDE017C42916172E9178A17EB003917189 |
SHA-256: | 8A7D2DA7685CEDB267BFA7F0AD3218AFA28F4ED2F1029EE920D66EB398F3476D |
SHA-512: | CD1A981D5281E8B2E6A8C27A57CDB65ED1498DE21D2B7A62EDC945FB380DEA258F47A9EC9E53BD43D603297635EDFCA95EBCB2A962812CD53C310831242384B8 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 1853204 |
Entropy (8bit): | 7.097038847389474 |
Encrypted: | false |
SSDEEP: | 24576:lpHpU1XpkfxgVpDRpGTpbi8p/Qup0dwJewzk+xfergEEMo947gNSqeB8xivxB1Lt:lR2pUxgV1RwT/xQu6dw0wQ+xY9VF72A |
MD5: | 6476CEDDC8C769258E88D80A26B424D0 |
SHA1: | 07AFEFF8B37411E77554FD40A8B9897A7E6CA1A5 |
SHA-256: | EB796CE1BDE0BEB3DFAC6109A9229CD946403F7D932DF8979BF44C6A18B5B6B1 |
SHA-512: | 9A7E4103BF2FACFFCBBB81E16BCB7C5818E0888E276A2B1BA6247BA943CFFD76B9BD3EF14AB93A384854B5E47FC08B1F33F131862EDF343983D182BC3E4BB24C |
Malicious: | false |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 704282 |
Entropy (8bit): | 6.476114986803567 |
Encrypted: | false |
SSDEEP: | 12288:dhg/qrLc0yVrPg37AzHqA63JJVndjzrN6IRpO9+u1nWXExydK:o/qrQ0yVrPg37AzHqA6Zfn093NWXExyM |
MD5: | 4F22DFEEA2A871E85C620A3A85A06D36 |
SHA1: | 47CBC1D887AEF7F4F1F3460967FBA4180DDA154E |
SHA-256: | 2D529D076A78BEC4EC6C0DAF805BD19087E01E1D9CC8E1F1107B8CCEB8D12E4F |
SHA-512: | 5F80087EF9A1C064AF5EAE5AC0D3BEFA75650874D2952054B040F31C6C161BD3324D084108EF1F6DEA00CFBFD55FB449A78DBDB2CE6CA150ED392C44AF20CC29 |
Malicious: | true |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 125637 |
Entropy (8bit): | 6.2640431186303145 |
Encrypted: | false |
SSDEEP: | 3072:lRvT0WUWJXNEn9bufmWAHE9pQIAOBmuWR2:DT0WU6E9Kfms9p5guWc |
MD5: | 6231B452E676ADE27CA0CEB3A3CF874A |
SHA1: | F8236DBF9FA3B2835BBB5A8D08DAB3A155F310D1 |
SHA-256: | 9941EEE1CAFFFAD854AB2DFD49BF6E57B181EFEB4E2D731BA7A28F5AB27E91CF |
SHA-512: | F5882A3CDED0A4E498519DE5679EA12A0EA275C220E318AF1762855A94BDAC8DC5413D1C5D1A55A7CC31CFEBCF4647DCF1F653195536CE1826A3002CF01AA12C |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 40974 |
Entropy (8bit): | 6.485702128133584 |
Encrypted: | false |
SSDEEP: | 768:kB8JMzjwsTYQgUvXtrs7GtUplYj7SG7MLXm:kmMwsTYwvXhZP77SW |
MD5: | F47E78AD658B2767461EA926060BF3DD |
SHA1: | 9BA8A1909864157FD12DDEE8B94536CEA04D8BD6 |
SHA-256: | 602C2B9F796DA7BA7BF877BF624AC790724800074D0E12FFA6861E29C1A38144 |
SHA-512: | 216FA5AA6027C2896EA5C499638DB7298DFE311D04E1ABAC302D6CE7F8D3ED4B9F4761FE2F4951F6F89716CA8104FA4CE3DFECCDBCA77ED10638328D0F13546B |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 68552 |
Entropy (8bit): | 6.1042544770100395 |
Encrypted: | false |
SSDEEP: | 768:Jd8ALXCfP6bO/XfLCwiWBot9ZOGLuNTizPm3YRiFVinPHF:X8fq+X9OjZ2APm3YeinPl |
MD5: | F06B0761D27B9E69A8F1220846FF12AF |
SHA1: | E3A2F4F12A5291EE8DDC7A185DB2699BFFADFE1A |
SHA-256: | E85AECC40854203B4A2F4A0249F875673E881119181E3DF2968491E31AD372A4 |
SHA-512: | 5821EA0084524569E07BB18AA2999E3193C97AA52DA6932A7971A61DD03D0F08CA9A2D4F98EB96A603B99F65171F6D495D3E8F2BBB2FC90469C741EF11B514E9 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 105784 |
Entropy (8bit): | 6.258144336244945 |
Encrypted: | false |
SSDEEP: | 1536:2VpMEh4vFu4sry2jkEw0D2cXTY+sgmX18CGLganGc:2Vai3yjEw0DNX03gmqCOD3 |
MD5: | 0C6452935851B7CDB3A365AECD2DD260 |
SHA1: | 83EF3CD7F985ACC113A6DE364BDB376DBF8D2F48 |
SHA-256: | F8385D08BD44B213FF2A2C360FE01AE8A1EDA5311C7E1FC1A043C524E899A8ED |
SHA-512: | 5FF21A85EE28665C4E707C7044F122D1BAC8E408A06F8EA16E33A8C9201798D196FA65B24327F208C4FF415E24A5AD2414FE7A91D9C0B0D8CFF88299111F2E1D |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 125637 |
Entropy (8bit): | 6.2640431186303145 |
Encrypted: | false |
SSDEEP: | 3072:lRvT0WUWJXNEn9bufmWAHE9pQIAOBmuWR2:DT0WU6E9Kfms9p5guWc |
MD5: | 6231B452E676ADE27CA0CEB3A3CF874A |
SHA1: | F8236DBF9FA3B2835BBB5A8D08DAB3A155F310D1 |
SHA-256: | 9941EEE1CAFFFAD854AB2DFD49BF6E57B181EFEB4E2D731BA7A28F5AB27E91CF |
SHA-512: | F5882A3CDED0A4E498519DE5679EA12A0EA275C220E318AF1762855A94BDAC8DC5413D1C5D1A55A7CC31CFEBCF4647DCF1F653195536CE1826A3002CF01AA12C |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 40974 |
Entropy (8bit): | 6.485702128133584 |
Encrypted: | false |
SSDEEP: | 768:kB8JMzjwsTYQgUvXtrs7GtUplYj7SG7MLXm:kmMwsTYwvXhZP77SW |
MD5: | F47E78AD658B2767461EA926060BF3DD |
SHA1: | 9BA8A1909864157FD12DDEE8B94536CEA04D8BD6 |
SHA-256: | 602C2B9F796DA7BA7BF877BF624AC790724800074D0E12FFA6861E29C1A38144 |
SHA-512: | 216FA5AA6027C2896EA5C499638DB7298DFE311D04E1ABAC302D6CE7F8D3ED4B9F4761FE2F4951F6F89716CA8104FA4CE3DFECCDBCA77ED10638328D0F13546B |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 176200 |
Entropy (8bit): | 6.647007817777345 |
Encrypted: | false |
SSDEEP: | 1536:9teve4OMTqM/iKAo+/zO9RhR9aPTxRm1TxStoBtwIbaU+yUsXxTTLRazIxSp/FjU:ze24OM+M/bAWK9Rm1NXwIl+/I9RtqIn |
MD5: | 6896DC57D056879F929206A0A7692A34 |
SHA1: | D2F709CDE017C42916172E9178A17EB003917189 |
SHA-256: | 8A7D2DA7685CEDB267BFA7F0AD3218AFA28F4ED2F1029EE920D66EB398F3476D |
SHA-512: | CD1A981D5281E8B2E6A8C27A57CDB65ED1498DE21D2B7A62EDC945FB380DEA258F47A9EC9E53BD43D603297635EDFCA95EBCB2A962812CD53C310831242384B8 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 68552 |
Entropy (8bit): | 6.1042544770100395 |
Encrypted: | false |
SSDEEP: | 768:Jd8ALXCfP6bO/XfLCwiWBot9ZOGLuNTizPm3YRiFVinPHF:X8fq+X9OjZ2APm3YeinPl |
MD5: | F06B0761D27B9E69A8F1220846FF12AF |
SHA1: | E3A2F4F12A5291EE8DDC7A185DB2699BFFADFE1A |
SHA-256: | E85AECC40854203B4A2F4A0249F875673E881119181E3DF2968491E31AD372A4 |
SHA-512: | 5821EA0084524569E07BB18AA2999E3193C97AA52DA6932A7971A61DD03D0F08CA9A2D4F98EB96A603B99F65171F6D495D3E8F2BBB2FC90469C741EF11B514E9 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | modified |
Size (bytes): | 1853204 |
Entropy (8bit): | 7.097039022655032 |
Encrypted: | false |
SSDEEP: | 24576:MpHpU1XpkfxgVpDRpGTpbi8p/Qup0dwJewzk+xfergEEMo947gNSqeB8xivxB1Lt:MR2pUxgV1RwT/xQu6dw0wQ+xY9VF72A |
MD5: | CC6DE23FFDBD2BC10F9CFD9E44659A2D |
SHA1: | 418C982C63DA06773421F92266BADA86761701EB |
SHA-256: | B7DFAAFB460D5AB8F2F0CE0FA5F12833EAAF20AAE9A9919A5EB83743EAF4FE1A |
SHA-512: | 9DAC3574E65E2F172620FBAA591E464C1331479480F2F5A25ABE6FFE52A9A8544222D219E84E8C72F4334B2D18053B62DA76C8EFAE2A3F5A45CC95D9311EED8B |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 4833 |
Entropy (8bit): | 4.734964346980098 |
Encrypted: | false |
SSDEEP: | 96:F6dWw389HpVl42jz9k+eOIh+s4cVSQs0Ln0eosN:kdWw3kHpVPrHIhQcVSQ1n0/w |
MD5: | 68939F1ADEACEF1F38CDA33036CE41F6 |
SHA1: | 58FA7896203CFD5F93A810E804024A15B7C57CFF |
SHA-256: | 5CB5EAAD4F0FF6066CC290499E080C7F3D7E0C570CB4475A496A71D7C3785C50 |
SHA-512: | E362D1B4CC6FCFA3E735C7525BAAD038B1F897F8978C963F8014B2BFC97DC4A0E900AA703E51665E953F772B2EEEFC0E8D9DFC97B721CFBD55AB2A4EC8EBA761 |
Malicious: | false |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 704282 |
Entropy (8bit): | 6.476114986803567 |
Encrypted: | false |
SSDEEP: | 12288:dhg/qrLc0yVrPg37AzHqA63JJVndjzrN6IRpO9+u1nWXExydK:o/qrQ0yVrPg37AzHqA6Zfn093NWXExyM |
MD5: | 4F22DFEEA2A871E85C620A3A85A06D36 |
SHA1: | 47CBC1D887AEF7F4F1F3460967FBA4180DDA154E |
SHA-256: | 2D529D076A78BEC4EC6C0DAF805BD19087E01E1D9CC8E1F1107B8CCEB8D12E4F |
SHA-512: | 5F80087EF9A1C064AF5EAE5AC0D3BEFA75650874D2952054B040F31C6C161BD3324D084108EF1F6DEA00CFBFD55FB449A78DBDB2CE6CA150ED392C44AF20CC29 |
Malicious: | true |
Preview: |
Process: | C:\Users\user\Desktop\file.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 693760 |
Entropy (8bit): | 6.467807457190382 |
Encrypted: | false |
SSDEEP: | 12288:lhg/qrLc0yVrPg37AzHqA63JJVndjzrN6IRpO9+u1nWXExyd:A/qrQ0yVrPg37AzHqA6Zfn093NWXExyd |
MD5: | 8E02BC0DF97F95A1DF3FD1EEE341C73F |
SHA1: | 725A46C1380C1D56BCFDF2E1E69EFBABA192A1CB |
SHA-256: | 52823D5894E5BD513EAE0EFAC44079187A078A37D023017D37670D1381B4566D |
SHA-512: | 522CB11FFDC238F2FEBBCA868D52887B2C3B957EE51448488B3949F7AD7707103891FD5C80B0105FFFDEBFB7B666FADD58AFA6E0060D789DC5B1E6C652A73449 |
Malicious: | true |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 4096 |
Entropy (8bit): | 4.026670007889822 |
Encrypted: | false |
SSDEEP: | 48:ivuz1hEU3FR/pmqBl8/QMCBaquEMx5BC+SS4k+bkguj0KHc:bz1eEFNcqBC/Qrex5iSKDkc |
MD5: | 0EE914C6F0BB93996C75941E1AD629C6 |
SHA1: | 12E2CB05506EE3E82046C41510F39A258A5E5549 |
SHA-256: | 4DC09BAC0613590F1FAC8771D18AF5BE25A1E1CB8FDBF4031AA364F3057E74A2 |
SHA-512: | A899519E78125C69DC40F7E371310516CF8FAA69E3B3FF747E0DDF461F34E50A9FF331AB53B4D07BB45465039E8EBA2EE4684B3EE56987977AE8C7721751F5F9 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 2560 |
Entropy (8bit): | 2.8818118453929262 |
Encrypted: | false |
SSDEEP: | 24:e1GSgDIX566lIB6SXvVmMPUjvhBrDsqZ:SgDKRlVImgUNBsG |
MD5: | A69559718AB506675E907FE49DEB71E9 |
SHA1: | BC8F404FFDB1960B50C12FF9413C893B56F2E36F |
SHA-256: | 2F6294F9AA09F59A574B5DCD33BE54E16B39377984F3D5658CDA44950FA0F8FC |
SHA-512: | E52E0AA7FE3F79E36330C455D944653D449BA05B2F9ABEE0914A0910C3452CFA679A40441F9AC696B3CCF9445CBB85095747E86153402FC362BB30AC08249A63 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 32768 |
Entropy (8bit): | 4.058068250306624 |
Encrypted: | false |
SSDEEP: | 192:46MTeid8XO+N2RPnqkHM2rrRbwz6ln+rnbdaBlJBRJBBti94muL+Xh2IwoXAsLi2:ST6O+NwqAM+k6lnWnboZDXyRPtAsLiA |
MD5: | B6F11A0AB7715F570F45900A1FE84732 |
SHA1: | 77B1201E535445AF5EA94C1B03C0A1C34D67A77B |
SHA-256: | E47DD306A9854599F02BC1B07CA6DFBD5220F8A1352FAA9616D1A327DE0BBF67 |
SHA-512: | 78A757E67D21EB7CC95954DF15E3EEFF56113D6B40FB73F0C5F53304265CC52C79125D6F1B3655B64F9A411711B5B70F746080D708D7C222F4E65BAD64B1B771 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 6144 |
Entropy (8bit): | 4.215994423157539 |
Encrypted: | false |
SSDEEP: | 96:sfkcXegaJ/ZAYNzcld1xaX12pS5SKvkc:sfJEVYlvxaX12EF |
MD5: | 4FF75F505FDDCC6A9AE62216446205D9 |
SHA1: | EFE32D504CE72F32E92DCF01AA2752B04D81A342 |
SHA-256: | A4C86FC4836AC728D7BD96E7915090FD59521A9E74F1D06EF8E5A47C8695FD81 |
SHA-512: | BA0469851438212D19906D6DA8C4AE95FF1C0711A095D9F21F13530A6B8B21C3ACBB0FF55EDB8A35B41C1A9A342F5D3421C00BA395BC13BB1EF5902B979CE824 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-4BCG1.tmp\file.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 23312 |
Entropy (8bit): | 4.596242908851566 |
Encrypted: | false |
SSDEEP: | 384:+Vm08QoKkiWZ76UJuP71W55iWHHoSHigH2euwsHTGHVb+VHHmnH+aHjHqLHxmoq1:2m08QotiCjJuPGw4 |
MD5: | 92DC6EF532FBB4A5C3201469A5B5EB63 |
SHA1: | 3E89FF837147C16B4E41C30D6C796374E0B8E62C |
SHA-256: | 9884E9D1B4F8A873CCBD81F8AD0AE257776D2348D027D811A56475E028360D87 |
SHA-512: | 9908E573921D5DBC3454A1C0A6C969AB8A81CC2E8B5385391D46B1A738FB06A76AA3282E0E58D0D2FFA6F27C85668CD5178E1500B8A39B1BBAE04366AE6A86D3 |
Malicious: | false |
Antivirus: |
|
Preview: |
File type: | |
Entropy (8bit): | 7.994207338297064 |
TrID: |
|
File name: | file.exe |
File size: | 2'049'145 bytes |
MD5: | f306ea1faa91611b7bc26e9cc0bd3956 |
SHA1: | accc3aa32f33273b46765d024c0cb16cc8463486 |
SHA256: | ff66d8e75eccb014fd09adc9045bd1630219def9a7635d4a9ac382466eb7f435 |
SHA512: | da7398c9b8022b66a038e5c42c90b8ddafdb0b0d1a9a2c466582f4f13b02a90d4e51033cfeba5410ba5def247232192541e7eaafa01102e59370f3ee4c6d1608 |
SSDEEP: | 49152:32e2wVd44xMOR2voxA14iCOeIVjwpEoC+M3NEPTWmxbX+X3g4gtStO:meLV6rOWgAOirtjYEow3ePSWL+Hg4kwO |
TLSH: | AA9533435A8544BAF121BDF7BAB06A08B4AB6E333279B108390F0CC92D3FA7555DC785 |
File Content Preview: | MZP.....................@...............................................!..L.!..This program must be run under Win32..$7....................................................................................................................................... |
Icon Hash: | 2d2e3797b32b2b99 |
Entrypoint: | 0x409b24 |
Entrypoint Section: | CODE |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI |
DLL Characteristics: | TERMINAL_SERVER_AWARE |
Time Stamp: | 0x2A425E19 [Fri Jun 19 22:22:17 1992 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 1 |
OS Version Minor: | 0 |
File Version Major: | 1 |
File Version Minor: | 0 |
Subsystem Version Major: | 1 |
Subsystem Version Minor: | 0 |
Import Hash: | 884310b1928934402ea6fec1dbd3cf5e |
Instruction |
---|
push ebp |
mov ebp, esp |
add esp, FFFFFFC4h |
push ebx |
push esi |
push edi |
xor eax, eax |
mov dword ptr [ebp-10h], eax |
mov dword ptr [ebp-24h], eax |
call 00007F4EA0E23B37h |
call 00007F4EA0E24D3Eh |
call 00007F4EA0E26F69h |
call 00007F4EA0E26FB0h |
call 00007F4EA0E298A3h |
call 00007F4EA0E29A0Ah |
xor eax, eax |
push ebp |
push 0040A1DBh |
push dword ptr fs:[eax] |
mov dword ptr fs:[eax], esp |
xor edx, edx |
push ebp |
push 0040A1A4h |
push dword ptr fs:[edx] |
mov dword ptr fs:[edx], esp |
mov eax, dword ptr [0040C014h] |
call 00007F4EA0E2A430h |
call 00007F4EA0E29F97h |
lea edx, dword ptr [ebp-10h] |
xor eax, eax |
call 00007F4EA0E27599h |
mov edx, dword ptr [ebp-10h] |
mov eax, 0040CDE4h |
call 00007F4EA0E23BE8h |
push 00000002h |
push 00000000h |
push 00000001h |
mov ecx, dword ptr [0040CDE4h] |
mov dl, 01h |
mov eax, 004072ECh |
call 00007F4EA0E27E28h |
mov dword ptr [0040CDE8h], eax |
xor edx, edx |
push ebp |
push 0040A15Ch |
push dword ptr fs:[edx] |
mov dword ptr fs:[edx], esp |
call 00007F4EA0E2A4A0h |
mov dword ptr [0040CDF0h], eax |
mov eax, dword ptr [0040CDF0h] |
cmp dword ptr [eax+0Ch], 01h |
jne 00007F4EA0E2A5DAh |
mov eax, dword ptr [0040CDF0h] |
mov edx, 00000028h |
call 00007F4EA0E28229h |
mov edx, dword ptr [0040CDF0h] |
cmp eax, dword ptr [edx+00h] |
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xd000 | 0x950 | .idata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x11000 | 0x2c00 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0xf000 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
