Edit tour
Linux
Analysis Report
SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf
Overview
General Information
Sample name: | SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf |
Analysis ID: | 1430166 |
MD5: | 05d0269acbc7a252fc62179aef3f9676 |
SHA1: | 7b5376b5a15ade914ad1432e91d0a785435635dd |
SHA256: | 7501e8af6a2d3e35fa5ef5a3acab845e251bc92b2c97555ef425fbbafa63b9cb |
Tags: | elf |
Infos: |
Detection
Score: | 64 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Multi AV Scanner detection for submitted file
Queries the IP of a very long domain name
Sample deletes itself
Sample reads /proc/mounts (often used for finding a writable filesystem)
Sample tries to kill multiple processes (SIGKILL)
Connects to many different domains
Detected TCP or UDP traffic on non-standard ports
ELF contains segments with high entropy indicating compressed/encrypted content
Sample contains only a LOAD segment without any section mappings
Sample listens on a socket
Sample tries to kill a process (SIGKILL)
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Uses the "uname" system call to query kernel version information (possible evasion)
Classification
Analysis Advice
Static ELF header machine description suggests that the sample might not execute correctly on this machine. |
All HTTP servers contacted by the sample do not answer. The sample is likely an old dropper which does no longer work. |
Static ELF header machine description suggests that the sample might only run correctly on MIPS or ARM architectures. |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1430166 |
Start date and time: | 2024-04-23 08:36:16 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 17s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf |
Detection: | MAL |
Classification: | mal64.spre.troj.evad.linELF@0/0@81/0 |
- Connection to analysis system has been lost, crash info: Unknown
- VT rate limit hit for: SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf
Command: | /tmp/SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf |
PID: | 6219 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | black botnet voodoo |
Standard Error: |
- system is lnxubuntu20
- SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf New Fork (PID: 6221, Parent: 6219)
- SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf New Fork (PID: 6223, Parent: 6221)
- SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf New Fork (PID: 6224, Parent: 6221)
- SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf New Fork (PID: 6226, Parent: 6221)
- SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf New Fork (PID: 6229, Parent: 6221)
- systemd New Fork (PID: 6231, Parent: 1)
- systemd New Fork (PID: 6252, Parent: 1)
- gdm3 New Fork (PID: 6265, Parent: 1320)
- gvfsd-fuse New Fork (PID: 6267, Parent: 2038)
- systemd New Fork (PID: 6268, Parent: 1)
- gdm3 New Fork (PID: 6271, Parent: 1320)
- systemd New Fork (PID: 6274, Parent: 1)
- systemd New Fork (PID: 6275, Parent: 1)
- gdm3 New Fork (PID: 6276, Parent: 1320)
- systemd New Fork (PID: 6277, Parent: 1)
- systemd New Fork (PID: 6278, Parent: 1)
- systemd New Fork (PID: 6280, Parent: 1)
- systemd New Fork (PID: 6281, Parent: 1)
- systemd New Fork (PID: 6282, Parent: 1)
- systemd New Fork (PID: 6283, Parent: 1)
- systemd New Fork (PID: 6285, Parent: 1)
- systemd New Fork (PID: 6286, Parent: 1)
- systemd New Fork (PID: 6287, Parent: 1)
- systemd New Fork (PID: 6288, Parent: 1)
- systemd New Fork (PID: 6292, Parent: 1)
- cleanup
⊘No yara matches
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | ReversingLabs: |
Networking |
---|
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
System Summary |
---|
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior |
Source: | Program segment: |
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior |
Source: | Classification label: |
Persistence and Installation Behavior |
---|
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | File: | Jump to behavior |
Source: | Submission file: | ||
