Edit tour
Windows
Analysis Report
0RWRPBSuDx.exe
Overview
General Information
Sample name: | 0RWRPBSuDx.exerenamed because original name is a hash value |
Original sample name: | d19197438a7371baaac62fec8dabb3d7.exe |
Analysis ID: | 1417492 |
MD5: | d19197438a7371baaac62fec8dabb3d7 |
SHA1: | 3252c13b0af9e6a71c11bf9ed37122b3d76064bd |
SHA256: | e2de4097b80b8480f28f08bc4fc238dca38dbdcb6bbb0c77a83e3753cb03dcf7 |
Tags: | 32exe |
Infos: | |
Detection
Socks5Systemz
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Antivirus / Scanner detection for submitted sample
Antivirus detection for dropped file
Detected unpacking (changes PE section rights)
Detected unpacking (overwrites its own PE header)
Found malware configuration
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic
Yara detected Socks5Systemz
C2 URLs / IPs found in malware configuration
Contains functionality to infect the boot sector
Found API chain indicative of debugger detection
Machine Learning detection for dropped file
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to launch a program with higher privileges
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to query network adapater information
Contains functionality to shutdown / reboot the system
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Dropped file seen in connection with other malware
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Extensive use of GetProcAddress (often used to hide API calls)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found evasive API chain (date check)
Found evasive API chain (may stop execution after checking a module file name)
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains executable resources (Code or Archives)
PE file contains more sections than normal
PE file contains sections with non-standard names
Queries disk information (often used to detect virtual machines)
Sample file is different than original file name gathered from version info
Tries to load missing DLLs
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Classification
- System is w10x64
- 0RWRPBSuDx.exe (PID: 6892 cmdline:
"C:\Users\ user\Deskt op\0RWRPBS uDx.exe" MD5: D19197438A7371BAAAC62FEC8DABB3D7) - 0RWRPBSuDx.tmp (PID: 6940 cmdline:
"C:\Users\ user\AppDa ta\Local\T emp\is-EDL GI.tmp\0RW RPBSuDx.tm p" /SL5="$ 20420,1594 531,54272, C:\Users\u ser\Deskto p\0RWRPBSu Dx.exe" MD5: D8E53E1B8EA1B12BC3F40BB9F8B14F38) - codecpackupdate.exe (PID: 7040 cmdline:
"C:\Users\ user\AppDa ta\Local\C odec Pack Update\cod ecpackupda te.exe" -i MD5: 0E347C627EFDED3BF78AFA21FF8B54D3) - codecpackupdate.exe (PID: 7084 cmdline:
"C:\Users\ user\AppDa ta\Local\C odec Pack Update\cod ecpackupda te.exe" -s MD5: 0E347C627EFDED3BF78AFA21FF8B54D3)
- cleanup
{"C2 list": ["bvuppwf.com"]}
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Socks5Systemz | Yara detected Socks5Systemz | Joe Security | ||
JoeSecurity_Socks5Systemz | Yara detected Socks5Systemz | Joe Security | ||
JoeSecurity_Socks5Systemz | Yara detected Socks5Systemz | Joe Security |
⊘No Sigma rule has matched
Timestamp: | 03/29/24-12:59:10.764656 |
SID: | 2050112 |
Source Port: | 49755 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:35.421196 |
SID: | 2049467 |
Source Port: | 49787 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:59.675457 |
SID: | 2049467 |
Source Port: | 49815 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:28.814022 |
SID: | 2049467 |
Source Port: | 49778 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:58:58.279145 |
SID: | 2050112 |
Source Port: | 49740 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:52.205310 |
SID: | 2049467 |
Source Port: | 49806 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:48.200098 |
SID: | 2050112 |
Source Port: | 49801 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:44.183959 |
SID: | 2049467 |
Source Port: | 49796 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:29.458062 |
SID: | 2050112 |
Source Port: | 49779 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:54.762452 |
SID: | 2050112 |
Source Port: | 49810 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:25.184508 |
SID: | 2050112 |
Source Port: | 49773 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:17.561359 |
SID: | 2049467 |
Source Port: | 49763 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:32.211512 |
SID: | 2050112 |
Source Port: | 49782 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:10.122007 |
SID: | 2049467 |
Source Port: | 49754 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:21.394081 |
SID: | 2049467 |
Source Port: | 49769 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:03.387980 |
SID: | 2050112 |
Source Port: | 49746 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:37.749118 |
SID: | 2049467 |
Source Port: | 49790 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:24.138039 |
SID: | 2049467 |
Source Port: | 49772 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:47.153192 |
SID: | 2049467 |
Source Port: | 49800 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:31.562211 |
SID: | 2049467 |
Source Port: | 49781 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:18.201077 |
SID: | 2050112 |
Source Port: | 49764 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:58:57.434224 |
SID: | 2049467 |
Source Port: | 49736 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:25.828412 |
SID: | 2050112 |
Source Port: | 49774 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:44.826160 |
SID: | 2050112 |
Source Port: | 49797 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:38.599677 |
SID: | 2050112 |
Source Port: | 49791 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:28.169308 |
SID: | 2049467 |
Source Port: | 49777 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:32.211512 |
SID: | 2049467 |
Source Port: | 49782 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-13:00:01.144442 |
SID: | 2050112 |
Source Port: | 49817 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:11.403065 |
SID: | 2050112 |
Source Port: | 49756 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:14.168811 |
SID: | 2049467 |
Source Port: | 49759 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:45.464018 |
SID: | 2050112 |
Source Port: | 49798 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-13:00:00.317751 |
SID: | 2050112 |
Source Port: | 49816 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:48.200098 |
SID: | 2049467 |
Source Port: | 49801 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:52.843294 |
SID: | 2049467 |
Source Port: | 49807 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:17.561359 |
SID: | 2050112 |
Source Port: | 49763 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:09.075777 |
SID: | 2049467 |
Source Port: | 49753 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:23.090769 |
SID: | 2049467 |
Source Port: | 49771 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:55.404429 |
SID: | 2050112 |
Source Port: | 49811 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:36.058657 |
SID: | 2049467 |
Source Port: | 49788 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:02.340536 |
SID: | 2050112 |
Source Port: | 49745 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:39.978368 |
SID: | 2050112 |
Source Port: | 49792 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:31.562211 |
SID: | 2050112 |
Source Port: | 49781 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:00.626740 |
SID: | 2049467 |
Source Port: | 49743 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:13.121896 |
SID: | 2049467 |
Source Port: | 49758 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:24.138039 |
SID: | 2050112 |
Source Port: | 49772 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:26.471385 |
SID: | 2050112 |
Source Port: | 49775 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:39.978368 |
SID: | 2049467 |
Source Port: | 49792 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:18.201077 |
SID: | 2049467 |
Source Port: | 49764 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:19.483683 |
SID: | 2050112 |
Source Port: | 49766 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:22.033829 |
SID: | 2049467 |
Source Port: | 49770 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:01.268339 |
SID: | 2050112 |
Source Port: | 49744 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:34.777689 |
SID: | 2049467 |
Source Port: | 49786 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:37.106191 |
SID: | 2049467 |
Source Port: | 49789 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:07.153408 |
SID: | 2050112 |
Source Port: | 49750 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:43.547929 |
SID: | 2049467 |
Source Port: | 49795 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:21.394081 |
SID: | 2050112 |
Source Port: | 49769 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:49.480506 |
SID: | 2050112 |
Source Port: | 49803 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:46.108211 |
SID: | 2050112 |
Source Port: | 49799 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:44.183959 |
SID: | 2050112 |
Source Port: | 49796 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-13:00:01.144442 |
SID: | 2049467 |
Source Port: | 49817 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:56.055877 |
SID: | 2050112 |
Source Port: | 49812 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:58:58.279145 |
SID: | 2049467 |
Source Port: | 49740 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:52.205310 |
SID: | 2050112 |
Source Port: | 49806 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:16.918885 |
SID: | 2049467 |
Source Port: | 49762 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:44.826160 |
SID: | 2049467 |
Source Port: | 49797 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:58:59.965425 |
SID: | 2050112 |
Source Port: | 49742 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:36.058657 |
SID: | 2050112 |
Source Port: | 49788 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:02.340536 |
SID: | 2049467 |
Source Port: | 49745 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:59.031292 |
SID: | 2050112 |
Source Port: | 49814 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:42.903229 |
SID: | 2050112 |
Source Port: | 49794 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:09.075777 |
SID: | 2050112 |
Source Port: | 49753 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:07.805203 |
SID: | 2049467 |
Source Port: | 49751 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:53.482569 |
SID: | 2050112 |
Source Port: | 49808 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:25.184508 |
SID: | 2049467 |
Source Port: | 49773 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:20.124059 |
SID: | 2049467 |
Source Port: | 49767 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-13:00:03.080619 |
SID: | 2050112 |
Source Port: | 49820 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:11.403065 |
SID: | 2049467 |
Source Port: | 49756 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:32.856145 |
SID: | 2050112 |
Source Port: | 49783 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:28.169308 |
SID: | 2050112 |
Source Port: | 49777 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:54.762452 |
SID: | 2049467 |
Source Port: | 49810 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:50.109189 |
SID: | 2049467 |
Source Port: | 49804 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-13:00:02.442251 |
SID: | 2050112 |
Source Port: | 49819 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:58:57.434224 |
SID: | 2050112 |
Source Port: | 49736 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:08.435175 |
SID: | 2050112 |
Source Port: | 49752 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-13:00:01.795965 |
SID: | 2049467 |
Source Port: | 49818 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:56.055877 |
SID: | 2049467 |
Source Port: | 49812 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:13.121896 |
SID: | 2050112 |
Source Port: | 49758 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:33.499589 |
SID: | 2049467 |
Source Port: | 49784 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:15.452590 |
SID: | 2050112 |
Source Port: | 49761 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:54.123875 |
SID: | 2049467 |
Source Port: | 49809 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:49.480506 |
SID: | 2049467 |
Source Port: | 49803 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:00.626740 |
SID: | 2050112 |
Source Port: | 49743 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:14.816268 |
SID: | 2049467 |
Source Port: | 49760 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:50.109189 |
SID: | 2050112 |
Source Port: | 49804 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:12.050126 |
SID: | 2049467 |
Source Port: | 49757 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:22.033829 |
SID: | 2050112 |
Source Port: | 49770 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:27.122910 |
SID: | 2050112 |
Source Port: | 49776 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:41.029454 |
SID: | 2049467 |
Source Port: | 49793 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:05.059289 |
SID: | 2049467 |
Source Port: | 49748 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:20.124059 |
SID: | 2050112 |
Source Port: | 49767 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:26.471385 |
SID: | 2049467 |
Source Port: | 49775 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:06.106340 |
SID: | 2050112 |
Source Port: | 49749 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:19.483683 |
SID: | 2049467 |
Source Port: | 49766 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:51.153063 |
SID: | 2050112 |
Source Port: | 49805 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:48.841670 |
SID: | 2049467 |
Source Port: | 49802 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:18.842102 |
SID: | 2049467 |
Source Port: | 49765 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:30.918916 |
SID: | 2050112 |
Source Port: | 49780 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:58:59.965425 |
SID: | 2049467 |
Source Port: | 49742 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-13:00:02.442251 |
SID: | 2049467 |
Source Port: | 49819 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:12.050126 |
SID: | 2050112 |
Source Port: | 49757 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:34.137988 |
SID: | 2050112 |
Source Port: | 49785 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:16.918885 |
SID: | 2050112 |
Source Port: | 49762 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:32.856145 |
SID: | 2049467 |
Source Port: | 49783 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:58:58.916637 |
SID: | 2049467 |
Source Port: | 49741 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:27.122910 |
SID: | 2049467 |
Source Port: | 49776 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:56.945215 |
SID: | 2049467 |
Source Port: | 49813 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:46.108211 |
SID: | 2049467 |
Source Port: | 49799 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:34.777689 |
SID: | 2050112 |
Source Port: | 49786 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:20.762171 |
SID: | 2050112 |
Source Port: | 49768 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:07.805203 |
SID: | 2050112 |
Source Port: | 49751 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:42.903229 |
SID: | 2049467 |
Source Port: | 49794 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:33.499589 |
SID: | 2050112 |
Source Port: | 49784 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:35.421196 |
SID: | 2050112 |
Source Port: | 49787 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:03.387980 |
SID: | 2049467 |
Source Port: | 49746 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-13:00:01.795965 |
SID: | 2050112 |
Source Port: | 49818 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:08.435175 |
SID: | 2049467 |
Source Port: | 49752 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:41.029454 |
SID: | 2050112 |
Source Port: | 49793 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:28.814022 |
SID: | 2050112 |
Source Port: | 49778 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:15.452590 |
SID: | 2049467 |
Source Port: | 49761 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:47.153192 |
SID: | 2050112 |
Source Port: | 49800 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:06.106340 |
SID: | 2049467 |
Source Port: | 49749 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:10.764656 |
SID: | 2049467 |
Source Port: | 49755 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:37.749118 |
SID: | 2050112 |
Source Port: | 49790 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-13:00:03.080619 |
SID: | 2049467 |
Source Port: | 49820 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:58:58.916637 |
SID: | 2050112 |
Source Port: | 49741 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:54.123875 |
SID: | 2050112 |
Source Port: | 49809 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:59.031292 |
SID: | 2049467 |
Source Port: | 49814 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:53.482569 |
SID: | 2049467 |
Source Port: | 49808 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:59.675457 |
SID: | 2050112 |
Source Port: | 49815 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:45.464018 |
SID: | 2049467 |
Source Port: | 49798 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:20.762171 |
SID: | 2049467 |
Source Port: | 49768 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:48.841670 |
SID: | 2050112 |
Source Port: | 49802 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:23.090769 |
SID: | 2050112 |
Source Port: | 49771 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:05.059289 |
SID: | 2050112 |
Source Port: | 49748 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:51.153063 |
SID: | 2049467 |
Source Port: | 49805 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:38.599677 |
SID: | 2049467 |
Source Port: | 49791 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:18.842102 |
SID: | 2050112 |
Source Port: | 49765 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:55.404429 |
SID: | 2049467 |
Source Port: | 49811 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:25.828412 |
SID: | 2049467 |
Source Port: | 49774 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-13:00:00.317751 |
SID: | 2049467 |
Source Port: | 49816 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:14.816268 |
SID: | 2050112 |
Source Port: | 49760 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:43.547929 |
SID: | 2050112 |
Source Port: | 49795 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:01.268339 |
SID: | 2049467 |
Source Port: | 49744 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:56.945215 |
SID: | 2050112 |