CODE | 0x1000 | 0x9244 | 0x9400 | 00d95da090f9b045cc52199c7b36d118 | False | 0.6099820523648649 | data | 6.529731839731562 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
DATA | 0xb000 | 0x24c | 0x400 | 39d5f89b5ecafeb0fe902996045df0e7 | False | 0.3076171875 | data | 2.734702734719094 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
BSS | 0xc000 | 0xe48 | 0x0 | d41d8cd98f00b204e9800998ecf8427e | False | 0 | empty | 0.0 | IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.idata | 0xd000 | 0x950 | 0xa00 | bb5485bf968b970e5ea81292af2acdba | False | 0.414453125 | data | 4.430733069799036 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.tls | 0xe000 | 0x8 | 0x0 | d41d8cd98f00b204e9800998ecf8427e | False | 0 | empty | 0.0 | IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rdata | 0xf000 | 0x18 | 0x200 | 9ba824905bf9c7922b6fc87a38b74366 | False | 0.052734375 | data | 0.2044881574398449 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ |
.reloc | 0x10000 | 0x8b4 | 0x0 | d41d8cd98f00b204e9800998ecf8427e | False | 0 | empty | 0.0 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ |
.rsrc | 0x11000 | 0x2c00 | 0x2c00 | 3838d4184c8472ffbcdb08caec92e21c | False | 0.32359730113636365 | data | 4.465277888232694 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0x11354 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | Dutch | Netherlands | 0.5675675675675675 |
RT_ICON | 0x1147c | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 320 | Dutch | Netherlands | 0.4486994219653179 |
RT_ICON | 0x119e4 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 640 | Dutch | Netherlands | 0.4637096774193548 |
RT_ICON | 0x11ccc | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 1152 | Dutch | Netherlands | 0.3935018050541516 |
RT_STRING | 0x12574 | 0x2f2 | data | 0.35543766578249336 | ||
RT_STRING | 0x12868 | 0x30c | data | 0.3871794871794872 | ||
RT_STRING | 0x12b74 | 0x2ce | data | 0.42618384401114207 | ||
RT_STRING | 0x12e44 | 0x68 | data | 0.75 | ||
RT_STRING | 0x12eac | 0xb4 | data | 0.6277777777777778 | ||
RT_STRING | 0x12f60 | 0xae | data | 0.5344827586206896 | ||
RT_RCDATA | 0x13010 | 0x2c | data | 1.2045454545454546 | ||
RT_GROUP_ICON | 0x1303c | 0x3e | data | English | United States | 0.8387096774193549 |
RT_VERSION | 0x1307c | 0x4b8 | COM executable for DOS | English | United States | 0.2814569536423841 |
RT_MANIFEST | 0x13534 | 0x560 | XML 1.0 document, ASCII text, with CRLF line terminators | English | United States | 0.4251453488372093 |
DLL | Import |
---|---|
kernel32.dll | DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, WideCharToMultiByte, TlsSetValue, TlsGetValue, MultiByteToWideChar, GetModuleHandleA, GetLastError, GetCommandLineA, WriteFile, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetSystemTime, GetFileType, ExitProcess, CreateFileA, CloseHandle |
user32.dll | MessageBoxA |
oleaut32.dll | VariantChangeTypeEx, VariantCopyInd, VariantClear, SysStringLen, SysAllocStringLen |
advapi32.dll | RegQueryValueExA, RegOpenKeyExA, RegCloseKey, OpenProcessToken, LookupPrivilegeValueA |
kernel32.dll | WriteFile, VirtualQuery, VirtualProtect, VirtualFree, VirtualAlloc, Sleep, SizeofResource, SetLastError, SetFilePointer, SetErrorMode, SetEndOfFile, RemoveDirectoryA, ReadFile, LockResource, LoadResource, LoadLibraryA, IsDBCSLeadByte, GetWindowsDirectoryA, GetVersionExA, GetUserDefaultLangID, GetSystemInfo, GetSystemDefaultLCID, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetFullPathNameA, GetFileSize, GetFileAttributesA, GetExitCodeProcess, GetEnvironmentVariableA, GetCurrentProcess, GetCommandLineA, GetACP, InterlockedExchange, FormatMessageA, FindResourceA, DeleteFileA, CreateProcessA, CreateFileA, CreateDirectoryA, CloseHandle |
user32.dll | TranslateMessage, SetWindowLongA, PeekMessageA, MsgWaitForMultipleObjects, MessageBoxA, LoadStringA, ExitWindowsEx, DispatchMessageA, DestroyWindow, CreateWindowExA, CallWindowProcA, CharPrevA |
comctl32.dll | InitCommonControls |
advapi32.dll | AdjustTokenPrivileges |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
Dutch | Netherlands | |
English | United States |
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
03/29/24-12:09:45.420994 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49712 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:33.201024 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49773 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:31.266790 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49770 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:09:50.438859 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49718 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:29.343836 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49767 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:25.092185 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49761 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:35.156161 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49776 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:45.795139 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49788 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:42.173450 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49785 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:09:52.762235 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49721 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:37.498093 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49779 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:49.656205 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49794 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:10.485514 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49746 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:16.841602 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49752 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:47.724356 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49791 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:39.408449 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49782 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:21.519109 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49758 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:19.594654 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49755 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:14.920798 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49749 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:27.424287 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49764 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:09:58.919317 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49728 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:20.874262 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49757 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:43.222189 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49786 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:38.127296 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49780 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:09:53.388422 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49722 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:26.780979 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49763 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:53.501609 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49800 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:30.625360 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49769 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:52.218008 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49798 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:09:49.624355 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49716 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:07.520008 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49740 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:34.518099 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49775 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:03.645340 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49734 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:26.142227 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49762 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:02.989420 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49733 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:29.982779 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49768 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:51.565445 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49797 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:06.876572 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49739 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:33.860666 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49774 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:09:58.280004 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49727 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:16.200826 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49751 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:48.356929 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49792 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:08.153311 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49741 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:09.844842 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49744 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:04.284502 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49735 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:52.864072 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49799 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:49.012408 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49793 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:17.904399 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49753 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:09:59.565419 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49729 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:20.232000 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49756 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:06.232200 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49738 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:11.167852 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49747 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:38.765184 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49781 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:47.079531 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49790 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:09:52.123640 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49720 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:41.536693 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49784 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:43.860067 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49787 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:09:57.218726 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49726 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:36.862357 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49778 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:15.568464 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49750 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:09:54.451755 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49723 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:02.326674 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49732 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:50.920566 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49796 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:09:55.746985 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49725 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:18.951435 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49754 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:46.435554 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49789 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:40.888750 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49783 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:01.265583 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49731 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:50.283368 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49795 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:05.594232 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49737 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:09:51.076317 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49719 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:13.452004 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49748 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:31.920222 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49771 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:28.703817 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49766 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:00.203383 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49730 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:32.566269 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49772 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:09:55.106879 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49724 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:28.062365 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49765 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:09:48.936277 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49713 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:36.217358 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49777 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:22.983300 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49759 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:09.201668 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49742 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:23.628743 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49760 | 80 | 192.168.2.5 | 45.142.214.240 |