Source: | Submission file: |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | 1 Obfuscated Files or Information | OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | 1 Service Stop |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 File Deletion | LSASS Memory | 1 File and Directory Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Standard Port | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 12 Application Layer Protocol | Traffic Duplication | Data Destruction |
⊘No configs have been found
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
39% | ReversingLabs | Linux.Trojan.Mirai |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
security.rebirth-network.su | 212.70.149.10 | true | false | unknown | |
siegheil.hiter.su.~W'f'66PV,PV!E((/n3M58~W'fAJJPV!PV,E<r | unknown | unknown | true | low | |
kz.adolfhitler.su.&W'f`NNPV!PV,E@EO@@M[%5,S5kzadolfhitlersus'W'f]BB | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'fNNPV!PV,E@ @@[%d5,Tb,kzadolfhitlersunW'fN | unknown | unknown | true | unknown | |
kz.adolfhitler.su.VW'fq]66PV,PV!EH(t57VW'f^NNPV!PV,E@.@@%5,ukzadolfhitle.sunVW'f66PV,PV!EH(@tm5%VW'fNNPV!PV,E@.@@5,hEkzadolfhitlersun.W'f66PV,PV!EH(kv5xVW'fNN.V!PV,E@I@@/5,[kzadolfhitlersunWW'f.%66PV,PV!EH(it5/WW'f-JJPV!PV,E | unknown | unknown | true | low | |
sex.secure-cyber-security.`W'f66PV,PV!E((.AQ5h(h`W'fVVPV!PV,EH@@.iQ54 | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'f566PV,PV!EH(4)5eW'fJJPV!PV,E<l@@ | unknown | unknown | true | unknown | |
sex.secure-cyber-security._W'f)k66PV,PV!EH(g2=Q5!`h_W'fkVVPV!PV,EH@@.Q54.hsexsecure-cyber-securitys_W'f:M66PV,PV!EH(2=Q5h_W'fNV | unknown | unknown | true | unknown | |
kz.adolfhitler.su.VW'f66PV,PV!EH(kv5xVW'fNNPV!PV,E@.@@/5,[kzadolfhitlersunWW'fa%66 | unknown | unknown | true | low | |
kz.adolfhitler.su.8W'fJNNPV!PV,E@t@@Q5,KMFWkzadolfhitlersun=W'f41N | unknown | unknown | true | unknown | |
kz.adolfhitler.su.ZW'f*366PV,PV!E((.BQ5s#ZW'f\4NNPV!PV,E@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.=W'f41NNPV!PV,E@t@@#5,4XFWkzadolfhitlersunBW'f'CN | unknown | unknown | true | unknown | |
sex.secure-cyber-security.`W'fAf66PV,PV!EH(2=PQ5h`W'fgJJPV!PV,E<@@.FnY:n#`W'f`66PV,PV!E((@0FnY;P+bW.f<bWWPV!PV,EIan@@Eh | unknown | unknown | true | unknown | |
sex.secure-cyber-security.]W'f66PV,PV!EH(Lp65$]W'f:JJPV!PV,E<@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.QW'fm66PV,PV!E((es55FU!QW'fNNPV!PV,E@.@@Jr5,kzadolfhitlersunQW'f | unknown | unknown | true | unknown | |
siegheil.hiter.su.~W'f66PV,PV!E((5/3M5*8~W'fNNPV!PV,E@.@@3M5,H8 | unknown | unknown | true | low | |
siegheil.hiter.su.TW'fD66PV,PV!E((g%45.TW'fJJPV!PV,E<.@@4F..1 | unknown | unknown | true | unknown | |
security.rebirth-network.su. | unknown | unknown | true | unknown | |
siegheil.hiter.su.TW'fS-66PV,PV!E((f465iTW'f?NNPV!PV,E@.@@J5,hsiegheilhitersunTW'f66PV,PV!E((f4$ | unknown | unknown | true | unknown | |
sex.secure-cyber-security._W'f/66PV,PV!E((.AQ5h_W'fMVVPV!PV,EH@@.jQ54 | unknown | unknown | true | low | |
kz.adolfhitler.su.W'fNr66PV,PV!EH(3[5LW'f*sNNPV!PV,E@"F@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.WW'fa%66PV,PV!EH(it5/WW'f-JJPV!PV,E< | unknown | unknown | true | low | |
sex.secure-cyber-security.]W'f66PV,PV!EH(Ln652~]W'fVVPV!PV,EH^@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'f,66PV,PV!EH(5U5/W'f-NNPV!PV,E@"l@@ | unknown | unknown | true | low | |
kz.adolfhitler.su.QW'f66PV,PV!E((e55rcQW'fJJPV!PV,E<W.@@@FqN}#QW'f66PV,PV!E((@0F.qP*SW'.NNPV!PV,E@\@@J5,MAsiegheilhitersunTW'fS-6.PV,PV!E((f465i | unknown | unknown | true | unknown | |
kz.adolfhitler.su.VW'f66PV,PV!EH(v.5-VW'fnNNPV!PV,E@.@@5,kzado.fhitlersunVW'fq]66PV,PV!EH(t57VW'f^NNPV! | unknown | unknown | true | unknown | |
siegheil.hiter.su.}W'fO66PV,PV!E((/3M58}W'f<QNNPV!PV,E@ | unknown | unknown | true | low | |
siegheil.hiter.su.TW'fS66PV,PV!E((g45STW'fTNNPV!PV,E@ | unknown | unknown | true | unknown | |
sex.secure-cyber-security.\W'f66PV,PV!EH(L165s\W'fVVPV!PV,EH<@@ | unknown | unknown | true | unknown | |