Source Port: | 49813 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:30.918916 |
SID: | 2049467 |
Source Port: | 49780 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:10.122007 |
SID: | 2050112 |
Source Port: | 49754 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:37.106191 |
SID: | 2050112 |
Source Port: | 49789 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:07.153408 |
SID: | 2049467 |
Source Port: | 49750 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:52.843294 |
SID: | 2050112 |
Source Port: | 49807 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:34.137988 |
SID: | 2049467 |
Source Port: | 49785 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:14.168811 |
SID: | 2050112 |
Source Port: | 49759 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 03/29/24-12:59:29.458062 |
SID: | 2049467 |
Source Port: | 49779 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Avira: |
Source: | Avira: | ||
Source: | Avira: |
Source: | Malware Configuration Extractor: |
Source: | Virustotal: | Perma Link |
Source: | Virustotal: | Perma Link | ||
Source: | Virustotal: | Perma Link |
Source: | Virustotal: | Perma Link |
Source: | Joe Sandbox ML: | ||
Source: | Joe Sandbox ML: |
Source: | Code function: | 1_2_0045B4AC | |
Source: | Code function: | 1_2_0045B560 | |
Source: | Code function: | 1_2_0045B578 | |
Source: | Code function: | 1_2_10001000 | |
Source: | Code function: | 1_2_10001130 |
Compliance |
---|
Source: | Unpacked PE file: | ||
Source: | Unpacked PE file: |
Source: | Static PE information: |
Source: | Code function: | 1_2_0047A44C | |
Source: | Code function: | 1_2_0047077C | |
Source: | Code function: | 1_2_004513E4 | |
Source: | Code function: | 1_2_004601DC | |
Source: | Code function: | 1_2_00478334 | |
Source: | Code function: | 1_2_00460658 | |
Source: | Code function: | 1_2_0045EC50 | |
Source: | Code function: | 1_2_00491EBC |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Networking |
---|
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | URLs: |
Source: | TCP traffic: |
Source: | IP Address: | ||
Source: | IP Address: |
Source: | ASN Name: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | Code function: | 3_2_009F72A7 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Code function: | 1_2_0042ED54 | |
Source: | Code function: | 1_2_00423AF4 | |
Source: | Code function: | 1_2_00412548 | |
Source: | Code function: | 1_2_00455448 | |
Source: | Code function: | 1_2_00473A10 |
Source: | Code function: | 1_2_0042E6DC |
Source: | Code function: | 0_2_0040936C | |
Source: | Code function: | 1_2_00453D4C |
Source: | Code function: | 0_2_00408330 | |
Source: | Code function: | 1_2_0046C0D0 | |
Source: | Code function: | 1_2_00434B5C | |
Source: | Code function: | 1_2_0047B0A3 | |
Source: | Code function: | 1_2_004637D4 | |
Source: | Code function: | 1_2_00444304 | |
Source: | Code function: | 1_2_0045C4C4 | |
Source: | Code function: | 1_2_00430700 | |
Source: | Code function: | 1_2_004449FC | |
Source: | Code function: | 1_2_00480B58 | |
Source: | Code function: | 1_2_00444E08 | |
Source: | Code function: | 1_2_00459498 | |
Source: | Code function: | 1_2_0043D5E4 | |
Source: | Code function: | 1_2_00465824 | |
Source: | Code function: | 1_2_00481A30 | |
Source: | Code function: | 1_2_00487BD4 | |
Source: | Code function: | 1_2_0042FB90 | |
Source: | Code function: | 1_2_00443D5C | |
Source: | Code function: | 1_2_00433E58 | |
Source: | Code function: | 2_2_00401051 | |
Source: | Code function: | 2_2_00401C26 | |
Source: | Code function: | 3_2_00401051 | |
Source: | Code function: | 3_2_00401C26 | |
Source: | Code function: | 3_2_00A0E18D | |
Source: | Code function: | 3_2_00A0DC99 | |
Source: | Code function: | 3_2_00A0AC3A | |
Source: | Code function: | 3_2_00A08442 | |
Source: | Code function: | 3_2_00A0E5A5 | |
Source: | Code function: | 3_2_00A12DB4 | |
Source: | Code function: | 3_2_00A09E84 | |
Source: | Code function: | 3_2_00A14E29 | |
Source: | Code function: | 3_2_009FEFAD | |
Source: | Code function: | 3_2_00A2BCEB | |
Source: | Code function: | 3_2_00A2BD58 |
Source: | Dropped File: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 3_2_00A008B8 |
Source: | Code function: | 0_2_0040936C | |
Source: | Code function: | 1_2_00453D4C |
Source: | Code function: | 1_2_00454574 |
Source: | Code function: | 2_2_00402572 | |
Source: | Code function: | 3_2_00402572 |
Source: | Code function: | 0_2_00409AD0 |
Source: | Code function: | 2_2_00402345 |
Source: | Code function: | 2_2_00402345 | |
Source: | Code function: | 3_2_00402345 |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Key value created or modified: | Jump to behavior |
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior |
Source: | Virustotal: |
Source: | File read: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Key value created or modified: | Jump to behavior |
Source: | Window found: | Jump to behavior |
Source: | Window detected: |
Source: | Static file information: |
Data Obfuscation |
---|
Source: | Unpacked PE file: | ||
Source: | Unpacked PE file: |
Source: | Unpacked PE file: | ||
Source: | Unpacked PE file: |
Source: | Code function: | 1_2_00447DC0 |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_0040654D | |
Source: | Code function: | 0_2_0040802D | |
Source: | Code function: | 0_2_004040F1 | |
Source: | Code function: | 0_2_00404389 | |
Source: | Code function: | 0_2_00404389 | |
Source: | Code function: | 0_2_0040C219 | |
Source: | Code function: | 0_2_00404389 | |
Source: | Code function: | 0_2_00404389 | |
Source: | Code function: | 0_2_00408E87 | |
Source: | Code function: | 1_2_004098E9 | |
Source: | Code function: | 1_2_0047E26A | |
Source: | Code function: | 1_2_0045C1C1 | |
Source: | Code function: | 1_2_004062CD | |
Source: | Code function: | 1_2_00410645 | |
Source: | Code function: | 1_2_0040A6D1 | |
Source: | Code function: | 1_2_00430705 | |
Source: | Code function: | 1_2_004128F3 | |
Source: | Code function: | 1_2_00442CD8 | |
Source: | Code function: | 1_2_00450CAB | |
Source: | Code function: | 1_2_00472D25 | |
Source: | Code function: | 1_2_0040CF9A | |
Source: | Code function: | 1_2_004054A9 | |
Source: | Code function: | 1_2_0040F4FA | |
Source: | Code function: | 1_2_00405741 | |
Source: | Code function: | 1_2_00405741 | |
Source: | Code function: | 1_2_00405741 | |
Source: | Code function: | 1_2_00457718 | |
Source: | Code function: | 1_2_00405741 | |
Source: | Code function: | 1_2_0047F7ED | |
Source: | Code function: | 1_2_00419B9D | |
Source: | Code function: | 1_2_00455EA0 |
Source: | Static PE information: | ||
Source: | Static PE information: |
Persistence and Installation Behavior |
---|
Source: | Code function: | 2_2_00401A4F | |
Source: | Code function: | 3_2_00401A4F | |
Source: | Code function: | 3_2_009FF7D6 |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | File created: | Jump to dropped file |
Boot Survival |
---|
Source: | Code function: | 2_2_00401A4F | |
Source: | Code function: | 3_2_00401A4F | |
Source: | Code function: | 3_2_009FF7D6 |
Source: | Code function: | 2_2_00402345 |
Source: | Code function: | 1_2_00423B7C | |
Source: | Code function: | 1_2_00423B7C | |
Source: | Code function: | 1_2_0042414C | |
Source: | Code function: | 1_2_00424104 | |
Source: | Code function: | 1_2_004182F4 | |
Source: | Code function: | 1_2_004227CC | |
Source: | Code function: | 1_2_00417508 | |
Source: | Code function: | 1_2_0047DB50 | |
Source: | Code function: | 1_2_00417C40 | |
Source: | Code function: | 1_2_00417C3E |
Source: | Code function: | 1_2_0044AEEC |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | Code function: | 2_2_00401B4B | |
Source: | Code function: | 3_2_00401B4B | |
Source: | Code function: | 3_2_009FF8DA |
Source: | Window / User API: | Jump to behavior |
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file |
Source: | Evasive API call chain: | graph_0-6445 |
Source: | Evasive API call chain: | graph_2-2438 |
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Code function: | 1_2_0047A44C | |
Source: | Code function: | 1_2_0047077C | |
Source: | Code function: | 1_2_004513E4 | |
Source: | Code function: | 1_2_004601DC | |
Source: | Code function: | 1_2_00478334 | |
Source: | Code function: | 1_2_00460658 | |
Source: | Code function: | 1_2_0045EC50 | |
Source: | Code function: | 1_2_00491EBC |
Source: | Code function: | 0_2_00409A14 |
Source: | Thread delayed: | Jump to behavior |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | API call chain: | graph_0-6303 | ||
Source: | API call chain: | graph_3-19020 |
Anti Debugging |
---|
Source: | Debugger detection routine: | graph_3-17661 |
Source: | Code function: | 3_2_00A100FE |
Source: | Code function: | 3_2_00A100FE |
Source: | Code function: | 1_2_00447DC0 |
Source: | Code function: | 3_2_009F6487 |
Source: | Code function: | 3_2_00A09468 |
Source: | Code function: | 1_2_004734AC |
Source: | Code function: | 1_2_0045AEE4 |
Source: | Code function: | 3_2_00A07FAD |
Source: | Code function: | 0_2_0040515C | |
Source: | Code function: | 0_2_004051A8 | |
Source: | Code function: | 1_2_004084D0 | |
Source: | Code function: | 1_2_0040851C |
Source: | Code function: | 1_2_004569D4 |
Source: | Code function: | 0_2_004026C4 |
Source: | Code function: | 1_2_00453D04 |
Source: | Code function: | 0_2_00405C44 |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 3 Native API | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 1 Deobfuscate/Decode Files or Information | OS Credential Dumping | 1 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | 2 Service Execution | 4 Windows Service | 1 DLL Side-Loading | 3 Obfuscated Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | 1 Bootkit | 1 Access Token Manipulation | 22 Software Packing | Security Account Manager | 3 File and Directory Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Non-Standard Port | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 4 Windows Service | 1 DLL Side-Loading | NTDS | 35 System Information Discovery | Distributed Component Object Model | Input Capture | 2 Non-Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 2 Process Injection | 1 Masquerading | LSA Secrets | 241 Security Software Discovery | SSH | Keylogging | 112 Application Layer Protocol | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 121 Virtualization/Sandbox Evasion | Cached Domain Credentials | 121 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 1 Access Token Manipulation | DCSync | 11 Application Window Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 2 Process Injection | Proc Filesystem | 3 System Owner/User Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | 1 Bootkit | /etc/passwd and /etc/shadow | 1 Remote System Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
IP Addresses | Compromise Infrastructure | Supply Chain Compromise | PowerShell | Cron | Cron | Dynamic API Resolution | Network Sniffing | 1 System Network Configuration Discovery | Shared Webroot | Local Data Staging | File Transfer Protocols | Exfiltration Over Asymmetric Encrypted Non-C2 Protocol | External Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
8% | ReversingLabs | |||
10% | Virustotal | Browse | ||
100% | Avira | HEUR/AGEN.1332570 |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira | HEUR/AGEN.1324697 | ||
100% | Avira | HEUR/AGEN.1324697 | ||
100% | Joe Sandbox ML | |||
100% | Joe Sandbox ML | |||
38% | Virustotal | Browse | ||
38% | Virustotal | Browse | ||
0% | ReversingLabs | |||
0% | Virustotal | Browse | ||
0% | ReversingLabs | |||
0% | Virustotal | Browse | ||
0% | ReversingLabs | |||
0% | Virustotal | Browse | ||
0% | ReversingLabs | |||
0% | Virustotal | Browse | ||
0% | ReversingLabs | |||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | ReversingLabs | |||
0% | Virustotal | Browse | ||
0% | ReversingLabs | |||
0% | Virustotal | Browse | ||
0% | ReversingLabs | |||
0% | Virustotal | Browse | ||
0% | ReversingLabs | |||
0% | Virustotal | Browse | ||
0% | ReversingLabs | |||
0% | Virustotal | Browse | ||
0% | ReversingLabs | |||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | ReversingLabs | |||
3% | Virustotal | Browse | ||
0% | ReversingLabs | |||
1% | Virustotal | Browse |
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
8% | Virustotal | Browse | ||
1% | Virustotal | Browse | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bvuppwf.com | 45.142.214.240 | true | true | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown | |
true |
| unknown | |
true |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| low | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
88.80.148.19 | unknown | Bulgaria | 44901 | BELCLOUDBG | false | |
45.142.214.240 | bvuppwf.com | Russian Federation | 200019 | ALEXHOSTMD | true |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1417492 |
Start date and time: | 2024-03-29 12:57:12 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 59s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | 0RWRPBSuDx.exerenamed because original name is a hash value |
Original Sample Name: | d19197438a7371baaac62fec8dabb3d7.exe |
Detection: | MAL |
Classification: | mal100.troj.evad.winEXE@7/26@1/2 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtDeviceIoControlFile calls found.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
Time | Type | Description |
---|---|---|
12:58:33 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
88.80.148.19 | Get hash | malicious | Socks5Systemz | Browse | ||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
45.142.214.240 | Get hash | malicious | Socks5Systemz | Browse | ||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse |
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
ALEXHOSTMD | Get hash | malicious | Socks5Systemz | Browse |
| |
Get hash | malicious | Phisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | ScreenConnect Tool | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
BELCLOUDBG | Get hash | malicious | Socks5Systemz | Browse |
| |
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
| ||
Get hash | malicious | Socks5Systemz | Browse |
|
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
C:\Users\user\AppData\Local\Codec Pack Update\is-06H7C.tmp | Get hash | malicious | Socks5Systemz | Browse | ||
Get hash | malicious | Amadey, Glupteba, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoader | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse | |||
Get hash | malicious | Socks5Systemz | Browse |
Process: | C:\Users\user\AppData\Local\Codec Pack Update\codecpackupdate.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1765117 |
Entropy (8bit): | 7.091797956018468 |
Encrypted: | false |
SSDEEP: | 24576:xpDgEFpZpqcxrp1/1ipjXpxmII8pKwkpMUsKqRXIwzk+8I/PaNyQdmb3vvReVi/p:xdPvrDQRXrpzhkaUuYwQ+7f3rpvF |
MD5: | 0E347C627EFDED3BF78AFA21FF8B54D3 |
SHA1: | 1977ACD434808DE5CA6D973D4B0C270E08E627EC |
SHA-256: | 8F5BA8AC79E5A972E7B29244DF184B45CF86AFDB2B001A9BD230F78248F804B9 |
SHA-512: | 3F9F507AFA088A52E91D6B46EA0591757CBD81AE2A423F4F8551F4B4827F3467609FAD6981B2D56BDE590EA45584AD327E8A41C8895E48256836FC4A9483E10E |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
Process: | C:\Users\user\AppData\Local\Codec Pack Update\codecpackupdate.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | 3:l:l |
MD5: | 8A3D4FE0109975976AEF9A87C7842A63 |
SHA1: | C3EF9ECB135A708C7BA6C9F6FDC590C42B325FA8 |
SHA-256: | 8518A6F1FD1002EFD7D86C2ED1D076791DE1D4C234188FCBC269D6CC3BA6D887 |
SHA-512: | DF18467DC7A31AB174DA0065DB7AA7B312716F80A2734935AA1E0020A7EF44D85CD8C86F761574266492CC9C47E026B80176A9997865797871C7D0DA2C8E57B5 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Users\user\AppData\Local\Codec Pack Update\codecpackupdate.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 128 |
Entropy (8bit): | 2.9545817380615236 |
Encrypted: | false |
SSDEEP: | 3:SmwW3Fde9UUDrjStGs/:Smze7DPStGM |
MD5: | 98DDA7FC0B3E548B68DE836D333D1539 |
SHA1: | D0CB784FA2BBD3BDE2BA4400211C3B613638F1C6 |
SHA-256: | 870555CDCBA1F066D893554731AE99A21AE776D41BCB680CBD6510CB9F420E3D |
SHA-512: | E79BD8C2E0426DBEBA8AC2350DA66DC0413F79860611A05210905506FEF8B80A60BB7E76546B0CE9C6E6BC9DDD4BC66FF4C438548F26187EAAF6278F769B3AC1 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Users\user\AppData\Local\Codec Pack Update\codecpackupdate.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 128 |
Entropy (8bit): | 1.2701231977328944 |
Encrypted: | false |
SSDEEP: | 3:WAmJuXDz8/:HHzc |
MD5: | 0D6174E4525CFDED5DD1C9440B9DC1E7 |
SHA1: | 173EF30A035CE666278904625EADCFAE09233A47 |
SHA-256: | 458677CDF0E1A4E87D32AB67D6A5EEA9E67CB3545D79A21A0624E6BB5E1087E7 |
SHA-512: | 86DA96385985A1BA3D67A8676A041CA563838F474DF33D82B6ECD90C101703B30747121A6B7281E025A3C11CE28ACCEDFC94DB4E8D38E391199458056C2CD27A |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Users\user\AppData\Local\Codec Pack Update\codecpackupdate.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8 |
Entropy (8bit): | 2.0 |
Encrypted: | false |
SSDEEP: | 3:ejz:ejz |
MD5: | 5C9AA18A11C6695BFBD46339B919594E |
SHA1: | 8E16438DA2E020C849613449255938C1FCEB94A2 |
SHA-256: | 67FED35078C5A379E0C358871FCE962BAB0646067F0E3909A0F1751C9B0E87AA |
SHA-512: | 6FB364A8A74F60BE5A8783B1DD168EA86F7F2263754777C8C412C9CF244BDDD38B051651ADE4CA97D273F5D31536804C6F36B4F51F59A01D632ED707373F9241 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | modified |
Size (bytes): | 1765117 |
Entropy (8bit): | 7.091797956018468 |
Encrypted: | false |
SSDEEP: | 24576:xpDgEFpZpqcxrp1/1ipjXpxmII8pKwkpMUsKqRXIwzk+8I/PaNyQdmb3vvReVi/p:xdPvrDQRXrpzhkaUuYwQ+7f3rpvF |
MD5: | 0E347C627EFDED3BF78AFA21FF8B54D3 |
SHA1: | 1977ACD434808DE5CA6D973D4B0C270E08E627EC |
SHA-256: | 8F5BA8AC79E5A972E7B29244DF184B45CF86AFDB2B001A9BD230F78248F804B9 |
SHA-512: | 3F9F507AFA088A52E91D6B46EA0591757CBD81AE2A423F4F8551F4B4827F3467609FAD6981B2D56BDE590EA45584AD327E8A41C8895E48256836FC4A9483E10E |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 176200 |
Entropy (8bit): | 6.647007817777345 |
Encrypted: | false |
SSDEEP: | 1536:9teve4OMTqM/iKAo+/zO9RhR9aPTxRm1TxStoBtwIbaU+yUsXxTTLRazIxSp/FjU:ze24OM+M/bAWK9Rm1NXwIl+/I9RtqIn |
MD5: | 6896DC57D056879F929206A0A7692A34 |
SHA1: | D2F709CDE017C42916172E9178A17EB003917189 |
SHA-256: | 8A7D2DA7685CEDB267BFA7F0AD3218AFA28F4ED2F1029EE920D66EB398F3476D |
SHA-512: | CD1A981D5281E8B2E6A8C27A57CDB65ED1498DE21D2B7A62EDC945FB380DEA258F47A9EC9E53BD43D603297635EDFCA95EBCB2A962812CD53C310831242384B8 |
Malicious: | true |
Antivirus: |
|
Joe Sandbox View: |
|
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 40974 |
Entropy (8bit): | 6.485702128133584 |
Encrypted: | false |
SSDEEP: | 768:kB8JMzjwsTYQgUvXtrs7GtUplYj7SG7MLXm:kmMwsTYwvXhZP77SW |
MD5: | F47E78AD658B2767461EA926060BF3DD |
SHA1: | 9BA8A1909864157FD12DDEE8B94536CEA04D8BD6 |
SHA-256: | 602C2B9F796DA7BA7BF877BF624AC790724800074D0E12FFA6861E29C1A38144 |
SHA-512: | 216FA5AA6027C2896EA5C499638DB7298DFE311D04E1ABAC302D6CE7F8D3ED4B9F4761FE2F4951F6F89716CA8104FA4CE3DFECCDBCA77ED10638328D0F13546B |
Malicious: | true |
Antivirus: |
|