03/29/24-12:10:04.939736 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49736 | 80 | 192.168.2.5 | 45.142.214.240 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 29, 2024 12:09:45.197357893 CET | 49712 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:45.418050051 CET | 80 | 49712 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:45.418313026 CET | 49712 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:45.420994043 CET | 49712 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:45.641526937 CET | 80 | 49712 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:45.725605965 CET | 80 | 49712 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:45.725667000 CET | 49712 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:45.843434095 CET | 49712 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:45.843868971 CET | 49713 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:46.064188004 CET | 80 | 49712 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:46.064270020 CET | 49712 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:46.064341068 CET | 80 | 49713 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:46.064419031 CET | 49713 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:46.064559937 CET | 49713 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:46.285410881 CET | 80 | 49713 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:46.396110058 CET | 80 | 49713 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:46.396125078 CET | 80 | 49713 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:46.396133900 CET | 80 | 49713 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:46.396186113 CET | 49713 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:46.396225929 CET | 49713 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:46.397780895 CET | 49714 | 2023 | 192.168.2.5 | 89.105.201.183 |
Mar 29, 2024 12:09:46.574423075 CET | 2023 | 49714 | 89.105.201.183 | 192.168.2.5 |
Mar 29, 2024 12:09:46.574520111 CET | 49714 | 2023 | 192.168.2.5 | 89.105.201.183 |
Mar 29, 2024 12:09:46.574587107 CET | 49714 | 2023 | 192.168.2.5 | 89.105.201.183 |
Mar 29, 2024 12:09:46.751070976 CET | 2023 | 49714 | 89.105.201.183 | 192.168.2.5 |
Mar 29, 2024 12:09:46.751132011 CET | 49714 | 2023 | 192.168.2.5 | 89.105.201.183 |
Mar 29, 2024 12:09:46.929198980 CET | 2023 | 49714 | 89.105.201.183 | 192.168.2.5 |
Mar 29, 2024 12:09:46.929496050 CET | 2023 | 49714 | 89.105.201.183 | 192.168.2.5 |
Mar 29, 2024 12:09:46.979989052 CET | 49714 | 2023 | 192.168.2.5 | 89.105.201.183 |
Mar 29, 2024 12:09:48.936276913 CET | 49713 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:49.156864882 CET | 80 | 49713 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:49.290200949 CET | 80 | 49713 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:49.290409088 CET | 49713 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:49.404859066 CET | 49713 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:49.405230999 CET | 49716 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:49.623848915 CET | 80 | 49716 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:49.624174118 CET | 49716 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:49.624355078 CET | 49716 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:49.625291109 CET | 80 | 49713 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:49.626215935 CET | 49713 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:49.843043089 CET | 80 | 49716 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:49.931559086 CET | 80 | 49716 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:49.931572914 CET | 80 | 49716 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:49.931696892 CET | 49716 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:49.932878017 CET | 49717 | 2023 | 192.168.2.5 | 89.105.201.183 |
Mar 29, 2024 12:09:50.108164072 CET | 2023 | 49717 | 89.105.201.183 | 192.168.2.5 |
Mar 29, 2024 12:09:50.108246088 CET | 49717 | 2023 | 192.168.2.5 | 89.105.201.183 |
Mar 29, 2024 12:09:50.108319998 CET | 49717 | 2023 | 192.168.2.5 | 89.105.201.183 |
Mar 29, 2024 12:09:50.108370066 CET | 49717 | 2023 | 192.168.2.5 | 89.105.201.183 |
Mar 29, 2024 12:09:50.217657089 CET | 49716 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:50.217991114 CET | 49718 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:50.283684015 CET | 2023 | 49717 | 89.105.201.183 | 192.168.2.5 |
Mar 29, 2024 12:09:50.283699036 CET | 2023 | 49717 | 89.105.201.183 | 192.168.2.5 |
Mar 29, 2024 12:09:50.284740925 CET | 2023 | 49717 | 89.105.201.183 | 192.168.2.5 |
Mar 29, 2024 12:09:50.284787893 CET | 49717 | 2023 | 192.168.2.5 | 89.105.201.183 |
Mar 29, 2024 12:09:50.436357021 CET | 80 | 49716 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:50.436427116 CET | 49716 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:50.438590050 CET | 80 | 49718 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:50.438663960 CET | 49718 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:50.438858986 CET | 49718 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:50.659360886 CET | 80 | 49718 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:50.743694067 CET | 80 | 49718 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:50.743772030 CET | 49718 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:50.857911110 CET | 49718 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:50.858256102 CET | 49719 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:51.076069117 CET | 80 | 49719 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:51.076160908 CET | 49719 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:51.076317072 CET | 49719 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:51.078501940 CET | 80 | 49718 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:51.078576088 CET | 49718 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:51.293808937 CET | 80 | 49719 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:51.380537033 CET | 80 | 49719 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:51.384157896 CET | 49719 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:51.498270035 CET | 49719 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:51.498547077 CET | 49720 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:51.715812922 CET | 80 | 49719 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:51.715893984 CET | 49719 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:51.717698097 CET | 80 | 49720 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:51.717778921 CET | 49720 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:51.717952967 CET | 49720 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:51.937108994 CET | 80 | 49720 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:52.015934944 CET | 80 | 49720 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:52.016000032 CET | 49720 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:52.123640060 CET | 49720 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:52.343316078 CET | 80 | 49720 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:52.426903963 CET | 80 | 49720 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:52.426965952 CET | 49720 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:52.545097113 CET | 49720 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:52.545388937 CET | 49721 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:52.761989117 CET | 80 | 49721 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:52.762087107 CET | 49721 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:52.762234926 CET | 49721 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:52.764368057 CET | 80 | 49720 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:52.764437914 CET | 49720 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:52.978826046 CET | 80 | 49721 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:53.057368994 CET | 80 | 49721 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:53.057449102 CET | 49721 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:53.170212030 CET | 49721 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:53.170497894 CET | 49722 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:53.388156891 CET | 80 | 49722 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:53.388274908 CET | 49722 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:53.388422012 CET | 49722 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:53.399872065 CET | 80 | 49721 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:53.400021076 CET | 49721 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:53.606055021 CET | 80 | 49722 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:53.693662882 CET | 80 | 49722 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:53.693747997 CET | 49722 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:53.810852051 CET | 49722 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:53.811131954 CET | 49723 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:54.029504061 CET | 80 | 49722 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:54.029598951 CET | 49722 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:54.033225060 CET | 80 | 49723 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:54.033298969 CET | 49723 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:54.033443928 CET | 49723 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:54.255656958 CET | 80 | 49723 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:54.343990088 CET | 80 | 49723 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:54.344059944 CET | 49723 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:54.451755047 CET | 49723 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:54.673973083 CET | 80 | 49723 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:54.752840042 CET | 80 | 49723 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:54.752897978 CET | 49723 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:54.873255968 CET | 49723 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:54.873538971 CET | 49724 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:55.095577002 CET | 80 | 49723 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:55.095669031 CET | 49723 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:55.106574059 CET | 80 | 49724 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:55.106677055 CET | 49724 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:55.106878996 CET | 49724 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:55.328385115 CET | 80 | 49724 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:55.416470051 CET | 80 | 49724 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:55.416733027 CET | 49724 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:55.529854059 CET | 49724 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:55.530236006 CET | 49725 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:55.746736050 CET | 80 | 49725 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:55.746927023 CET | 49725 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:55.746984959 CET | 49725 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:55.748971939 CET | 80 | 49724 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:55.749047041 CET | 49724 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:55.963228941 CET | 80 | 49725 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:56.042346954 CET | 80 | 49725 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:56.042440891 CET | 49725 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:56.170717001 CET | 49725 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:56.171078920 CET | 49726 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:56.394764900 CET | 80 | 49725 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:56.394954920 CET | 49725 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:56.395085096 CET | 80 | 49726 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:56.395160913 CET | 49726 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:56.395343065 