siegheil.hiter.su.~W'f|!66PV,PV!E((|/3M58~W'f-#NNPV!PV,E@.@@3M5,Q8siegheilhitersun~W'f'66PV,PV!E((.n3M58~W'fAJJ | unknown | unknown | true | low | |
siegheil.hiter.su.TW'fW66PV,PV!E((g45?TW'fNNPV!PV,E@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.NW'f66PV,PV!E((E23;5`NW'fNNPV!PV,E@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.NW'f#66PV,PV!E((E23;5jNW'f$NNPV!PV,E@ | unknown | unknown | true | unknown | |
sex.secure-cyber-security.\W'fk66PV,PV!EH(LD65\W'fVVPV!PV,EHR@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.QW'fY66PV,PV!E((e>45$CQW'fNNPV!PV,E@.@@J5,-kzadolfhitle.sunQW'f66PV,PV!E((eM45i`QW'fNNPV!PV,E@.@@J5,Vkzadolfhitlersun.W'fa66PV,PV!E((e]55QW'fBbN.PV!PV,E@=@@JF5,kzadolfhitlersun..Q.'fm66PV,PV!E((es55FU!QW'fNNPV | unknown | unknown | true | unknown | |
kz.adolfhitler.su.YW'f66PV,PV!EH(Y2>Q5}YW'fNNPV!PV,E@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'f66PV,PV!EH(3T5ZW'fNNPV!PV,E@"o@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'fBBPV!PV,E4[@@[[*gBfP_DS;fQ!W'fyNNNPV!PV,.E@D@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'fneJJPV!PV,E<A@WE l@@HJPINGW'f?+NNPV.PV,E@<@@V[%&5 | unknown | unknown | true | unknown | |
kz.adolfhitler.su.BW'f'CNNPV!PV,E@y@@5,uFWkzadolfhitlersunFW'f.B | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'fNNPV!PV,E@4@@[%5,=^b,kzadolfhitlersunW'f3N | unknown | unknown | true | unknown | |
kz.adolfhitler.su.QW'f66PV,PV!E((eM45i`QW'fNNPV!PV,E@.@@J5,Vkzadolfhitlersun.W'fa66PV,PV!E((e]55QW'fBbN.PV!PV,E@=@@JF5,kzadolfhitlersun..Q.'fm66PV,PV!E((es55FU!QW'fNNPV | unknown | unknown | true | unknown | |
kz.adolfhitler.su.LW'ffJJPV!PV,E<@@FU#LW'f`66 | unknown | unknown | true | unknown | |
siegheil.hiter.su.TW'f66PV,PV!E((f4$5 TW'fNNPV!PV,E@.@@J?5,XsiegheilhitersunTW'fW66PV,PV!E((g45? | unknown | unknown | true | unknown | |
kz.adolfhitler.su.NW'f66PV,PV!E((E23;5NW'fNNPV!PV,E@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.OW'fR66PV,PV!E((E23;54]OW'fJSJJPV!PV,E<.@@Z3FN[b=#OW'fkK66PV,PV!E((@0FN[.QW'fLNNPV!PV,E@(@@K$5,5kz.adolfhitler.su.QW'fY66PV,PV!E((e>45$CQW'fNNPV!PV,E@.@@J5,-kzadolfhitle.sunQW'f66PV,PV!E((eM45i`QW'fNNPV!PV,E@.@@J5,Vkzadolfhitlersun.W'fa66PV,PV!E((e]55QW'fBbN.PV!PV,E@=@@JF5,kzadolfhitlersun..Q.'fm66PV,PV!E((es55FU!QW'fNNPV | unknown | unknown | true | unknown | |
siegheil.hiter.su.~W'f-66PV,PV!E((a/3M58~W'fNNPV!PV,E@.@@3M5,o8siegheilhitersun.~.'f|!66PV,PV!E((|/3M58~W'f-#NNPV | unknown | unknown | true | low | |
kz.adolfhitler.su.W'fNNPV!PV,E@@@Q[%i5,6b,kzadolfhitlersunW'fJ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.FW'f.BBPV!PV,E4\@@[[*gBfP_SfQGW'fTNNPV!.V,E@}@@h5,XFWkzadolfhitlersunLW'ffJ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'fJJPV!PV,E<C@@FV#W'f66 | unknown | unknown | true | unknown | |
kz.adolfhitler.su.QW'fa66PV,PV!E((e]55QW'fBbNNPV!PV,E@.@@JF5,kzadolfhitlersunQW'.m66PV,PV!E((es55FU!QW'fNNPV!PV,E@A.@Jr5,kzadolfhitlersunQW'f | unknown | unknown | true | unknown | |
sex.secure-cyber-security.\W'f66PV,PV!EH(L65m\W'fVVPV!PV,EH@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.'W'f]BBPV!PV,E4a@@_S[[+T>V48_i+W'frJJPV!PV,.E<D6@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.YW'f66PV,PV!E((z.BQ5yUYW'f`NNPV!PV,E@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.YW'fZ66PV,PV!EH(F2>Q5XbYW'faNNPV!PV,E@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'f<NNPV!PV,E@@i@@R[%5,5kzadolfhitlersusW'fBB | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'f3NNPV!PV,E@)@@[%e5,wb,kzadolfhitlersunW'fN | unknown | unknown | true | unknown | |
sex.secure-cyber-security | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'fBBPV!PV,E4@@kmP}l0"n.6AW'fS66PV,PV!.EH( | unknown | unknown | true | unknown | |
kz.adolfhitler.su.ZW'f66PV,PV!E((-CQ5eZW'f!JJPV!PV,E<.@@8nF-If#ZW'.66PV,PV!E((@0F.PZW'fHOBBPV!PV,E4a.@_R[[+T>V48_i\W'fVVPV | unknown | unknown | true | unknown | |
sex.secure-cyber-security._W'f:M66PV,PV!EH(2=Q5h_W'fNVVPV!PV,EH@@.Q54 | unknown | unknown | true | unknown | |
kz.adolfhitler.su.VW'f66PV,PV!EH(@tm5%VW'fNNPV!PV,E@.@@5,hEkzadolfhitlersun.W'f66PV,PV!EH(kv5xVW'fNN.V!PV,E@I@@/5,[kzadolfhitlersunWW'f.%66PV,PV!EH(it5/WW'f-JJPV!PV,E | unknown | unknown | true | low | |