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 1765117 |
Entropy (8bit): | 7.091797771557612 |
Encrypted: | false |
SSDEEP: | 24576:SpDgEFpZpqcxrp1/1ipjXpxmII8pKwkpMUsKqRXIwzk+8I/PaNyQdmb3vvReVi/p:SdPvrDQRXrpzhkaUuYwQ+7f3rpvF |
MD5: | 26EF14DD1653A7ECB95888DD11B90FAF |
SHA1: | 85482E135D91428184213250EEF2C1255F33B918 |
SHA-256: | E6E48C9C1911410591431A779938F0E7C9CDC201A7BB5CF7AFCC8FEDA1554CE0 |
SHA-512: | B7A9EBB7E78302756937EBDCFA4CE5ED3B3CCDFF73B2BE2D98001CEBD592A1E2D9A2C6B4221AEC52A116F292853C6E974C298D9D935BD9C3A42386236FDE5C81 |
Malicious: | false |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 125637 |
Entropy (8bit): | 6.2640431186303145 |
Encrypted: | false |
SSDEEP: | 3072:lRvT0WUWJXNEn9bufmWAHE9pQIAOBmuWR2:DT0WU6E9Kfms9p5guWc |
MD5: | 6231B452E676ADE27CA0CEB3A3CF874A |
SHA1: | F8236DBF9FA3B2835BBB5A8D08DAB3A155F310D1 |
SHA-256: | 9941EEE1CAFFFAD854AB2DFD49BF6E57B181EFEB4E2D731BA7A28F5AB27E91CF |
SHA-512: | F5882A3CDED0A4E498519DE5679EA12A0EA275C220E318AF1762855A94BDAC8DC5413D1C5D1A55A7CC31CFEBCF4647DCF1F653195536CE1826A3002CF01AA12C |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 105784 |
Entropy (8bit): | 6.258144336244945 |
Encrypted: | false |
SSDEEP: | 1536:2VpMEh4vFu4sry2jkEw0D2cXTY+sgmX18CGLganGc:2Vai3yjEw0DNX03gmqCOD3 |
MD5: | 0C6452935851B7CDB3A365AECD2DD260 |
SHA1: | 83EF3CD7F985ACC113A6DE364BDB376DBF8D2F48 |
SHA-256: | F8385D08BD44B213FF2A2C360FE01AE8A1EDA5311C7E1FC1A043C524E899A8ED |
SHA-512: | 5FF21A85EE28665C4E707C7044F122D1BAC8E408A06F8EA16E33A8C9201798D196FA65B24327F208C4FF415E24A5AD2414FE7A91D9C0B0D8CFF88299111F2E1D |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 68552 |
Entropy (8bit): | 6.1042544770100395 |
Encrypted: | false |
SSDEEP: | 768:Jd8ALXCfP6bO/XfLCwiWBot9ZOGLuNTizPm3YRiFVinPHF:X8fq+X9OjZ2APm3YeinPl |
MD5: | F06B0761D27B9E69A8F1220846FF12AF |
SHA1: | E3A2F4F12A5291EE8DDC7A185DB2699BFFADFE1A |
SHA-256: | E85AECC40854203B4A2F4A0249F875673E881119181E3DF2968491E31AD372A4 |
SHA-512: | 5821EA0084524569E07BB18AA2999E3193C97AA52DA6932A7971A61DD03D0F08CA9A2D4F98EB96A603B99F65171F6D495D3E8F2BBB2FC90469C741EF11B514E9 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 704282 |
Entropy (8bit): | 6.476111921428066 |
Encrypted: | false |
SSDEEP: | 12288:dhg/qrLc0yVrPg37AzHqA63JJVndjzrN6IRpOA+u1nWXExydV:o/qrQ0yVrPg37AzHqA6Zfn0A3NWXExyL |
MD5: | 8FB0A35B2C5618B9AF54186692C1D885 |
SHA1: | 317FD5BEE39CD02BC6229E437489ECF5C00424DD |
SHA-256: | CD8F08AC8C519080D19CD9B8926A1B8061BF5ECB526E4A6DC3E7392149D29DF4 |
SHA-512: | DFA2328C202E37821E297BA6A25B44C958EACDA4191502BC255F819F6B2D0A845A248A6951EDC07E7AE36E6B6397B6025D06D8D0B164A01F96C56D0215646CF8 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | modified |
Size (bytes): | 125637 |
Entropy (8bit): | 6.2640431186303145 |
Encrypted: | false |
SSDEEP: | 3072:lRvT0WUWJXNEn9bufmWAHE9pQIAOBmuWR2:DT0WU6E9Kfms9p5guWc |
MD5: | 6231B452E676ADE27CA0CEB3A3CF874A |
SHA1: | F8236DBF9FA3B2835BBB5A8D08DAB3A155F310D1 |
SHA-256: | 9941EEE1CAFFFAD854AB2DFD49BF6E57B181EFEB4E2D731BA7A28F5AB27E91CF |
SHA-512: | F5882A3CDED0A4E498519DE5679EA12A0EA275C220E318AF1762855A94BDAC8DC5413D1C5D1A55A7CC31CFEBCF4647DCF1F653195536CE1826A3002CF01AA12C |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 105784 |
Entropy (8bit): | 6.258144336244945 |
Encrypted: | false |
SSDEEP: | 1536:2VpMEh4vFu4sry2jkEw0D2cXTY+sgmX18CGLganGc:2Vai3yjEw0DNX03gmqCOD3 |
MD5: | 0C6452935851B7CDB3A365AECD2DD260 |
SHA1: | 83EF3CD7F985ACC113A6DE364BDB376DBF8D2F48 |
SHA-256: | F8385D08BD44B213FF2A2C360FE01AE8A1EDA5311C7E1FC1A043C524E899A8ED |
SHA-512: | 5FF21A85EE28665C4E707C7044F122D1BAC8E408A06F8EA16E33A8C9201798D196FA65B24327F208C4FF415E24A5AD2414FE7A91D9C0B0D8CFF88299111F2E1D |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 125637 |
Entropy (8bit): | 6.2640431186303145 |
Encrypted: | false |
SSDEEP: | 3072:lRvT0WUWJXNEn9bufmWAHE9pQIAOBmuWR2:DT0WU6E9Kfms9p5guWc |
MD5: | 6231B452E676ADE27CA0CEB3A3CF874A |
SHA1: | F8236DBF9FA3B2835BBB5A8D08DAB3A155F310D1 |
SHA-256: | 9941EEE1CAFFFAD854AB2DFD49BF6E57B181EFEB4E2D731BA7A28F5AB27E91CF |
SHA-512: | F5882A3CDED0A4E498519DE5679EA12A0EA275C220E318AF1762855A94BDAC8DC5413D1C5D1A55A7CC31CFEBCF4647DCF1F653195536CE1826A3002CF01AA12C |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 40974 |
Entropy (8bit): | 6.485702128133584 |
Encrypted: | false |
SSDEEP: | 768:kB8JMzjwsTYQgUvXtrs7GtUplYj7SG7MLXm:kmMwsTYwvXhZP77SW |
MD5: | F47E78AD658B2767461EA926060BF3DD |
SHA1: | 9BA8A1909864157FD12DDEE8B94536CEA04D8BD6 |
SHA-256: | 602C2B9F796DA7BA7BF877BF624AC790724800074D0E12FFA6861E29C1A38144 |
SHA-512: | 216FA5AA6027C2896EA5C499638DB7298DFE311D04E1ABAC302D6CE7F8D3ED4B9F4761FE2F4951F6F89716CA8104FA4CE3DFECCDBCA77ED10638328D0F13546B |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 176200 |
Entropy (8bit): | 6.647007817777345 |
Encrypted: | false |
SSDEEP: | 1536:9teve4OMTqM/iKAo+/zO9RhR9aPTxRm1TxStoBtwIbaU+yUsXxTTLRazIxSp/FjU:ze24OM+M/bAWK9Rm1NXwIl+/I9RtqIn |
MD5: | 6896DC57D056879F929206A0A7692A34 |
SHA1: | D2F709CDE017C42916172E9178A17EB003917189 |
SHA-256: | 8A7D2DA7685CEDB267BFA7F0AD3218AFA28F4ED2F1029EE920D66EB398F3476D |
SHA-512: | CD1A981D5281E8B2E6A8C27A57CDB65ED1498DE21D2B7A62EDC945FB380DEA258F47A9EC9E53BD43D603297635EDFCA95EBCB2A962812CD53C310831242384B8 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 68552 |
Entropy (8bit): | 6.1042544770100395 |
Encrypted: | false |
SSDEEP: | 768:Jd8ALXCfP6bO/XfLCwiWBot9ZOGLuNTizPm3YRiFVinPHF:X8fq+X9OjZ2APm3YeinPl |
MD5: | F06B0761D27B9E69A8F1220846FF12AF |
SHA1: | E3A2F4F12A5291EE8DDC7A185DB2699BFFADFE1A |
SHA-256: | E85AECC40854203B4A2F4A0249F875673E881119181E3DF2968491E31AD372A4 |
SHA-512: | 5821EA0084524569E07BB18AA2999E3193C97AA52DA6932A7971A61DD03D0F08CA9A2D4F98EB96A603B99F65171F6D495D3E8F2BBB2FC90469C741EF11B514E9 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 4672 |
Entropy (8bit): | 4.69622146446918 |
Encrypted: | false |
SSDEEP: | 96:IjdWK38Xp/kOgVx9n+eOIhndI4cVSQs0LnVG:mdWK38p//WKHIhd9cVSQ1nM |
MD5: | 54A2A8875B4AD5973EC4D4483B48DFC3 |
SHA1: | E03CB590D75DECCDB02CC1F75A819D8AAF2ACBB5 |
SHA-256: | 14330DA6216F8CD829AC3E871C4F321FB7828E4932C2D05BC759FB46F58B5DB3 |
SHA-512: | CF56FF46DE89B1773C3AB5C3F5F3E312AC9C4E80EC39957EA96B93E54D2EFFA7C59AE89C7B691524661AACF397FD7E1ADB6226A4E505EB2000EE686C27E39B53 |
Malicious: | false |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 704282 |
Entropy (8bit): | 6.476111921428066 |
Encrypted: | false |
SSDEEP: | 12288:dhg/qrLc0yVrPg37AzHqA63JJVndjzrN6IRpOA+u1nWXExydV:o/qrQ0yVrPg37AzHqA6Zfn0A3NWXExyL |
MD5: | 8FB0A35B2C5618B9AF54186692C1D885 |
SHA1: | 317FD5BEE39CD02BC6229E437489ECF5C00424DD |
SHA-256: | CD8F08AC8C519080D19CD9B8926A1B8061BF5ECB526E4A6DC3E7392149D29DF4 |
SHA-512: | DFA2328C202E37821E297BA6A25B44C958EACDA4191502BC255F819F6B2D0A845A248A6951EDC07E7AE36E6B6397B6025D06D8D0B164A01F96C56D0215646CF8 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\Desktop\0RWRPBSuDx.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 693760 |
Entropy (8bit): | 6.467804610296463 |
Encrypted: | false |
SSDEEP: | 12288:lhg/qrLc0yVrPg37AzHqA63JJVndjzrN6IRpOA+u1nWXExyd:A/qrQ0yVrPg37AzHqA6Zfn0A3NWXExyd |
MD5: | D8E53E1B8EA1B12BC3F40BB9F8B14F38 |
SHA1: | 0A0D2B30DA9F9A7F92721AD517087AAA3FDB7278 |
SHA-256: | 715726ACBFE23EC2E9651B187888C25BEA815CC49933A6CEF1E2110D07E736EB |
SHA-512: | 7DBE3AFF2FFD5EB5A424DBECCE6340CB304C7940CC9C758F441E00C485D301A7B74435689E26DB32CADDD66DB3DDC91CC76B008E1A4C5CE10FE2AC1A4437D947 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 4096 |
Entropy (8bit): | 4.026670007889822 |
Encrypted: | false |
SSDEEP: | 48:ivuz1hEU3FR/pmqBl8/QMCBaquEMx5BC+SS4k+bkguj0KHc:bz1eEFNcqBC/Qrex5iSKDkc |
MD5: | 0EE914C6F0BB93996C75941E1AD629C6 |
SHA1: | 12E2CB05506EE3E82046C41510F39A258A5E5549 |
SHA-256: | 4DC09BAC0613590F1FAC8771D18AF5BE25A1E1CB8FDBF4031AA364F3057E74A2 |
SHA-512: | A899519E78125C69DC40F7E371310516CF8FAA69E3B3FF747E0DDF461F34E50A9FF331AB53B4D07BB45465039E8EBA2EE4684B3EE56987977AE8C7721751F5F9 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 2560 |
Entropy (8bit): | 2.8818118453929262 |
Encrypted: | false |
SSDEEP: | 24:e1GSgDIX566lIB6SXvVmMPUjvhBrDsqZ:SgDKRlVImgUNBsG |
MD5: | A69559718AB506675E907FE49DEB71E9 |
SHA1: | BC8F404FFDB1960B50C12FF9413C893B56F2E36F |
SHA-256: | 2F6294F9AA09F59A574B5DCD33BE54E16B39377984F3D5658CDA44950FA0F8FC |
SHA-512: | E52E0AA7FE3F79E36330C455D944653D449BA05B2F9ABEE0914A0910C3452CFA679A40441F9AC696B3CCF9445CBB85095747E86153402FC362BB30AC08249A63 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 6144 |
Entropy (8bit): | 4.215994423157539 |
Encrypted: | false |
SSDEEP: | 96:sfkcXegaJ/ZAYNzcld1xaX12pS5SKvkc:sfJEVYlvxaX12EF |
MD5: | 4FF75F505FDDCC6A9AE62216446205D9 |
SHA1: | EFE32D504CE72F32E92DCF01AA2752B04D81A342 |
SHA-256: | A4C86FC4836AC728D7BD96E7915090FD59521A9E74F1D06EF8E5A47C8695FD81 |
SHA-512: | BA0469851438212D19906D6DA8C4AE95FF1C0711A095D9F21F13530A6B8B21C3ACBB0FF55EDB8A35B41C1A9A342F5D3421C00BA395BC13BB1EF5902B979CE824 |
Malicious: | true |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\is-EDLGI.tmp\0RWRPBSuDx.tmp |
File Type: | |
Category: | dropped |
Size (bytes): | 23312 |
Entropy (8bit): | 4.596242908851566 |
Encrypted: | false |
SSDEEP: | 384:+Vm08QoKkiWZ76UJuP71W55iWHHoSHigH2euwsHTGHVb+VHHmnH+aHjHqLHxmoq1:2m08QotiCjJuPGw4 |
MD5: | 92DC6EF532FBB4A5C3201469A5B5EB63 |
SHA1: | 3E89FF837147C16B4E41C30D6C796374E0B8E62C |
SHA-256: | 9884E9D1B4F8A873CCBD81F8AD0AE257776D2348D027D811A56475E028360D87 |
SHA-512: | 9908E573921D5DBC3454A1C0A6C969AB8A81CC2E8B5385391D46B1A738FB06A76AA3282E0E58D0D2FFA6F27C85668CD5178E1500B8A39B1BBAE04366AE6A86D3 |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 7.993652999413307 |
TrID: |
|
File name: | 0RWRPBSuDx.exe |
File size: | 1'954'271 bytes |
MD5: | d19197438a7371baaac62fec8dabb3d7 |
SHA1: | 3252c13b0af9e6a71c11bf9ed37122b3d76064bd |
SHA256: | e2de4097b80b8480f28f08bc4fc238dca38dbdcb6bbb0c77a83e3753cb03dcf7 |
SHA512: | 7cb352f821f9dfd2fb9dfb2d8b804943ba08e1f428334e79f529a2aed7b66966e5310433b74b6f2870c7e1868668f24a8aa74f475ede929aa3b2d1482e57c8a7 |
SSDEEP: | 49152:32Y1stnLQ9SkGvzb4siA0Wz3048WUKlvhFKpde2MDmrfyoZ:mrtnfI50d8Wtviqmr6oZ |
TLSH: | 7C953311F9285738E0297B304D06F3AA8933F952EE35256CA78D9B6C4F77125C50AFA3 |
File Content Preview: | MZP.....................@...............................................!..L.!..This program must be run under Win32..$7....................................................................................................................................... |
Icon Hash: | 2d2e3797b32b2b99 |
Entrypoint: | 0x409b24 |
Entrypoint Section: | CODE |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI |
DLL Characteristics: | TERMINAL_SERVER_AWARE |
Time Stamp: | 0x2A425E19 [Fri Jun 19 22:22:17 1992 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 1 |
OS Version Minor: | 0 |
File Version Major: | 1 |
File Version Minor: | 0 |
Subsystem Version Major: | 1 |
Subsystem Version Minor: | 0 |
Import Hash: | 884310b1928934402ea6fec1dbd3cf5e |
Instruction |
---|
push ebp |
mov ebp, esp |
add esp, FFFFFFC4h |
push ebx |
push esi |
push edi |
xor eax, eax |
mov dword ptr [ebp-10h], eax |
mov dword ptr [ebp-24h], eax |
call 00007FC2A4D25B57h |
call 00007FC2A4D26D5Eh |
call 00007FC2A4D28F89h |
call 00007FC2A4D28FD0h |
call 00007FC2A4D2B8C3h |
call 00007FC2A4D2BA2Ah |
xor eax, eax |
push ebp |
push 0040A1DBh |
push dword ptr fs:[eax] |
mov dword ptr fs:[eax], esp |
xor edx, edx |
push ebp |
push 0040A1A4h |
push dword ptr fs:[edx] |
mov dword ptr fs:[edx], esp |
mov eax, dword ptr [0040C014h] |
call 00007FC2A4D2C450h |
call 00007FC2A4D2BFB7h |
lea edx, dword ptr [ebp-10h] |
xor eax, eax |
call 00007FC2A4D295B9h |
mov edx, dword ptr [ebp-10h] |
mov eax, 0040CDE4h |
call 00007FC2A4D25C08h |
push 00000002h |
push 00000000h |
push 00000001h |
mov ecx, dword ptr [0040CDE4h] |
mov dl, 01h |
mov eax, 004072ECh |
call 00007FC2A4D29E48h |
mov dword ptr [0040CDE8h], eax |
xor edx, edx |
push ebp |
push 0040A15Ch |
push dword ptr fs:[edx] |
mov dword ptr fs:[edx], esp |
call 00007FC2A4D2C4C0h |
mov dword ptr [0040CDF0h], eax |
mov eax, dword ptr [0040CDF0h] |
cmp dword ptr [eax+0Ch], 01h |
jne 00007FC2A4D2C5FAh |
mov eax, dword ptr [0040CDF0h] |
mov edx, 00000028h |
call 00007FC2A4D2A249h |
mov edx, dword ptr [0040CDF0h] |
cmp eax, dword ptr [edx+00h] |
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xd000 | 0x950 | .idata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x11000 | 0x2c00 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0xf000 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
CODE | 0x1000 | 0x9244 | 0x9400 | 00d95da090f9b045cc52199c7b36d118 | False | 0.6099820523648649 | data | 6.529731839731562 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
DATA | 0xb000 | 0x24c | 0x400 | 39d5f89b5ecafeb0fe902996045df0e7 | False | 0.3076171875 | data | 2.734702734719094 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
BSS | 0xc000 | 0xe48 | 0x0 | d41d8cd98f00b204e9800998ecf8427e | False | 0 | empty | 0.0 | IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.idata | 0xd000 | 0x950 | 0xa00 | bb5485bf968b970e5ea81292af2acdba | False | 0.414453125 | data | 4.430733069799036 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.tls | 0xe000 | 0x8 | 0x0 | d41d8cd98f00b204e9800998ecf8427e | False | 0 | empty | 0.0 | IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rdata | 0xf000 | 0x18 | 0x200 | 9ba824905bf9c7922b6fc87a38b74366 | False | 0.052734375 | data | 0.2044881574398449 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ |
.reloc | 0x10000 | 0x8b4 | 0x0 | d41d8cd98f00b204e9800998ecf8427e | False | 0 | empty | 0.0 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ |
.rsrc | 0x11000 | 0x2c00 | 0x2c00 | 3c05f08b670faa404567ceb461718a1c | False | 0.32279829545454547 | data | 4.462019412670872 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0x11354 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | Dutch | Netherlands | 0.5675675675675675 |
RT_ICON | 0x1147c | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 320 | Dutch | Netherlands | 0.4486994219653179 |
RT_ICON | 0x119e4 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 640 | Dutch | Netherlands | 0.4637096774193548 |
RT_ICON | 0x11ccc | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 1152 | Dutch | Netherlands | 0.3935018050541516 |
RT_STRING | 0x12574 | 0x2f2 | data | 0.35543766578249336 | ||
RT_STRING | 0x12868 | 0x30c | data | 0.3871794871794872 | ||
RT_STRING | 0x12b74 | 0x2ce | data | 0.42618384401114207 | ||
RT_STRING | 0x12e44 | 0x68 | data | 0.75 | ||
RT_STRING | 0x12eac | 0xb4 | data | 0.6277777777777778 | ||
RT_STRING | 0x12f60 | 0xae | data | 0.5344827586206896 | ||
RT_RCDATA | 0x13010 | 0x2c | data | 1.2045454545454546 | ||
RT_GROUP_ICON | 0x1303c | 0x3e | data | English | United States | 0.8387096774193549 |
RT_VERSION | 0x1307c | 0x4b8 | COM executable for DOS | English | United States | 0.2764900662251656 |
RT_MANIFEST | 0x13534 | 0x560 | XML 1.0 document, ASCII text, with CRLF line terminators | English | United States | 0.4251453488372093 |
DLL | Import |
---|---|
kernel32.dll | DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, WideCharToMultiByte, TlsSetValue, TlsGetValue, MultiByteToWideChar, GetModuleHandleA, GetLastError, GetCommandLineA, WriteFile, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetSystemTime, GetFileType, ExitProcess, CreateFileA, CloseHandle |
user32.dll | MessageBoxA |
oleaut32.dll | VariantChangeTypeEx, VariantCopyInd, VariantClear, SysStringLen, SysAllocStringLen |
advapi32.dll | RegQueryValueExA, RegOpenKeyExA, RegCloseKey, OpenProcessToken, LookupPrivilegeValueA |
kernel32.dll | WriteFile, VirtualQuery, VirtualProtect, VirtualFree, VirtualAlloc, Sleep, SizeofResource, SetLastError, SetFilePointer, SetErrorMode, SetEndOfFile, RemoveDirectoryA, ReadFile, LockResource, LoadResource, LoadLibraryA, IsDBCSLeadByte, GetWindowsDirectoryA, GetVersionExA, GetUserDefaultLangID, GetSystemInfo, GetSystemDefaultLCID, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetFullPathNameA, GetFileSize, GetFileAttributesA, GetExitCodeProcess, GetEnvironmentVariableA, GetCurrentProcess, GetCommandLineA, GetACP, InterlockedExchange, FormatMessageA, FindResourceA, DeleteFileA, CreateProcessA, CreateFileA, CreateDirectoryA, CloseHandle |
user32.dll | TranslateMessage, SetWindowLongA, PeekMessageA, MsgWaitForMultipleObjects, MessageBoxA, LoadStringA, ExitWindowsEx, DispatchMessageA, DestroyWindow, CreateWindowExA, CallWindowProcA, CharPrevA |
comctl32.dll | InitCommonControls |
advapi32.dll | AdjustTokenPrivileges |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
Dutch | Netherlands | |
English | United States |
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