CET | 49726 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:56.612833023 CET | 80 | 49726 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:56.701100111 CET | 80 | 49726 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:56.701188087 CET | 49726 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:56.811413050 CET | 49726 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:57.029048920 CET | 80 | 49726 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:57.108319044 CET | 80 | 49726 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:57.108494997 CET | 49726 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:57.218725920 CET | 49726 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:57.436541080 CET | 80 | 49726 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:57.524729013 CET | 80 | 49726 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:57.524833918 CET | 49726 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:57.639239073 CET | 49726 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:57.639602900 CET | 49727 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:57.856870890 CET | 80 | 49726 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:57.857044935 CET | 49726 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:57.861933947 CET | 80 | 49727 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:57.862031937 CET | 49727 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:57.862262964 CET | 49727 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:58.084722042 CET | 80 | 49727 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:58.170133114 CET | 80 | 49727 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:58.170341969 CET | 49727 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:58.280004025 CET | 49727 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:58.503022909 CET | 80 | 49727 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:58.582115889 CET | 80 | 49727 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:58.582199097 CET | 49727 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:58.701783895 CET | 49727 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:58.702478886 CET | 49728 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:58.918992043 CET | 80 | 49728 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:58.919095993 CET | 49728 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:58.919317007 CET | 49728 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:58.924187899 CET | 80 | 49727 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:58.924257040 CET | 49727 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:59.135596991 CET | 80 | 49728 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:59.228439093 CET | 80 | 49728 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:59.228524923 CET | 49728 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:59.341824055 CET | 49728 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:59.342129946 CET | 49729 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:59.558181047 CET | 80 | 49728 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:59.558273077 CET | 49728 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:59.564382076 CET | 80 | 49729 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:59.564472914 CET | 49729 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:59.565418959 CET | 49729 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:59.787991047 CET | 80 | 49729 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:59.866986990 CET | 80 | 49729 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:09:59.867069960 CET | 49729 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:59.982947111 CET | 49729 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:09:59.983247042 CET | 49730 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:00.203130007 CET | 80 | 49730 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:00.203228951 CET | 49730 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:00.203382969 CET | 49730 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:00.205538988 CET | 80 | 49729 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:00.205596924 CET | 49729 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:00.422928095 CET | 80 | 49730 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:00.509139061 CET | 80 | 49730 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:00.509219885 CET | 49730 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:00.623573065 CET | 49730 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:00.623888969 CET | 49731 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:00.843079090 CET | 80 | 49730 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:00.843142033 CET | 49730 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:00.843404055 CET | 80 | 49731 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:00.843476057 CET | 49731 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:00.843890905 CET | 49731 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:01.063235044 CET | 80 | 49731 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:01.151525974 CET | 80 | 49731 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:01.151623964 CET | 49731 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:01.265583038 CET | 49731 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:01.485122919 CET | 80 | 49731 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:01.564882994 CET | 80 | 49731 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:01.565071106 CET | 49731 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:01.685792923 CET | 49731 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:01.685972929 CET | 49732 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:01.908251047 CET | 80 | 49732 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:01.908448935 CET | 49732 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:01.908488035 CET | 49732 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:01.925215960 CET | 80 | 49731 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:01.925278902 CET | 49731 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:02.131315947 CET | 80 | 49732 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:02.220505953 CET | 80 | 49732 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:02.220566988 CET | 49732 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:02.326673985 CET | 49732 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:02.550092936 CET | 80 | 49732 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:02.638163090 CET | 80 | 49732 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:02.638225079 CET | 49732 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:02.764374971 CET | 49732 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:02.764709949 CET | 49733 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:02.986947060 CET | 80 | 49732 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:02.986963034 CET | 80 | 49733 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:02.987029076 CET | 49732 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:02.987077951 CET | 49733 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:02.989419937 CET | 49733 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:03.211868048 CET | 80 | 49733 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:03.301316977 CET | 80 | 49733 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:03.301398993 CET | 49733 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:03.420104980 CET | 49733 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:03.420494080 CET | 49734 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:03.645003080 CET | 80 | 49734 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:03.645020962 CET | 80 | 49733 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:03.645097017 CET | 49734 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:03.645124912 CET | 49733 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:03.645339966 CET | 49734 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:03.866014957 CET | 80 | 49734 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:03.945609093 CET | 80 | 49734 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:03.945727110 CET | 49734 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:04.060874939 CET | 49734 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:04.061259031 CET | 49735 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:04.282700062 CET | 80 | 49734 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:04.282799006 CET | 49734 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:04.284161091 CET | 80 | 49735 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:04.284272909 CET | 49735 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:04.284502029 CET | 49735 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:04.507061958 CET | 80 | 49735 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:04.595429897 CET | 80 | 49735 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:04.595515966 CET | 49735 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:04.719572067 CET | 49735 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:04.719932079 CET | 49736 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:04.939430952 CET | 80 | 49736 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:04.939536095 CET | 49736 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:04.939735889 CET | 49736 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:04.941982031 CET | 80 | 49735 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:04.942039967 CET | 49735 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:05.159148932 CET | 80 | 49736 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:05.244760990 CET | 80 | 49736 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:05.244915962 CET | 49736 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:05.374130011 CET | 49736 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:05.374485970 CET | 49737 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:05.593514919 CET | 80 | 49736 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:05.593605995 CET | 49736 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:05.593940020 CET | 80 | 49737 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:05.594012022 CET | 49737 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:05.594232082 CET | 49737 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:05.813580990 CET | 80 | 49737 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:05.892684937 CET | 80 | 49737 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:05.892798901 CET | 49737 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:06.014365911 CET | 49737 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:06.014734030 CET | 49738 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:06.231697083 CET | 80 | 49738 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:06.231944084 CET | 49738 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:06.232199907 CET | 49738 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:06.234445095 CET | 80 | 49737 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:06.234514952 CET | 49737 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:06.449429035 CET | 80 | 49738 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:06.539088011 CET | 80 | 49738 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:06.539333105 CET | 49738 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:06.655518055 CET | 49738 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:06.655826092 CET | 49739 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:06.871972084 CET | 80 | 49738 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:06.872189045 CET | 49738 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:06.876230955 CET | 80 | 49739 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:06.876328945 CET | 49739 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:06.876571894 CET | 49739 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:07.097358942 CET | 80 | 49739 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:07.185797930 CET | 80 | 49739 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:07.185883045 CET | 49739 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:07.300048113 CET | 49739 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:07.300338984 CET | 49740 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:07.519704103 CET | 80 | 49740 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:07.519824982 CET | 49740 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:07.520008087 CET | 49740 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:07.520697117 CET | 80 | 49739 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:07.520756006 CET | 49739 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:07.739217043 CET | 80 | 49740 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:07.818260908 CET | 80 | 49740 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:07.818370104 CET | 49740 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:07.936367035 CET | 49740 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:07.936772108 