kz.adolfhitler.su.NW'fB66PV,PV!E((E23;5NW'f8DNNPV!PV,E@ | unknown | unknown | true | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
212.70.149.14 | unknown | Bulgaria | 208410 | INTERNET-HOSTINGBG | false | |
212.70.149.10 | security.rebirth-network.su | Bulgaria | 208410 | INTERNET-HOSTINGBG | false | |
109.202.202.202 | unknown | Switzerland | 13030 | INIT7CH | false | |
91.189.91.43 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false | |
91.189.91.42 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
212.70.149.14 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
212.70.149.10 | Get hash | malicious | Unknown | Browse | ||
109.202.202.202 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Gafgyt | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
91.189.91.43 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Gafgyt | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
91.189.91.42 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Gafgyt | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
security.rebirth-network.su | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
CANONICAL-ASGB | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Gafgyt | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
CANONICAL-ASGB | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Gafgyt | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
INIT7CH | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Gafgyt | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
INTERNET-HOSTINGBG | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
INTERNET-HOSTINGBG | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 7.9546741082044505 |
TrID: |
|
File name: | SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf |
File size: | 52'128 bytes |
MD5: | 05d0269acbc7a252fc62179aef3f9676 |
SHA1: | 7b5376b5a15ade914ad1432e91d0a785435635dd |
SHA256: | 7501e8af6a2d3e35fa5ef5a3acab845e251bc92b2c97555ef425fbbafa63b9cb |
SHA512: | d56b34490d264cade3352b770ad258943d58977c42f0a134cd67eb1238098fbe260a20035a1951521f4cc6e630b916265e5a436d1461aae241205853dab2b84f |
SSDEEP: | 768:5wZDTurE4A32GS39aYO6nxpL1HZdXPJ+Y6jesuxHQ3AhIwkt9AJgGlzDpGO+e:5w1urE4A3PoER45HZRQYSuxGBxXAVGe |
TLSH: | F433F1F5260C06EBF9661235B1AB0BE00F3388706E677D4FEAEAC556C5145D134D7AE0 |
File Content Preview: | .ELF.....................E.....4.........4. ...(.............@...@.........D.................E...E.....h...h............sfga.......................W.......?.E.h4...@b..) ..]....-!....n's;..1...)..U..wC.:b{.N..0.._....j..q-.S.b..*.p....^#.................. |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 2 |
Section Header Offset: | 0 |
Section Header Size: | 40 |
Number of Section Headers: | 0 |
Header String Table Index: | 0 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x400000 | 0x400000 | 0x1000 | 0x4c244 | 7.8945 | 0x6 | RW | 0x10000 | ||
LOAD | 0x0 | 0x450000 | 0x450000 | 0xca68 | 0xca68 | 7.9564 | 0x5 | R E | 0x10000 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 23, 2024 08:37:01.019721985 CEST | 55764 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:37:01.214608908 CEST | 35342 | 55764 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:37:01.951873064 CEST | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Apr 23, 2024 08:37:03.231664896 CEST | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Apr 23, 2024 08:37:04.073199034 CEST | 55766 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:37:04.268450975 CEST | 35342 | 55766 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:37:17.309741020 CEST | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Apr 23, 2024 08:37:27.548326015 CEST | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Apr 23, 2024 08:37:31.291354895 CEST | 55768 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:37:31.486609936 CEST | 35342 | 55768 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:37:33.691425085 CEST | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Apr 23, 2024 