03/29/24-12:59:10.764656 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49755 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:35.421196 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49787 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:59.675457 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49815 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:28.814022 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49778 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:58:58.279145 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49740 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:52.205310 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49806 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:48.200098 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49801 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:44.183959 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49796 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:29.458062 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49779 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:54.762452 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49810 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:25.184508 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49773 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:17.561359 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49763 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:32.211512 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49782 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:10.122007 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49754 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:21.394081 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49769 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:03.387980 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49746 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:37.749118 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49790 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:24.138039 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49772 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:47.153192 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49800 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:31.562211 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49781 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:18.201077 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49764 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:58:57.434224 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49736 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:25.828412 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49774 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:44.826160 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49797 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:38.599677 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49791 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:28.169308 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49777 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:32.211512 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49782 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-13:00:01.144442 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49817 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:11.403065 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49756 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:14.168811 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49759 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:45.464018 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49798 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-13:00:00.317751 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49816 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:48.200098 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49801 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:52.843294 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49807 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:17.561359 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49763 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:09.075777 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49753 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:23.090769 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49771 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:55.404429 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49811 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:36.058657 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49788 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:02.340536 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49745 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:39.978368 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49792 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:31.562211 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49781 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:00.626740 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49743 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:13.121896 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49758 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:24.138039 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49772 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:26.471385 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49775 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:39.978368 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49792 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:18.201077 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49764 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:19.483683 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49766 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:22.033829 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49770 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:01.268339 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49744 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:34.777689 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49786 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:37.106191 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49789 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:07.153408 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49750 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:43.547929 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49795 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:21.394081 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49769 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:49.480506 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49803 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:46.108211 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49799 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:44.183959 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49796 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-13:00:01.144442 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49817 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:56.055877 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49812 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:58:58.279145 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49740 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:52.205310 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49806 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:16.918885 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49762 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:44.826160 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49797 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:58:59.965425 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49742 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:36.058657 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49788 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:02.340536 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49745 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:59.031292 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49814 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:42.903229 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49794 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:09.075777 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49753 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:07.805203 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49751 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:53.482569 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49808 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:25.184508 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49773 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:20.124059 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49767 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-13:00:03.080619 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49820 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:11.403065 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49756 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:32.856145 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49783 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:28.169308 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49777 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:54.762452 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49810 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:50.109189 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49804 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-13:00:02.442251 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49819 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:58:57.434224 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49736 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:08.435175 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49752 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-13:00:01.795965 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49818 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:56.055877 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49812 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:13.121896 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49758 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:33.499589 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49784 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:15.452590 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49761 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:54.123875 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49809 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:49.480506 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49803 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:00.626740 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49743 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:14.816268 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49760 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:50.109189 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49804 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:12.050126 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49757 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:22.033829 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49770 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:27.122910 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49776 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:41.029454 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49793 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:05.059289 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49748 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:20.124059 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49767 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:26.471385 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49775 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:06.106340 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49749 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:19.483683 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49766 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:51.153063 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49805 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:48.841670 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49802 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:18.842102 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49765 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:30.918916 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49780 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:58:59.965425 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49742 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-13:00:02.442251 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49819 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:12.050126 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49757 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:34.137988 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49785 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:16.918885 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49762 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:32.856145 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49783 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:58:58.916637 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49741 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:27.122910 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49776 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:56.945215 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49813 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:46.108211 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49799 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:34.777689 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49786 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:20.762171 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49768 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:07.805203 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49751 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:42.903229 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49794 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:33.499589 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49784 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:35.421196 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49787 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:03.387980 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49746 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-13:00:01.795965 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49818 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:08.435175 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49752 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:41.029454 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49793 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:28.814022 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49778 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:15.452590 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49761 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:47.153192 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49800 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:06.106340 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49749 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:10.764656 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49755 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:37.749118 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49790 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-13:00:03.080619 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49820 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:58:58.916637 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49741 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:54.123875 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49809 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:59.031292 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49814 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:53.482569 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49808 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:59.675457 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49815 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:45.464018 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49798 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:20.762171 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49768 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:48.841670 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49802 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:23.090769 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49771 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:05.059289 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49748 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:51.153063 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49805 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:38.599677 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49791 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:18.842102 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49765 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:55.404429 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49811 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:25.828412 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49774 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-13:00:00.317751 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49816 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:14.816268 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49760 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:43.547929 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49795 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:01.268339 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49744 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:56.945215 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49813 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:30.918916 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49780 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:10.122007 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49754 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:37.106191 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49789 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:07.153408 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49750 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:52.843294 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49807 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:34.137988 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49785 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:14.168811 | TCP | 2050112 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M2 | 49759 | 80 | 192.168.2.4 | 45.142.214.240 |
03/29/24-12:59:29.458062 | TCP | 2049467 | ET TROJAN [ANY.RUN] Socks5Systemz HTTP C2 Connection M1 | 49779 | 80 | 192.168.2.4 | 45.142.214.240 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 29, 2024 12:58:53.805278063 CET | 49736 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:54.025074005 CET | 80 | 49736 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:54.025191069 CET | 49736 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:54.025398016 CET | 49736 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:54.245042086 CET | 80 | 49736 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:54.341233015 CET | 80 | 49736 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:54.341332912 CET | 49736 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:54.346235037 CET | 49737 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:58:54.552602053 CET | 2023 | 49737 | 88.80.148.19 | 192.168.2.4 |
Mar 29, 2024 12:58:54.552692890 CET | 49737 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:58:54.552833080 CET | 49737 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:58:54.759058952 CET | 2023 | 49737 | 88.80.148.19 | 192.168.2.4 |
Mar 29, 2024 12:58:54.759731054 CET | 49737 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:58:54.965931892 CET | 2023 | 49737 | 88.80.148.19 | 192.168.2.4 |
Mar 29, 2024 12:58:54.966330051 CET | 2023 | 49737 | 88.80.148.19 | 192.168.2.4 |