CET | 49741 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:08.153054953 CET | 80 | 49741 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:08.153141022 CET | 49741 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:08.153311014 CET | 49741 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:08.155771017 CET | 80 | 49740 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:08.155833006 CET | 49740 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:08.369599104 CET | 80 | 49741 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:08.456115961 CET | 80 | 49741 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:08.456176996 CET | 49741 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:08.576699972 CET | 49741 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:08.577092886 CET | 49742 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:08.793119907 CET | 80 | 49741 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:08.793235064 CET | 49741 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:08.794408083 CET | 80 | 49742 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:08.794507027 CET | 49742 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:08.794656038 CET | 49742 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:09.012204885 CET | 80 | 49742 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:09.091121912 CET | 80 | 49742 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:09.091188908 CET | 49742 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:09.201668024 CET | 49742 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:09.419344902 CET | 80 | 49742 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:09.503828049 CET | 80 | 49742 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:09.504067898 CET | 49742 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:09.623562098 CET | 49742 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:09.623859882 CET | 49744 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:09.841464996 CET | 80 | 49742 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:09.841592073 CET | 49742 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:09.844542027 CET | 80 | 49744 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:09.844660044 CET | 49744 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:09.844841957 CET | 49744 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:10.065243959 CET | 80 | 49744 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:10.152059078 CET | 80 | 49744 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:10.152296066 CET | 49744 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:10.264445066 CET | 49744 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:10.264734983 CET | 49746 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:10.485019922 CET | 80 | 49744 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:10.485085011 CET | 49744 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:10.485205889 CET | 80 | 49746 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:10.485279083 CET | 49746 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:10.485513926 CET | 49746 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:10.706059933 CET | 80 | 49746 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:10.786386013 CET | 80 | 49746 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:10.786448002 CET | 49746 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:10.943983078 CET | 49746 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:10.944288969 CET | 49747 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:11.166976929 CET | 80 | 49746 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:11.167211056 CET | 80 | 49747 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:11.167455912 CET | 49747 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:11.167462111 CET | 49746 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:11.167851925 CET | 49747 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:11.391628027 CET | 80 | 49747 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:11.476926088 CET | 80 | 49747 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:11.476986885 CET | 49747 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:11.633600950 CET | 49747 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:11.633935928 CET | 49748 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:11.855937958 CET | 80 | 49747 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:11.855957031 CET | 80 | 49748 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:11.856033087 CET | 49747 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:11.856102943 CET | 49748 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:13.038892984 CET | 49748 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:13.259691000 CET | 80 | 49748 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:13.344556093 CET | 80 | 49748 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:13.344646931 CET | 49748 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:13.452003956 CET | 49748 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:13.673362970 CET | 80 | 49748 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:13.752072096 CET | 80 | 49748 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:13.752135992 CET | 49748 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:13.873831987 CET | 49748 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:13.874262094 CET | 49749 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:14.093605995 CET | 80 | 49749 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:14.093792915 CET | 49749 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:14.094012976 CET | 49749 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:14.095326900 CET | 80 | 49748 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:14.095403910 CET | 49748 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:14.313138962 CET | 80 | 49749 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:14.401448965 CET | 80 | 49749 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:14.401762962 CET | 49749 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:14.514655113 CET | 49749 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:14.733381987 CET | 80 | 49749 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:14.812182903 CET | 80 | 49749 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:14.812269926 CET | 49749 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:14.920798063 CET | 49749 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:15.139754057 CET | 80 | 49749 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:15.224502087 CET | 80 | 49749 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:15.224699020 CET | 49749 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:15.348759890 CET | 49749 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:15.349081993 CET | 49750 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:15.567553997 CET | 80 | 49749 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:15.567858934 CET | 49749 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:15.568197966 CET | 80 | 49750 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:15.568289995 CET | 49750 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:15.568464041 CET | 49750 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:15.787851095 CET | 80 | 49750 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:15.867146969 CET | 80 | 49750 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:15.867311954 CET | 49750 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:15.982625961 CET | 49750 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:15.982877016 CET | 49751 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:16.200537920 CET | 80 | 49751 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:16.200653076 CET | 49751 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:16.200825930 CET | 49751 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:16.202022076 CET | 80 | 49750 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:16.202086926 CET | 49750 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:16.418442965 CET | 80 | 49751 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:16.509687901 CET | 80 | 49751 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:16.509857893 CET | 49751 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:16.623519897 CET | 49751 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:16.624059916 CET | 49752 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:16.841202974 CET | 80 | 49751 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:16.841357946 CET | 80 | 49752 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:16.841404915 CET | 49751 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:16.841445923 CET | 49752 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:16.841602087 CET | 49752 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:17.059389114 CET | 80 | 49752 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:17.147675991 CET | 80 | 49752 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:17.147735119 CET | 49752 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:17.263680935 CET | 49752 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:17.263961077 CET | 49753 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:17.480971098 CET | 80 | 49752 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:17.481070995 CET | 49752 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:17.483086109 CET | 80 | 49753 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:17.483165979 CET | 49753 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:17.483335018 CET | 49753 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:17.702534914 CET | 80 | 49753 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:17.791408062 CET | 80 | 49753 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:17.791470051 CET | 49753 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:17.904398918 CET | 49753 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:18.123821020 CET | 80 | 49753 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:18.211899042 CET | 80 | 49753 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:18.212111950 CET | 49753 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:18.326658010 CET | 49753 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:18.326983929 CET | 49754 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:18.543277979 CET | 80 | 49754 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:18.543380976 CET | 49754 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:18.543549061 CET | 49754 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:18.546004057 CET | 80 | 49753 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:18.546077013 CET | 49753 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:18.759912014 CET | 80 | 49754 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:18.839035034 CET | 80 | 49754 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:18.839135885 CET | 49754 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:18.951435089 CET | 49754 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:19.167771101 CET | 80 | 49754 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:19.252229929 CET | 80 | 49754 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:19.252336979 CET | 49754 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:19.373157978 CET | 49754 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:19.373470068 CET | 49755 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:19.589612007 CET | 80 | 49754 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:19.589678049 CET | 49754 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:19.594391108 CET | 80 | 49755 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:19.594460964 CET | 49755 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:19.594654083 CET | 49755 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:19.815176010 CET | 80 | 49755 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:19.894037962 CET | 80 | 49755 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:19.894151926 CET | 49755 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:20.013793945 CET | 49755 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:20.014177084 CET | 49756 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:20.231689930 CET | 80 | 49756 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:20.231790066 CET | 49756 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:20.232000113 CET | 49756 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:20.234527111 CET | 80 | 49755 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:20.234623909 CET | 49755 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:20.449779987 CET | 80 | 49756 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:20.537019014 CET | 80 | 49756 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:20.537218094 CET | 49756 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:20.654548883 CET | 49756 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:20.654853106 CET | 49757 