08:37:33.932724953 CEST | 55770 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:37:34.127729893 CEST | 35342 | 55770 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:37:36.938080072 CEST | 55772 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:37:37.134257078 CEST | 35342 | 55772 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:37:58.263982058 CEST | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Apr 23, 2024 08:38:04.157377958 CEST | 55774 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:38:04.352477074 CEST | 35342 | 55774 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:38:07.152394056 CEST | 55776 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:38:07.346987009 CEST | 35342 | 55776 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:38:09.792825937 CEST | 55778 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:38:09.987621069 CEST | 35342 | 55778 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:38:12.438299894 CEST | 55780 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:38:12.633410931 CEST | 35342 | 55780 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:38:15.077279091 CEST | 55782 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:38:15.272186041 CEST | 35342 | 55782 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:38:18.195105076 CEST | 55784 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:38:18.390043020 CEST | 35342 | 55784 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:38:18.741192102 CEST | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Apr 23, 2024 08:38:21.231993914 CEST | 55786 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:38:21.427624941 CEST | 35342 | 55786 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:38:24.354219913 CEST | 55788 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:38:24.549057007 CEST | 35342 | 55788 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:38:51.572182894 CEST | 55790 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:38:51.767009020 CEST | 35342 | 55790 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:38:54.638784885 CEST | 55792 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:38:54.833595037 CEST | 35342 | 55792 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:39:21.857321024 CEST | 55794 | 35342 | 192.168.2.23 | 212.70.149.14 |
Apr 23, 2024 08:39:22.052244902 CEST | 35342 | 55794 | 212.70.149.14 | 192.168.2.23 |
Apr 23, 2024 08:39:24.238584042 CEST | 41854 | 35342 | 192.168.2.23 | 212.70.149.10 |
Apr 23, 2024 08:39:24.433412075 CEST | 35342 | 41854 | 212.70.149.10 | 192.168.2.23 |
Apr 23, 2024 08:39:24.433873892 CEST | 41854 | 35342 | 192.168.2.23 | 212.70.149.10 |
Apr 23, 2024 08:39:24.435998917 CEST | 41854 | 35342 | 192.168.2.23 | 212.70.149.10 |
Apr 23, 2024 08:39:24.630929947 CEST | 35342 | 41854 | 212.70.149.10 | 192.168.2.23 |
Apr 23, 2024 08:39:24.631125927 CEST | 41854 | 35342 | 192.168.2.23 | 212.70.149.10 |
Apr 23, 2024 08:39:24.825838089 CEST | 35342 | 41854 | 212.70.149.10 | 192.168.2.23 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 23, 2024 08:37:00.205827951 CEST | 57023 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:37:00.368906975 CEST | 53 | 57023 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:37:00.370832920 CEST | 41342 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:37:00.530855894 CEST | 53 | 41342 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:37:00.530967951 CEST | 42223 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:37:00.691401005 CEST | 53 | 42223 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:37:00.691546917 CEST | 35698 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:37:00.854940891 CEST | 53 | 35698 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:37:00.855096102 CEST | 44064 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:37:01.018590927 CEST | 53 | 44064 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:37:03.215104103 CEST | 48919 | 53 | 192.168.2.23 | 178.254.22.166 |