Mar 29, 2024 12:58:55.009177923 CET | 49737 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:58:56.981125116 CET | 49736 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:57.200521946 CET | 80 | 49736 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:57.321274996 CET | 80 | 49736 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:57.321410894 CET | 49736 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:57.434223890 CET | 49736 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:57.653515100 CET | 80 | 49736 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:57.738240004 CET | 80 | 49736 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:57.738471985 CET | 49736 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:57.739649057 CET | 49739 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:58:57.945950031 CET | 2023 | 49739 | 88.80.148.19 | 192.168.2.4 |
Mar 29, 2024 12:58:57.946024895 CET | 49739 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:58:57.946115971 CET | 49739 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:58:57.946167946 CET | 49739 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:58:58.059144974 CET | 49736 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:58.059504986 CET | 49740 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:58.152240038 CET | 2023 | 49739 | 88.80.148.19 | 192.168.2.4 |
Mar 29, 2024 12:58:58.152633905 CET | 2023 | 49739 | 88.80.148.19 | 192.168.2.4 |
Mar 29, 2024 12:58:58.152699947 CET | 49739 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:58:58.278652906 CET | 80 | 49736 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:58.278728962 CET | 80 | 49740 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:58.278853893 CET | 49736 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:58.278893948 CET | 49740 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:58.279145002 CET | 49740 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:58.498589993 CET | 80 | 49740 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:58.586544991 CET | 80 | 49740 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:58.586616039 CET | 49740 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:58.699589014 CET | 49740 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:58.699914932 CET | 49741 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:58.916260004 CET | 80 | 49741 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:58.916424036 CET | 49741 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:58.916636944 CET | 49741 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:58.919060946 CET | 80 | 49740 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:58.919145107 CET | 49740 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:59.133052111 CET | 80 | 49741 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:59.219975948 CET | 80 | 49741 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:59.220051050 CET | 49741 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:59.340393066 CET | 49741 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:59.340682030 CET | 49742 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:59.556740046 CET | 80 | 49741 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:59.556808949 CET | 49741 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:59.557995081 CET | 80 | 49742 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:59.558079004 CET | 49742 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:59.558298111 CET | 49742 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:59.775963068 CET | 80 | 49742 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:59.854916096 CET | 80 | 49742 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:58:59.855061054 CET | 49742 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:58:59.965425014 CET | 49742 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:00.182905912 CET | 80 | 49742 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:00.274084091 CET | 80 | 49742 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:00.274226904 CET | 49742 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:00.406862020 CET | 49742 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:00.407176971 CET | 49743 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:00.624646902 CET | 80 | 49742 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:00.624802113 CET | 49742 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:00.626153946 CET | 80 | 49743 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:00.626243114 CET | 49743 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:00.626739979 CET | 49743 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:00.845482111 CET | 80 | 49743 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:00.923988104 CET | 80 | 49743 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:00.924118996 CET | 49743 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:01.044995070 CET | 49743 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:01.045376062 CET | 49744 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:01.266232967 CET | 80 | 49743 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:01.266318083 CET | 49743 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:01.268094063 CET | 80 | 49744 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:01.268163919 CET | 49744 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:01.268338919 CET | 49744 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:01.489006996 CET | 80 | 49744 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:01.578259945 CET | 80 | 49744 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:01.578353882 CET | 49744 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:01.706271887 CET | 49744 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:01.706584930 CET | 49745 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:01.923901081 CET | 80 | 49745 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:01.924040079 CET | 49745 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:01.924237967 CET | 49745 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:01.926774979 CET | 80 | 49744 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:01.926851034 CET | 49744 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:02.141653061 CET | 80 | 49745 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:02.229691982 CET | 80 | 49745 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:02.229748011 CET | 49745 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:02.340536118 CET | 49745 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:02.559200048 CET | 80 | 49745 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:02.636924028 CET | 80 | 49745 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:02.637011051 CET | 49745 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:02.751641035 CET | 49745 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:02.751964092 CET | 49746 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:02.969068050 CET | 80 | 49745 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:02.969146967 CET | 49745 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:02.972357035 CET | 80 | 49746 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:02.972430944 CET | 49746 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:02.972625017 CET | 49746 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:03.193037033 CET | 80 | 49746 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:03.279911041 CET | 80 | 49746 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:03.279987097 CET | 49746 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:03.387979984 CET | 49746 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:03.608721018 CET | 80 | 49746 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:03.695990086 CET | 80 | 49746 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:03.696019888 CET | 80 | 49746 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:03.696142912 CET | 49746 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:03.697427034 CET | 49747 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:59:03.903623104 CET | 2023 | 49747 | 88.80.148.19 | 192.168.2.4 |
Mar 29, 2024 12:59:03.903755903 CET | 49747 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:59:03.903882027 CET | 49747 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:59:03.903939962 CET | 49747 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:59:04.012270927 CET | 49746 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:04.012624025 CET | 49748 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:04.110052109 CET | 2023 | 49747 | 88.80.148.19 | 192.168.2.4 |
Mar 29, 2024 12:59:04.110074997 CET | 2023 | 49747 | 88.80.148.19 | 192.168.2.4 |
Mar 29, 2024 12:59:04.110341072 CET | 2023 | 49747 | 88.80.148.19 | 192.168.2.4 |
Mar 29, 2024 12:59:04.110393047 CET | 49747 | 2023 | 192.168.2.4 | 88.80.148.19 |
Mar 29, 2024 12:59:04.232958078 CET | 80 | 49746 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:04.233067989 CET | 49746 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:04.233402967 CET | 80 | 49748 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:04.233489037 CET | 49748 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:04.233731985 CET | 49748 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:04.454185009 CET | 80 | 49748 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:04.543636084 CET | 80 | 49748 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:04.543719053 CET | 49748 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:04.653286934 CET | 49748 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:04.873845100 CET | 80 | 49748 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:04.952740908 CET | 80 | 49748 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:04.952924967 CET | 49748 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:05.059288979 CET | 49748 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:05.280066013 CET | 80 | 49748 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:05.364540100 CET | 80 | 49748 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:05.364639044 CET | 49748 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:05.481348991 CET | 49748 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:05.481771946 CET | 49749 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:05.701484919 CET | 80 | 49749 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:05.701594114 CET | 49749 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:05.701803923 CET | 49749 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:05.702765942 CET | 80 | 49748 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:05.702826977 CET | 49748 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:05.920839071 CET | 80 | 49749 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:05.999649048 CET | 80 | 49749 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:05.999778032 CET | 49749 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:06.106339931 CET | 49749 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:06.325231075 CET | 80 | 49749 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:06.412883043 CET | 80 | 49749 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:06.412954092 CET | 49749 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:06.528192997 CET | 49749 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:06.528491020 CET | 49750 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:06.747149944 CET | 80 | 49749 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:06.747251987 CET | 49749 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:06.747888088 CET | 80 | 49750 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:06.747960091 CET | 49750 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:06.748155117 CET | 49750 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:06.968024015 CET | 80 | 49750 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:07.046247959 CET | 80 | 49750 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:07.046318054 CET | 49750 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:07.153408051 CET | 49750 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:07.372889042 CET | 80 | 49750 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:07.458676100 CET | 80 | 49750 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:07.458790064 CET | 49750 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:07.586270094 CET | 49750 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:07.586611986 CET | 49751 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:07.804250002 CET | 80 | 49751 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:07.804372072 CET | 49751 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:07.805202961 CET | 49751 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:07.805519104 CET | 80 | 49750 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:07.805583000 CET | 49750 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:08.022984982 CET | 80 | 49751 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:08.101895094 CET | 80 | 49751 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:08.101964951 CET | 49751 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:08.215455055 CET | 49751 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:08.215962887 CET | 49752 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:08.433906078 CET | 80 | 49751 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:08.433983088 CET | 49751 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:08.434894085 CET | 80 | 49752 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:08.434962034 CET | 49752 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:08.435174942 CET | 49752 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:08.652483940 CET | 80 | 49752 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:08.741849899 CET | 80 | 49752 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:08.741936922 CET | 49752 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:08.856039047 CET | 49752 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:08.856319904 CET | 49753 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:09.073698997 CET | 80 | 49752 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:09.073765039 CET | 49752 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:09.075498104 CET | 80 | 49753 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:09.075577974 CET | 49753 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:09.075777054 CET | 49753 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:09.294986010 CET | 80 | 49753 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:09.380022049 CET | 80 | 49753 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:09.380141973 CET | 49753 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:09.497020006 CET | 49753 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:09.497309923 CET | 49754 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:09.713552952 CET | 80 | 49754 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:09.713761091 CET | 49754 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:09.713854074 CET | 49754 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:09.716573000 CET | 80 | 49753 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:09.716650009 CET | 49753 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:09.929989100 CET | 80 | 49754 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:10.009288073 CET | 80 | 49754 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:10.009350061 CET | 49754 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:10.122006893 CET | 49754 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:10.338351011 CET | 80 | 49754 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:10.425319910 CET | 80 | 49754 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:10.425404072 CET | 49754 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:10.543561935 CET | 49754 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:10.543858051 CET | 49755 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:10.759927988 CET | 80 | 49754 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:10.760020018 CET | 49754 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:10.764368057 CET | 80 | 49755 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:10.764446974 CET | 49755 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:10.764656067 CET | 49755 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:10.985243082 CET | 80 | 49755 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:11.064590931 CET | 80 | 49755 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:11.064685106 CET | 49755 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:11.184175968 CET | 49755 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:11.184494972 CET | 49756 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:11.402733088 CET | 80 | 49756 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:11.402893066 CET | 49756 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:11.403064966 CET | 49756 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:11.404890060 CET | 80 | 49755 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:11.404952049 CET | 49755 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:11.620479107 CET | 80 | 49756 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:11.705988884 CET | 80 | 49756 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:11.706095934 CET | 49756 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:11.825189114 CET | 49756 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:11.825474977 CET | 49757 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:12.042998075 CET | 80 | 49756 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:12.043083906 CET | 49756 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:12.044714928 CET | 80 | 49757 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:12.044796944 CET | 49757 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:12.050126076 CET | 49757 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:12.270544052 CET | 80 | 49757 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:12.361087084 CET | 80 | 49757 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:12.361222029 CET | 49757 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:12.485224009 CET | 49757 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:12.486033916 CET | 49758 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:12.704586029 CET | 80 | 49757 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:12.704684019 CET | 49757 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:12.708247900 CET | 80 | 49758 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:12.708326101 CET | 49758 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:12.708509922 CET | 49758 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:12.930782080 CET | 80 | 49758 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:13.009927988 CET | 80 | 