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:20.872246027 CET | 80 | 49756 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:20.872342110 CET | 49756 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:20.874013901 CET | 80 | 49757 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:20.874089003 CET | 49757 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:20.874262094 CET | 49757 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:21.095848083 CET | 80 | 49757 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:21.181425095 CET | 80 | 49757 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:21.181495905 CET | 49757 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:21.296174049 CET | 49757 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:21.296531916 CET | 49758 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:21.515415907 CET | 80 | 49757 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:21.515611887 CET | 49757 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:21.518863916 CET | 80 | 49758 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:21.518944025 CET | 49758 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:21.519109011 CET | 49758 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:21.741599083 CET | 80 | 49758 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:21.820341110 CET | 80 | 49758 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:21.820511103 CET | 49758 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:21.935977936 CET | 49758 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:21.936419964 CET | 49759 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:22.152801037 CET | 80 | 49759 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:22.152995110 CET | 49759 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:22.153074980 CET | 49759 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:22.158309937 CET | 80 | 49758 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:22.158380032 CET | 49758 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:22.369441032 CET | 80 | 49759 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:22.468333006 CET | 80 | 49759 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:22.468389034 CET | 49759 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:22.576565981 CET | 49759 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:22.792892933 CET | 80 | 49759 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:22.871659040 CET | 80 | 49759 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:22.871745110 CET | 49759 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:22.983299971 CET | 49759 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:23.200666904 CET | 80 | 49759 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:23.284241915 CET | 80 | 49759 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:23.284321070 CET | 49759 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:23.404393911 CET | 49759 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:23.404670954 CET | 49760 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:23.622090101 CET | 80 | 49759 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:23.622140884 CET | 49759 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:23.628534079 CET | 80 | 49760 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:23.628604889 CET | 49760 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:23.628742933 CET | 49760 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:23.850963116 CET | 80 | 49760 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:23.929877043 CET | 80 | 49760 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:23.929960012 CET | 49760 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:24.045567989 CET | 49760 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:24.045874119 CET | 49761 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:24.266798019 CET | 80 | 49761 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:24.266993999 CET | 49761 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:24.267148018 CET | 49761 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:24.271533012 CET | 80 | 49760 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:24.271596909 CET | 49760 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:24.484505892 CET | 80 | 49761 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:24.576252937 CET | 80 | 49761 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:24.576503038 CET | 49761 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:24.688211918 CET | 49761 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:24.905628920 CET | 80 | 49761 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:24.984981060 CET | 80 | 49761 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:24.985047102 CET | 49761 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:25.092185020 CET | 49761 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:25.309631109 CET | 80 | 49761 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:25.394243956 CET | 80 | 49761 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:25.394308090 CET | 49761 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:25.514123917 CET | 49761 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:25.514385939 CET | 49762 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:25.732007027 CET | 80 | 49761 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:25.732095957 CET | 49761 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:25.733804941 CET | 80 | 49762 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:25.733885050 CET | 49762 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:25.734046936 CET | 49762 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:25.953242064 CET | 80 | 49762 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:26.032165051 CET | 80 | 49762 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:26.032365084 CET | 49762 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:26.142226934 CET | 49762 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:26.362057924 CET | 80 | 49762 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:26.447014093 CET | 80 | 49762 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:26.447113991 CET | 49762 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:26.561290979 CET | 49762 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:26.561569929 CET | 49763 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:26.780551910 CET | 80 | 49762 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:26.780653954 CET | 49762 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:26.780754089 CET | 80 | 49763 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:26.780832052 CET | 49763 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:26.780978918 CET | 49763 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:27.000169992 CET | 80 | 49763 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:27.079746008 CET | 80 | 49763 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:27.079802036 CET | 49763 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:27.201584101 CET | 49763 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:27.201946020 CET | 49764 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:27.420919895 CET | 80 | 49763 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:27.420994043 CET | 49763 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:27.421180010 CET | 80 | 49764 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:27.421272039 CET | 49764 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:27.424287081 CET | 49764 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:27.643404961 CET | 80 | 49764 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:27.727524042 CET | 80 | 49764 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:27.727580070 CET | 49764 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:27.842602015 CET | 49764 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:27.842865944 CET | 49765 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:28.061912060 CET | 80 | 49764 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:28.062099934 CET | 49764 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:28.062119961 CET | 80 | 49765 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:28.062206030 CET | 49765 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:28.062365055 CET | 49765 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:28.284079075 CET | 80 | 49765 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:28.365735054 CET | 80 | 49765 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:28.365848064 CET | 49765 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:28.482736111 CET | 49765 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:28.483077049 CET | 49766 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:28.702282906 CET | 80 | 49765 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:28.702368021 CET | 49765 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:28.703574896 CET | 80 | 49766 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:28.703646898 CET | 49766 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:28.703816891 CET | 49766 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:28.924356937 CET | 80 | 49766 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:29.002948999 CET | 80 | 49766 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:29.003010988 CET | 49766 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:29.123661041 CET | 49766 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:29.124099016 CET | 49767 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:29.343473911 CET | 80 | 49767 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:29.343734980 CET | 49767 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:29.343836069 CET | 49767 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:29.344305992 CET | 80 | 49766 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:29.344368935 CET | 49766 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:29.563002110 CET | 80 | 49767 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:29.647773981 CET | 80 | 49767 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:29.647958994 CET | 49767 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:29.764532089 CET | 49767 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:29.764869928 CET | 49768 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:29.982435942 CET | 80 | 49768 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:29.982701063 CET | 49768 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:29.982779026 CET | 49768 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:29.983849049 CET | 80 | 49767 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:29.983918905 CET | 49767 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:30.200531006 CET | 80 | 49768 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:30.285660028 CET | 80 | 49768 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:30.285789013 CET | 49768 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:30.404975891 CET | 49768 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:30.405420065 CET | 49769 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:30.622684002 CET | 80 | 49768 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:30.622752905 CET | 49768 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:30.625096083 CET | 80 | 49769 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:30.625186920 CET | 49769 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:30.625360012 CET | 49769 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:30.844969034 CET | 80 | 49769 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:30.924068928 CET | 80 | 49769 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:30.924215078 CET | 49769 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:31.046070099 CET | 49769 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:31.046402931 CET | 49770 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:31.266392946 CET | 80 | 49770 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:31.266416073 CET | 80 | 49769 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:31.266520977 CET | 49769 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:31.266537905 CET | 49770 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:31.266789913 CET | 49770 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:31.486053944 CET | 80 | 49770 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:31.580327988 CET | 80 | 49770 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:31.580431938 CET | 49770 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:31.701837063 CET | 49770 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:31.702159882 CET | 49771 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:31.919930935 CET | 80 | 49771 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:31.920028925 CET | 49771 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:31.920222044 CET | 49771 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:31.921272993 CET | 80 | 49770 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:31.921350002 CET | 49770 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:32.137753010 CET | 80 | 49771 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:32.222223997 CET | 80 | 49771 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:32.222385883 CET | 49771 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:32.346318007 CET | 49771 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:32.347337008 CET | 49772 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:32.563954115 CET | 80 | 49771 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:32.564323902 CET | 49771 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:32.566004992 CET | 80 | 49772 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:32.566093922 CET | 49772 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:32.566268921 CET | 49772 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:32.784776926 CET | 80 | 49772 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:32.863929033 CET | 80 | 49772 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:32.864131927 CET | 49772 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:32.982726097 CET | 49772 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:32.983026981 CET | 49773 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:33.200566053 CET | 80 | 49773 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:33.200802088 CET | 49773 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:33.201024055 CET | 49773 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:33.201478004 CET | 80 | 49772 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:33.201555014 CET | 49772 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:33.418368101 CET | 80 | 49773 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:33.519715071 CET | 80 | 49773 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:33.519792080 CET | 49773 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:33.639424086 CET | 49773 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:33.639847994 CET | 49774 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:33.857043982 CET | 80 | 49773 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:33.857213974 CET | 49773 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:33.860416889 CET | 80 | 49774 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:33.860490084 CET | 49774 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:33.860666037 CET | 49774 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:34.081404924 CET | 80 | 49774 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:34.174215078 CET | 80 | 49774 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:34.174276114 CET | 49774 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:34.295346975 CET | 49774 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:34.295639038 CET | 49775 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:34.515904903 CET | 80 | 49774 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:34.515974998 CET | 49774 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:34.517797947 CET | 80 | 49775 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:34.517878056 CET | 49775 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:34.518099070 CET | 49775 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:34.740305901 CET | 80 | 49775 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:34.819152117 CET | 80 | 49775 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:34.819207907 CET | 49775 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:34.936032057 CET | 49775 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:34.936417103 CET | 49776 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:35.155791044 CET | 80 | 49776 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:35.155885935 CET | 49776 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:35.156161070 CET | 49776 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:35.158416033 CET | 80 | 49775 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:35.158487082 CET | 49775 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:35.375344038 CET | 80 | 49776 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:35.474606991 CET | 80 | 49776 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:35.474710941 CET | 49776 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:35.592494965 CET | 49776 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:35.592895031 CET | 49777 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:35.810530901 CET | 80 | 49777 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:35.810642004 CET | 49777 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:35.810868979 CET | 49777 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:35.811729908 CET | 80 | 49776 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:35.811820984 CET | 49776 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:36.028398991 CET | 80 | 49777 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:36.107671022 CET | 80 | 49777 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:36.107750893 CET | 49777 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:36.217358112 CET | 49777 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:36.435029984 CET | 80 | 49777 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:36.519197941 CET | 80 | 49777 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:36.519309044 CET | 49777 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:36.639288902 CET | 49777 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:36.639698029 CET | 49778 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:36.857177019 CET | 80 | 49777 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:36.857300043 CET | 49777 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:36.862006903 CET | 80 | 49778 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:36.862106085 CET | 49778 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:36.862356901 CET | 49778 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:37.084763050 CET | 80 | 49778 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:37.167140961 CET | 80 | 49778 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:37.167206049 CET | 49778 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:37.279850006 CET | 49778 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:37.280252934 CET | 49779 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:37.497788906 CET | 80 | 49779 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:37.497896910 CET | 49779 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:37.498092890 CET | 49779 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:37.502238035 CET | 80 | 49778 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:37.502320051 CET | 49778 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:37.715713024 CET | 80 | 49779 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:37.795223951 CET | 80 | 49779 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:37.795305967 CET | 49779 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:37.906009912 CET | 49779 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:37.906377077 CET | 49780 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:38.123675108 CET | 80 | 49779 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:38.123845100 CET | 49779 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:38.126919031 CET | 80 | 49780 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:38.127011061 CET | 49780 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:38.127295971 CET | 49780 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:38.348558903 CET | 80 | 49780 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:38.436038971 CET | 80 | 49780 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:38.436111927 CET | 49780 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:38.545685053 CET | 49780 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:38.546063900 CET | 49781 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:38.764842033 CET | 80 | 49781 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:38.764969110 CET | 49781 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:38.765183926 CET | 49781 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:38.766381025 CET | 80 | 49780 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:38.766454935 CET | 49780 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:38.984498978 CET | 80 | 49781 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:39.078337908 CET | 80 | 49781 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:39.078479052 CET | 49781 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:39.185666084 CET | 49781 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:39.185978889 CET | 49782 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:39.404701948 CET | 80 | 49781 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:39.404827118 CET | 49781 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:39.408179045 CET | 80 | 49782 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:39.408267975 CET | 49782 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:39.408448935 CET | 49782 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:39.630825996 CET | 80 | 49782 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:39.723113060 CET | 80 | 49782 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:39.723323107 CET | 49782 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:39.842272997 CET | 49782 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:39.842586040 CET | 49783 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:40.060162067 CET | 80 | 49783 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:40.060493946 CET | 49783 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:40.060558081 CET | 49783 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:40.064841986 CET | 80 | 49782 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:40.064903021 CET | 49782 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:40.278758049 CET | 80 | 49783 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:40.373763084 CET | 80 | 49783 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:40.373852968 CET | 49783 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:40.482719898 CET | 49783 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:40.700737000 CET | 80 | 49783 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:40.780415058 CET | 80 | 49783 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:40.780469894 CET | 49783 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:40.888750076 CET | 49783 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:41.106707096 CET | 80 | 49783 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:41.193089008 CET | 80 | 49783 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:41.193164110 CET | 49783 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:41.311378956 CET | 49783 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:41.311682940 CET | 49784 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:41.529064894 CET | 80 | 49783 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:41.529298067 CET | 49783 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:41.532115936 CET | 80 | 49784 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:41.532219887 CET | 49784 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:41.536693096 CET | 49784 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:41.757565022 CET | 80 | 49784 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:41.836251974 CET | 80 | 49784 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:41.836327076 CET | 49784 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:41.951683044 CET | 49784 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:41.952033043 CET | 49785 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:42.173206091 CET | 80 | 49785 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:42.173302889 CET | 49785 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:42.173449993 CET | 49785 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:42.174799919 CET | 80 | 49784 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:42.174864054 CET | 49784 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:42.392359018 CET | 80 | 49785 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:42.475572109 CET | 80 | 49785 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:42.475642920 CET | 49785 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:42.592381001 CET | 49785 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:42.592689991 CET | 49786 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:42.810329914 CET | 80 | 49786 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:42.810410976 CET | 49786 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:42.810591936 CET | 49786 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:42.811202049 CET | 80 | 49785 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:42.811395884 CET | 49785 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:43.028105974 CET | 80 | 49786 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:43.107403040 CET | 80 | 49786 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:43.107460976 