49758 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:13.009989977 CET | 49758 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:13.121896029 CET | 49758 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:13.345434904 CET | 80 | 49758 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:13.428590059 CET | 80 | 49758 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:13.428703070 CET | 49758 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:13.543693066 CET | 49758 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:13.544008017 CET | 49759 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:13.760425091 CET | 80 | 49759 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:13.760554075 CET | 49759 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:13.760736942 CET | 49759 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:13.766047001 CET | 80 | 49758 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:13.766113043 CET | 49758 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:13.977118969 CET | 80 | 49759 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:14.055845976 CET | 80 | 49759 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:14.055942059 CET | 49759 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:14.168811083 CET | 49759 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:14.386018991 CET | 80 | 49759 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:14.470607996 CET | 80 | 49759 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:14.470706940 CET | 49759 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:14.590461016 CET | 49759 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:14.590784073 CET | 49760 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:14.806943893 CET | 80 | 49759 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:14.807013988 CET | 49759 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:14.815876007 CET | 80 | 49760 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:14.815963030 CET | 49760 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:14.816267967 CET | 49760 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:15.038817883 CET | 80 | 49760 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:15.117500067 CET | 80 | 49760 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:15.117611885 CET | 49760 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:15.233782053 CET | 49760 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:15.234560013 CET | 49761 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:15.452126026 CET | 80 | 49761 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:15.452214003 CET | 49761 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:15.452589989 CET | 49761 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:15.456139088 CET | 80 | 49760 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:15.456209898 CET | 49760 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:15.669976950 CET | 80 | 49761 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:15.754421949 CET | 80 | 49761 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:15.754576921 CET | 49761 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:15.874087095 CET | 49761 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:15.874305964 CET | 49762 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:16.091888905 CET | 80 | 49761 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:16.091959953 CET | 49761 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:16.093633890 CET | 80 | 49762 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:16.093803883 CET | 49762 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:16.093878984 CET | 49762 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:16.313704014 CET | 80 | 49762 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:16.402996063 CET | 80 | 49762 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:16.403068066 CET | 49762 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:16.512774944 CET | 49762 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:16.732244015 CET | 80 | 49762 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:16.811521053 CET | 80 | 49762 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:16.811726093 CET | 49762 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:16.918884993 CET | 49762 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:17.138339043 CET | 80 | 49762 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:17.222748041 CET | 80 | 49762 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:17.222810984 CET | 49762 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:17.340646029 CET | 49762 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:17.340984106 CET | 49763 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:17.560899973 CET | 80 | 49762 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:17.560928106 CET | 80 | 49763 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:17.561058998 CET | 49762 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:17.561110973 CET | 49763 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:17.561358929 CET | 49763 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:17.783201933 CET | 80 | 49763 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:17.862667084 CET | 80 | 49763 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:17.862726927 CET | 49763 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:17.981065035 CET | 49763 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:17.981394053 CET | 49764 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:18.200515032 CET | 80 | 49763 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:18.200572014 CET | 49763 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:18.200723886 CET | 80 | 49764 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:18.200798988 CET | 49764 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:18.201076984 CET | 49764 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:18.420671940 CET | 80 | 49764 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:18.507728100 CET | 80 | 49764 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:18.507811069 CET | 49764 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:18.621975899 CET | 49764 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:18.622370958 CET | 49765 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:18.841510057 CET | 80 | 49764 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:18.841609955 CET | 49764 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:18.841814995 CET | 80 | 49765 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:18.841892004 CET | 49765 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:18.842102051 CET | 49765 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:19.061404943 CET | 80 | 49765 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:19.143948078 CET | 80 | 49765 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:19.144013882 CET | 49765 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:19.262618065 CET | 49765 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:19.262969971 CET | 49766 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:19.482247114 CET | 80 | 49765 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:19.482352972 CET | 49765 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:19.483397961 CET | 80 | 49766 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:19.483479977 CET | 49766 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:19.483683109 CET | 49766 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:19.704222918 CET | 80 | 49766 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:19.782752991 CET | 80 | 49766 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:19.782895088 CET | 49766 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:19.903650999 CET | 49766 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:19.903997898 CET | 49767 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:20.123720884 CET | 80 | 49767 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:20.123826027 CET | 49767 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:20.124058962 CET | 49767 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:20.124609947 CET | 80 | 49766 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:20.124665022 CET | 49766 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:20.344058990 CET | 80 | 49767 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:20.427427053 CET | 80 | 49767 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:20.427565098 CET | 49767 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:20.543848991 CET | 49767 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:20.544298887 CET | 49768 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:20.761734009 CET | 80 | 49768 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:20.761897087 CET | 49768 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:20.762171030 CET | 49768 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:20.763187885 CET | 80 | 49767 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:20.763252974 CET | 49767 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:20.979815006 CET | 80 | 49768 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:21.058628082 CET | 80 | 49768 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:21.058749914 CET | 49768 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:21.173156023 CET | 49768 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:21.173969984 CET | 49769 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:21.390919924 CET | 80 | 49768 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:21.390978098 CET | 49768 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:21.393568993 CET | 80 | 49769 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:21.393639088 CET | 49769 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:21.394081116 CET | 49769 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:21.613420010 CET | 80 | 49769 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:21.699054003 CET | 80 | 49769 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:21.699121952 CET | 49769 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:21.813805103 CET | 49769 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:21.814130068 CET | 49770 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:22.033262014 CET | 80 | 49769 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:22.033354998 CET | 49769 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:22.033576965 CET | 80 | 49770 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:22.033663034 CET | 49770 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:22.033828974 CET | 49770 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:22.253478050 CET | 80 | 49770 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:22.338841915 CET | 80 | 49770 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:22.338975906 CET | 49770 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:22.465507030 CET | 49770 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:22.465830088 CET | 49771 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:22.683783054 CET | 80 | 49771 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:22.683871984 CET | 49771 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:22.684058905 CET | 49771 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:22.685347080 CET | 80 | 49770 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:22.685400963 CET | 49770 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:22.901575089 CET | 80 | 49771 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:22.981014013 CET | 80 | 49771 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:22.981100082 CET | 49771 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:23.090769053 CET | 49771 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:23.308481932 CET | 80 | 49771 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:23.392504930 CET | 80 | 49771 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:23.392570972 CET | 49771 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:23.512465954 CET | 49771 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:23.512820959 CET | 49772 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:23.730604887 CET | 80 | 49771 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:23.730724096 CET | 49771 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:23.731539965 CET | 80 | 49772 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:23.731632948 CET | 49772 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:23.732156038 CET | 49772 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:23.950818062 CET | 80 | 49772 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:24.030029058 CET | 80 | 49772 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:24.030236006 CET | 49772 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:24.138039112 CET | 49772 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:24.357271910 CET | 80 | 49772 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:24.440438032 CET | 80 | 49772 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:24.440499067 CET | 49772 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:24.559335947 CET | 49772 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:24.559639931 CET | 49773 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:24.777475119 CET | 80 | 49773 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:24.777570009 CET | 49773 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:24.777762890 CET | 49773 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:24.779717922 CET | 80 | 49772 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:24.779778004 CET | 49772 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:24.995261908 CET | 80 | 49773 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:25.074517965 CET | 80 | 49773 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:25.074572086 CET | 49773 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:25.184508085 CET | 49773 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:25.401913881 CET | 80 | 49773 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:25.488177061 CET | 80 | 49773 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:25.488249063 CET | 49773 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:25.606355906 CET | 49773 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:25.606662989 CET | 49774 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:25.825232029 CET | 80 | 49773 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:25.825316906 CET | 49773 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:25.828150034 CET | 80 | 49774 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:25.828226089 CET | 49774 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:25.828412056 CET | 49774 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:26.049175024 CET | 80 | 49774 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:26.128143072 CET | 80 | 49774 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:26.128201008 CET | 49774 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:26.246984005 CET | 49774 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:26.247267008 CET | 49775 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:26.468374014 CET | 80 | 49774 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:26.468456984 CET | 49774 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:26.469508886 CET | 80 | 49775 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:26.469584942 CET | 49775 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:26.471385002 CET | 49775 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:26.695960999 CET | 80 | 49775 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:26.782794952 CET | 80 | 49775 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:26.783173084 CET | 49775 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:26.903116941 CET | 49775 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:26.903400898 CET | 49776 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:27.122677088 CET | 80 | 49776 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:27.122756004 CET | 49776 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:27.122910023 CET | 49776 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:27.125365019 CET | 80 | 49775 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:27.125422001 CET | 49775 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:27.342010975 CET | 80 | 49776 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:27.429785967 CET | 80 | 49776 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:27.429827929 CET | 49776 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:27.543673992 CET | 49776 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:27.544059992 CET | 49777 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:27.761678934 CET | 80 | 49777 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:27.761974096 CET | 49777 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:27.762065887 CET | 49777 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:27.765714884 CET | 80 | 49776 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:27.765918016 CET | 49776 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:27.980777025 CET | 80 | 49777 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:28.060153961 CET | 80 | 49777 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:28.060209990 CET | 49777 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:28.169307947 CET | 49777 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:28.387092113 CET | 80 | 49777 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:28.470686913 CET | 80 | 49777 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:28.472796917 CET | 49777 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:28.591146946 CET | 49777 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:28.591432095 CET | 49778 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:28.808849096 CET | 80 | 49777 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:28.809012890 CET | 49777 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:28.813565969 CET | 80 | 49778 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:28.813832045 CET | 49778 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:28.814022064 CET | 49778 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:29.036251068 CET | 80 | 49778 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:29.115170956 CET | 80 | 49778 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:29.117928028 CET | 49778 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:29.237418890 CET | 49778 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:29.237744093 CET | 49779 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:29.455316067 CET | 80 | 49779 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:29.457856894 CET | 49779 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:29.458061934 CET | 49779 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:29.459840059 CET | 80 | 49778 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:29.461821079 CET | 49778 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:29.675411940 CET | 80 | 49779 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:29.758946896 CET | 80 | 49779 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:29.759058952 CET | 49779 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:29.871877909 CET | 49779 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:29.872154951 CET | 49780 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:30.089278936 CET | 80 | 49779 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:30.089392900 CET | 49779 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:30.092844009 CET | 80 | 49780 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:30.092950106 CET | 49780 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:30.093137980 CET | 49780 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:30.313877106 CET | 80 | 49780 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:30.406164885 CET | 80 | 49780 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:30.406219959 CET | 49780 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:30.512532949 CET | 49780 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:30.733091116 CET | 80 | 49780 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:30.812120914 CET | 80 | 49780 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:30.812222004 CET | 49780 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:30.918915987 CET | 49780 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:31.140090942 CET | 80 | 49780 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:31.226247072 CET | 80 | 49780 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:31.226325989 CET | 49780 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:31.342874050 CET | 49780 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:31.343158007 CET | 49781 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:31.561980963 CET | 80 | 49781 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:31.562052011 CET | 49781 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:31.562211037 CET | 49781 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:31.563570023 CET | 80 | 49780 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:31.563642979 CET | 49780 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:31.781255960 CET | 80 | 49781 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:31.860681057 CET | 80 | 49781 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:31.860769033 CET | 49781 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:31.986767054 CET | 49781 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:31.987179995 CET | 49782 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:32.207187891 CET | 80 | 49781 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:32.207257986 CET | 49781 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:32.211260080 CET | 80 | 49782 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:32.211355925 CET | 49782 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:32.211512089 CET | 49782 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:32.434437037 CET | 80 | 49782 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:32.516931057 CET | 80 | 49782 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:32.517127037 CET | 49782 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:32.637504101 CET | 49782 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:32.637923002 CET | 49783 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:32.855839968 CET | 80 | 49783 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:32.856055021 CET | 49783 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:32.856144905 CET | 49783 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:32.859813929 CET | 80 | 49782 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:32.859868050 CET | 49782 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:33.073879957 CET | 80 | 49783 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:33.160276890 CET | 80 | 49783 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:33.160449982 CET | 49783 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:33.278462887 CET | 49783 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:33.278789997 CET | 49784 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:33.496123075 CET | 80 | 49783 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:33.496314049 CET | 49783 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:33.499317884 CET | 80 | 49784 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:33.499420881 CET | 49784 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:33.499588966 CET | 49784 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:33.720221996 CET | 80 | 49784 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:33.798856020 CET | 80 | 49784 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:33.799052954 CET | 49784 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:33.918675900 CET | 49784 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:33.918869019 CET | 49785 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:34.137665987 CET | 80 | 49785 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:34.137769938 CET | 49785 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:34.137988091 CET | 49785 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:34.139477015 CET | 80 | 49784 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:34.139545918 CET | 49784 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:34.356820107 CET | 80 | 49785 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:34.440857887 CET | 80 | 49785 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:34.441039085 CET | 49785 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:34.559536934 CET | 49785 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:34.559885025 CET | 49786 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:34.777425051 CET | 80 | 49786 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:34.777510881 CET | 49786 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:34.777688980 CET | 49786 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:34.778323889 CET | 80 | 49785 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:34.778381109 CET | 49785 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:34.995769024 CET | 80 | 49786 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:35.075176001 CET | 80 | 49786 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:35.075285912 CET | 49786 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:35.201188087 CET | 49786 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:35.201469898 CET | 49787 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:35.419003010 CET | 80 | 49786 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:35.419084072 CET | 49786 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:35.420911074 CET | 80 | 49787 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:35.420983076 CET | 49787 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:35.421195984 CET | 49787 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:35.639900923 CET | 80 | 49787 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:35.723900080 CET | 80 | 49787 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:35.723970890 CET | 49787 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:35.840514898 CET | 49787 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:35.840791941 CET | 49788 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:36.058376074 CET | 80 | 49788 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:36.058489084 CET | 49788 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:36.058656931 CET | 49788 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:36.074800014 CET | 80 | 49787 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:36.074965000 CET | 49787 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:36.276284933 CET | 80 | 49788 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:36.364326000 CET | 80 | 49788 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:36.364377975 CET | 49788 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:36.481128931 CET | 49788 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:36.481406927 CET | 49789 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:36.698923111 CET | 80 | 49789 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:36.698945045 CET | 80 | 49788 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:36.699006081 CET | 49789 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:36.699033976 CET | 49788 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:36.699173927 CET | 49789 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:36.917131901 CET | 80 | 49789 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:36.995959044 CET | 80 | 49789 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:36.996036053 CET | 49789 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:37.106190920 CET | 49789 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:37.323729992 CET | 80 | 49789 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:37.409293890 CET | 80 | 49789 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:37.409360886 CET | 49789 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:37.527991056 CET | 49789 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:37.528286934 CET | 49790 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:37.745791912 CET | 80 | 49789 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:37.746001005 CET | 49789 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:37.748874903 CET | 80 | 49790 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:37.748953104 CET | 49790 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:37.749118090 CET | 49790 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:37.970321894 CET | 80 | 49790 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:38.048827887 CET | 80 | 49790 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:38.048908949 CET | 49790 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:38.382874966 CET | 49790 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:38.383172989 CET | 49791 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:38.599378109 CET | 80 | 49791 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:38.599483013 CET | 49791 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:38.599677086 CET | 49791 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:38.603497982 CET | 80 | 49790 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:38.603547096 CET | 49790 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:38.815857887 CET | 80 | 49791 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:38.906938076 CET | 80 | 49791 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:38.907064915 CET | 49791 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:39.750869989 CET | 49791 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:39.751219988 CET | 49792 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:39.967755079 CET | 80 | 49791 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:39.967859983 CET | 49791 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:39.978094101 CET | 80 | 49792 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:39.978180885 CET | 49792 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:39.978368044 CET | 49792 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:40.195792913 CET | 80 | 49792 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:40.282648087 CET | 80 | 49792 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:40.282711029 CET | 49792 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:40.403114080 CET | 49792 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:40.403506994 CET | 49793 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:40.619901896 CET | 80 | 49793 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:40.619988918 CET | 49793 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:40.620979071 CET | 80 | 49792 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:40.621035099 CET | 49792 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:40.621953011 CET | 49793 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:40.838164091 CET | 80 | 49793 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:40.917171001 CET | 80 | 49793 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:40.917242050 CET | 49793 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:41.029453993 CET | 49793 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:41.245925903 CET | 80 | 49793 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:41.330909014 CET | 80 | 49793 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:41.331060886 CET | 49793 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:41.450750113 CET | 49793 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:41.451069117 CET | 49794 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:41.667031050 CET | 80 | 49793 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:41.667092085 CET | 49793 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:41.668397903 CET | 80 | 49794 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:41.668457031 CET | 49794 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:41.668621063 CET | 49794 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:41.886605024 CET | 80 | 49794 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:41.965167999 CET | 80 | 49794 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:41.965245008 CET | 49794 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:42.076478004 CET | 49794 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:42.301224947 CET | 80 | 49794 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:42.389615059 CET | 80 | 49794 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:42.389672995 CET | 49794 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:42.497809887 CET | 49794 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:42.715254068 CET | 80 | 49794 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:42.794445992 CET | 80 | 49794 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:42.794512033 CET | 49794 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:42.903228998 CET | 49794 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:43.120991945 CET | 80 | 49794 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:43.203939915 CET | 80 | 49794 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:43.204139948 CET | 49794 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:43.328238964 CET | 49794 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:43.328546047 CET | 49795 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:43.545773983 CET | 80 | 49794 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:43.545852900 CET | 49794 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:43.547689915 CET | 80 | 49795 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:43.547761917 CET | 49795 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:43.547929049 CET | 49795 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:43.767944098 CET | 80 | 49795 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:43.846704006 CET | 80 | 49795 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:43.846767902 CET | 49795 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:43.965862036 CET | 49795 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:43.966181040 CET | 49796 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:44.183698893 CET | 80 | 49796 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:44.183897972 CET | 49796 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:44.183959007 CET | 49796 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:44.186639071 CET | 80 | 49795 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:44.186692953 CET | 49795 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:44.400142908 CET | 80 | 49796 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:44.487411022 CET | 80 | 49796 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:44.487473011 CET | 49796 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:44.606403112 CET | 49796 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:44.606725931 CET | 49797 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:44.822721958 CET | 80 | 49796 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:44.822889090 CET | 49796 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:44.825920105 CET | 80 | 49797 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:44.825992107 CET | 49797 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:44.826159954 CET | 49797 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:45.046700001 CET | 80 | 49797 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:45.124955893 CET | 80 | 49797 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:45.125025988 CET | 49797 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:45.247061014 CET | 49797 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:45.247359991 CET | 49798 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:45.463677883 CET | 80 | 49798 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:45.463754892 CET | 49798 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:45.464018106 CET | 49798 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:45.466136932 CET | 80 | 49797 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:45.466201067 CET | 49797 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:45.680372953 CET | 80 | 49798 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:45.771872997 CET | 80 | 49798 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:45.771931887 CET | 49798 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:45.887736082 CET | 49798 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:45.888058901 CET | 49799 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:46.105206013 CET | 80 | 49798 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:46.105282068 CET | 49798 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:46.107984066 CET | 80 | 49799 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:46.108061075 CET | 49799 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:46.108211040 CET | 49799 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:46.330605030 CET | 80 | 49799 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:46.415388107 CET | 80 | 49799 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:46.415463924 CET | 49799 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:46.528198957 