CET | 49786 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:43.222188950 CET | 49786 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:43.439831972 CET | 80 | 49786 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:43.525003910 CET | 80 | 49786 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:43.525114059 CET | 49786 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:43.639056921 CET | 49786 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:43.639357090 CET | 49787 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:43.858283997 CET | 80 | 49787 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:43.858304024 CET | 80 | 49786 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:43.858429909 CET | 49786 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:43.858840942 CET | 49787 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:43.860066891 CET | 49787 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:44.095884085 CET | 80 | 49787 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:44.182424068 CET | 80 | 49787 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:44.182483912 CET | 49787 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:45.576780081 CET | 49787 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:45.577079058 CET | 49788 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:45.794564009 CET | 80 | 49788 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:45.794724941 CET | 49788 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:45.795139074 CET | 49788 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:45.795386076 CET | 80 | 49787 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:45.795481920 CET | 49787 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:46.012819052 CET | 80 | 49788 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:46.095664024 CET | 80 | 49788 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:46.095912933 CET | 49788 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:46.217278004 CET | 49788 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:46.217643976 CET | 49789 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:46.435185909 CET | 80 | 49788 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:46.435240984 CET | 49788 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:46.435316086 CET | 80 | 49789 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:46.435389042 CET | 49789 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:46.435554028 CET | 49789 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:46.653013945 CET | 80 | 49789 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:46.739310026 CET | 80 | 49789 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:46.739521027 CET | 49789 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:46.858117104 CET | 49789 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:46.858541965 CET | 49790 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:47.076033115 CET | 80 | 49789 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:47.076210976 CET | 49789 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:47.079242945 CET | 80 | 49790 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:47.079336882 CET | 49790 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:47.079530954 CET | 49790 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:47.300019026 CET | 80 | 49790 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:47.384391069 CET | 80 | 49790 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:47.384449959 CET | 49790 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:47.500308037 CET | 49790 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:47.500597000 CET | 49791 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:47.721129894 CET | 80 | 49791 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:47.724185944 CET | 49791 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:47.724355936 CET | 49791 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:47.725213051 CET | 80 | 49790 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:47.728130102 CET | 49790 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:47.940593004 CET | 80 | 49791 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:48.019238949 CET | 80 | 49791 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:48.019330978 CET | 49791 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:48.139014959 CET | 49791 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:48.139277935 CET | 49792 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:48.355339050 CET | 80 | 49791 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:48.355422974 CET | 49791 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:48.356708050 CET | 80 | 49792 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:48.356786013 CET | 49792 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:48.356929064 CET | 49792 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:48.596076012 CET | 80 | 49792 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:48.680064917 CET | 80 | 49792 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:48.680143118 CET | 49792 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:48.795450926 CET | 49792 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:48.795753002 CET | 49793 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:49.012145042 CET | 80 | 49793 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:49.012243032 CET | 49793 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:49.012408018 CET | 49793 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:49.013176918 CET | 80 | 49792 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:49.013235092 CET | 49792 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:49.228774071 CET | 80 | 49793 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:49.311074972 CET | 80 | 49793 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:49.311155081 CET | 49793 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:49.420073986 CET | 49793 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:49.420344114 CET | 49794 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:49.636442900 CET | 80 | 49793 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:49.636507988 CET | 49793 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:49.637762070 CET | 80 | 49794 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:49.637836933 CET | 49794 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:49.656204939 CET | 49794 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:49.874052048 CET | 80 | 49794 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:49.952958107 CET | 80 | 49794 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:49.953022957 CET | 49794 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:50.063564062 CET | 49794 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:50.063868046 CET | 49795 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:50.281263113 CET | 80 | 49794 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:50.281323910 CET | 49794 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:50.283160925 CET | 80 | 49795 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:50.283247948 CET | 49795 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:50.283368111 CET | 49795 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:50.502499104 CET | 80 | 49795 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:50.587368011 CET | 80 | 49795 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:50.587425947 CET | 49795 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:50.703926086 CET | 49795 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:50.704227924 CET | 49796 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:50.920310020 CET | 80 | 49796 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:50.920433044 CET | 49796 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:50.920566082 CET | 49796 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:50.923186064 CET | 80 | 49795 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:50.923243999 CET | 49795 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:51.136804104 CET | 80 | 49796 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:51.221873999 CET | 80 | 49796 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:51.222006083 CET | 49796 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:51.344204903 CET | 49796 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:51.344604969 CET | 49797 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:51.560338974 CET | 80 | 49796 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:51.560409069 CET | 49796 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:51.563654900 CET | 80 | 49797 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:51.563755035 CET | 49797 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:51.565444946 CET | 49797 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:51.808367014 CET | 80 | 49797 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:51.887362957 CET | 80 | 49797 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:51.887447119 CET | 49797 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:52.000514030 CET | 49797 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:52.000948906 CET | 49798 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:52.217242002 CET | 80 | 49798 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:52.217381954 CET | 49798 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:52.218008041 CET | 49798 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:52.219693899 CET | 80 | 49797 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:52.219768047 CET | 49797 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:52.434454918 CET | 80 | 49798 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:52.519275904 CET | 80 | 49798 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:52.519362926 CET | 49798 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:52.644016981 CET | 49798 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:52.644340038 CET | 49799 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:52.860438108 CET | 80 | 49798 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:52.860500097 CET | 49798 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:52.863452911 CET | 80 | 49799 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:52.863590956 CET | 49799 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:52.864072084 CET | 49799 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:53.083314896 CET | 80 | 49799 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:53.167071104 CET | 80 | 49799 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:53.167128086 CET | 49799 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:53.281848907 CET | 49799 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:53.281851053 CET | 49800 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:53.501188993 CET | 80 | 49799 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:53.501281023 CET | 49799 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:53.501326084 CET | 80 | 49800 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:53.501398087 CET | 49800 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:53.501609087 CET | 49800 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:53.720994949 CET | 80 | 49800 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:53.809508085 CET | 80 | 49800 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:53.810205936 CET | 49800 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:53.937788010 CET | 49800 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:53.938235998 CET | 49801 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:54.154721022 CET | 80 | 49801 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:54.154932976 CET | 49801 | 80 | 192.168.2.5 | 45.142.214.240 |
Mar 29, 2024 12:10:54.157298088 CET | 80 | 49800 | 45.142.214.240 | 192.168.2.5 |
Mar 29, 2024 12:10:54.157385111 CET | 49800 | 80 | 192.168.2.5 | 45.142.214.240 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 29, 2024 12:09:44.802397013 CET | 51540 | 53 | 192.168.2.5 | 141.98.234.31 |
Mar 29, 2024 12:09:45.142661095 CET | 53 | 51540 | 141.98.234.31 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 29, 2024 12:09:44.802397013 CET | 192.168.2.5 | 141.98.234.31 | 0xf7b9 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 29, 2024 12:09:45.142661095 CET | 141.98.234.31 | 192.168.2.5 | 0xf7b9 | No error (0) | 45.142.214.240 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49712 | 45.142.214.240 | 80 | 6408 | C:\Users\user\AppData\Local\Metatogger Music Collection\metatoggermusiccollection.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 29, 2024 12:09:45.420994043 CET | 318 | OUT | |
Mar 29, 2024 12:09:45.725605965 CET | 220 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49713 | 45.142.214.240 | 80 | 6408 | C:\Users\user\AppData\Local\Metatogger Music Collection\metatoggermusiccollection.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 29, 2024 12:09:46.064559937 CET | 318 | OUT | |
Mar 29, 2024 12:09:46.396110058 CET | 1286 | IN |