CET | 49799 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:46.528520107 CET | 49800 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:46.748430014 CET | 80 | 49799 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:46.748451948 CET | 80 | 49800 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:46.748589993 CET | 49800 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:46.748593092 CET | 49799 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:46.748719931 CET | 49800 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:46.968141079 CET | 80 | 49800 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:47.047234058 CET | 80 | 49800 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:47.047293901 CET | 49800 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:47.153192043 CET | 49800 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:47.372972965 CET | 80 | 49800 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:47.457124949 CET | 80 | 49800 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:47.457170010 CET | 49800 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:47.576144934 CET | 49800 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:47.576431990 CET | 49801 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:47.792754889 CET | 80 | 49801 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:47.792870045 CET | 49801 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:47.793024063 CET | 49801 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:47.795660973 CET | 80 | 49800 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:47.795717001 CET | 49800 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:48.011859894 CET | 80 | 49801 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:48.091517925 CET | 80 | 49801 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:48.091578007 CET | 49801 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:48.200098038 CET | 49801 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:48.417154074 CET | 80 | 49801 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:48.501480103 CET | 80 | 49801 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:48.501543999 CET | 49801 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:48.621951103 CET | 49801 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:48.622248888 CET | 49802 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:48.838170052 CET | 80 | 49801 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:48.838246107 CET | 49801 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:48.841402054 CET | 80 | 49802 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:48.841489077 CET | 49802 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:48.841670036 CET | 49802 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:49.060973883 CET | 80 | 49802 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:49.144664049 CET | 80 | 49802 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:49.144726992 CET | 49802 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:49.262414932 CET | 49802 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:49.262686014 CET | 49803 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:49.480196953 CET | 80 | 49803 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:49.480315924 CET | 49803 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:49.480505943 CET | 49803 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:49.481689930 CET | 80 | 49802 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:49.481743097 CET | 49802 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:49.698110104 CET | 80 | 49803 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:49.777338028 CET | 80 | 49803 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:49.777417898 CET | 49803 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:49.889538050 CET | 49803 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:49.890211105 CET | 49804 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:50.106987000 CET | 80 | 49803 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:50.107059002 CET | 49803 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:50.108954906 CET | 80 | 49804 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:50.109025955 CET | 49804 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:50.109189034 CET | 49804 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:50.327917099 CET | 80 | 49804 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:50.411803961 CET | 80 | 49804 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:50.411864996 CET | 49804 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:50.528037071 CET | 49804 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:50.528322935 CET | 49805 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:50.745785952 CET | 80 | 49805 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:50.745870113 CET | 49805 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:50.746015072 CET | 49805 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:50.746835947 CET | 80 | 49804 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:50.746895075 CET | 49804 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:50.963309050 CET | 80 | 49805 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:51.042684078 CET | 80 | 49805 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:51.042742014 CET | 49805 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:51.153063059 CET | 49805 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:51.371093035 CET | 80 | 49805 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:51.456732988 CET | 80 | 49805 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:51.456808090 CET | 49805 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:51.575130939 CET | 49805 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:51.575413942 CET | 49806 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:51.792578936 CET | 80 | 49805 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:51.792664051 CET | 49805 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:51.794009924 CET | 80 | 49806 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:51.794078112 CET | 49806 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:51.794274092 CET | 49806 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:52.013370037 CET | 80 | 49806 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:52.092668056 CET | 80 | 49806 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:52.092844009 CET | 49806 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:52.205310106 CET | 49806 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:52.424259901 CET | 80 | 49806 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:52.510409117 CET | 80 | 49806 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:52.510499001 CET | 49806 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:52.622145891 CET | 49806 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:52.622478008 CET | 49807 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:52.841006994 CET | 80 | 49806 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:52.841104031 CET | 49806 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:52.843002081 CET | 80 | 49807 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:52.843080997 CET | 49807 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:52.843293905 CET | 49807 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:53.063891888 CET | 80 | 49807 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:53.149842978 CET | 80 | 49807 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:53.149954081 CET | 49807 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:53.262649059 CET | 49807 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:53.262938976 CET | 49808 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:53.482333899 CET | 80 | 49808 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:53.482418060 CET | 49808 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:53.482568979 CET | 49808 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:53.483175039 CET | 80 | 49807 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:53.483247042 CET | 49807 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:53.704027891 CET | 80 | 49808 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:53.783272982 CET | 80 | 49808 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:53.783354044 CET | 49808 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:53.903332949 CET | 49808 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:53.903671026 CET | 49809 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:54.123467922 CET | 80 | 49809 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:54.123524904 CET | 80 | 49808 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:54.123651981 CET | 49808 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:54.123673916 CET | 49809 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:54.123874903 CET | 49809 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:54.343255997 CET | 80 | 49809 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:54.431598902 CET | 80 | 49809 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:54.431680918 CET | 49809 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:54.544033051 CET | 49809 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:54.544481039 CET | 49810 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:54.762186050 CET | 80 | 49810 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:54.762270927 CET | 49810 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:54.762451887 CET | 49810 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:54.763847113 CET | 80 | 49809 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:54.763920069 CET | 49809 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:54.980247021 CET | 80 | 49810 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:55.064431906 CET | 80 | 49810 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:55.064593077 CET | 49810 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:55.184916973 CET | 49810 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:55.185239077 CET | 49811 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:55.403759956 CET | 80 | 49810 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:55.403790951 CET | 80 | 49811 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:55.403845072 CET | 49810 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:55.403928995 CET | 49811 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:55.404428959 CET | 49811 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:55.622071028 CET | 80 | 49811 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:55.707166910 CET | 80 | 49811 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:55.707335949 CET | 49811 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:55.825649023 CET | 49811 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:55.826124907 CET | 49812 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:56.043406010 CET | 80 | 49811 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:56.043534994 CET | 49811 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:56.048418045 CET | 80 | 49812 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:56.048558950 CET | 49812 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:56.055876970 CET | 49812 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:56.281380892 CET | 80 | 49812 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:56.367341995 CET | 80 | 49812 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:56.367490053 CET | 49812 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:56.728317022 CET | 49812 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:56.728719950 CET | 49813 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:56.944904089 CET | 80 | 49813 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:56.945055008 CET | 49813 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:56.945214987 CET | 49813 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:56.950623989 CET | 80 | 49812 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:56.950697899 CET | 49812 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:57.161375046 CET | 80 | 49813 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:57.244874001 CET | 80 | 49813 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:57.245011091 CET | 49813 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:58.814126015 CET | 49813 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:58.814440966 CET | 49814 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:59.030622959 CET | 80 | 49813 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:59.030814886 CET | 49813 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:59.030847073 CET | 80 | 49814 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:59.031008005 CET | 49814 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:59.031291962 CET | 49814 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:59.248455048 CET | 80 | 49814 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:59.332313061 CET | 80 | 49814 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:59.332379103 CET | 49814 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:59.457117081 CET | 49814 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:59.457681894 CET | 49815 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:59.673579931 CET | 80 | 49814 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:59.673691034 CET | 49814 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:59.675194979 CET | 80 | 49815 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:59.675281048 CET | 49815 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:59.675457001 CET | 49815 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 12:59:59.893695116 CET | 80 | 49815 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:59.972255945 CET | 80 | 49815 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 12:59:59.977077961 CET | 49815 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:00.096493006 CET | 49815 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:00.096760988 CET | 49816 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:00.317219019 CET | 80 | 49815 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:00.317281961 CET | 49815 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:00.317465067 CET | 80 | 49816 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:00.317545891 CET | 49816 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:00.317750931 CET | 49816 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:00.538278103 CET | 80 | 49816 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:00.622545958 CET | 80 | 49816 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:00.622678995 CET | 49816 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:00.925067902 CET | 49816 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:00.925471067 CET | 49817 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:01.144150019 CET | 80 | 49817 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:01.144239902 CET | 49817 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:01.144442081 CET | 49817 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:01.145929098 CET | 80 | 49816 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:01.145976067 CET | 49816 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:01.363008976 CET | 80 | 49817 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:01.452119112 CET | 80 | 49817 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:01.456427097 CET | 49817 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:01.576957941 CET | 49817 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:01.577289104 CET | 49818 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:01.795030117 CET | 80 | 49818 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:01.795205116 CET | 49818 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:01.795670033 CET | 80 | 49817 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:01.795743942 CET | 49817 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:01.795964956 CET | 49818 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:02.014519930 CET | 80 | 49818 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:02.097373009 CET | 80 | 49818 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:02.097448111 CET | 49818 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:02.218393087 CET | 49818 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:02.218686104 CET | 49819 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:02.436045885 CET | 80 | 49818 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:02.436131954 CET | 49818 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:02.441905022 CET | 80 | 49819 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:02.442037106 CET | 49819 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:02.442250967 CET | 49819 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:02.664628029 CET | 80 | 49819 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:02.749161005 CET | 80 | 49819 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:02.749219894 CET | 49819 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:02.863456964 CET | 49819 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:02.863837004 CET | 49820 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:03.080363035 CET | 80 | 49820 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:03.080440998 CET | 49820 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:03.080619097 CET | 49820 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:03.086133003 CET | 80 | 49819 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:03.086184978 CET | 49819 | 80 | 192.168.2.4 | 45.142.214.240 |
Mar 29, 2024 13:00:03.297362089 CET | 80 | 49820 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:03.385246992 CET | 80 | 49820 | 45.142.214.240 | 192.168.2.4 |
Mar 29, 2024 13:00:03.385303020 CET | 49820 | 80 | 192.168.2.4 | 45.142.214.240 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 29, 2024 12:58:53.502712965 CET | 63632 | 53 | 192.168.2.4 | 91.211.247.248 |
Mar 29, 2024 12:58:53.711462975 CET | 53 | 63632 | 91.211.247.248 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 29, 2024 12:58:53.502712965 CET | 192.168.2.4 | 91.211.247.248 | 0x14d3 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 29, 2024 12:58:53.711462975 CET | 91.211.247.248 | 192.168.2.4 | 0x14d3 | No error (0) | 45.142.214.240 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49736 | 45.142.214.240 | 80 | 7084 | C:\Users\user\AppData\Local\Codec Pack Update\codecpackupdate.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 29, 2024 12:58:54.025398016 CET | 318 | OUT | |
Mar 29, 2024 12:58:54.341233015 CET | 1232 | IN |