Apr 23, 2024 08:37:03.383570910 CEST | 53 | 48919 | 178.254.22.166 | 192.168.2.23 |
Apr 23, 2024 08:37:03.383922100 CEST | 48289 | 53 | 192.168.2.23 | 178.254.22.166 |
Apr 23, 2024 08:37:03.553550005 CEST | 53 | 48289 | 178.254.22.166 | 192.168.2.23 |
Apr 23, 2024 08:37:03.553770065 CEST | 55722 | 53 | 192.168.2.23 | 178.254.22.166 |
Apr 23, 2024 08:37:03.732379913 CEST | 53 | 55722 | 178.254.22.166 | 192.168.2.23 |
Apr 23, 2024 08:37:03.732548952 CEST | 44712 | 53 | 192.168.2.23 | 178.254.22.166 |
Apr 23, 2024 08:37:03.901050091 CEST | 53 | 44712 | 178.254.22.166 | 192.168.2.23 |
Apr 23, 2024 08:37:03.901271105 CEST | 41681 | 53 | 192.168.2.23 | 178.254.22.166 |
Apr 23, 2024 08:37:04.073013067 CEST | 53 | 41681 | 178.254.22.166 | 192.168.2.23 |
Apr 23, 2024 08:37:06.268757105 CEST | 47973 | 53 | 192.168.2.23 | 91.217.137.37 |
Apr 23, 2024 08:37:11.273215055 CEST | 40486 | 53 | 192.168.2.23 | 91.217.137.37 |
Apr 23, 2024 08:37:16.277714968 CEST | 36087 | 53 | 192.168.2.23 | 91.217.137.37 |
Apr 23, 2024 08:37:21.282233000 CEST | 53760 | 53 | 192.168.2.23 | 91.217.137.37 |
Apr 23, 2024 08:37:26.286861897 CEST | 46478 | 53 | 192.168.2.23 | 91.217.137.37 |
Apr 23, 2024 08:37:33.486946106 CEST | 44936 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:37:33.575762033 CEST | 53 | 44936 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:37:33.575910091 CEST | 47910 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:37:33.664654016 CEST | 53 | 47910 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:37:33.665003061 CEST | 37225 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:37:33.754302025 CEST | 53 | 37225 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:37:33.754481077 CEST | 57467 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:37:33.843307972 CEST | 53 | 57467 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:37:33.843544006 CEST | 49473 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:37:33.932544947 CEST | 53 | 49473 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:37:36.128396034 CEST | 45522 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:37:36.288691044 CEST | 53 | 45522 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:37:36.288975954 CEST | 44504 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:37:36.448972940 CEST | 53 | 44504 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:37:36.449203968 CEST | 59696 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:37:36.610331059 CEST | 53 | 59696 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:37:36.610567093 CEST | 58804 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:37:36.774106026 CEST | 53 | 58804 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:37:36.774358034 CEST | 57680 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:37:36.937861919 CEST | 53 | 57680 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:37:39.134449959 CEST | 37583 | 53 | 192.168.2.23 | 1.1.1.1 |
Apr 23, 2024 08:37:44.139081955 CEST | 51958 | 53 | 192.168.2.23 | 1.1.1.1 |
Apr 23, 2024 08:37:49.143667936 CEST | 57835 | 53 | 192.168.2.23 | 1.1.1.1 |
Apr 23, 2024 08:37:54.148262978 CEST | 41120 | 53 | 192.168.2.23 | 1.1.1.1 |
Apr 23, 2024 08:37:59.152828932 CEST | 48532 | 53 | 192.168.2.23 | 1.1.1.1 |
Apr 23, 2024 08:38:06.352891922 CEST | 56047 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:38:06.512665033 CEST | 53 | 56047 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:38:06.512967110 CEST | 32913 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:38:06.672508001 CEST | 53 | 32913 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:38:06.672823906 CEST | 36343 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:38:06.832411051 CEST | 53 | 36343 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:38:06.832638979 CEST | 53473 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:38:06.992146969 CEST | 53 | 53473 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:38:06.992434978 CEST | 35124 | 53 | 192.168.2.23 | 51.254.162.59 |
Apr 23, 2024 08:38:07.152070045 CEST | 53 | 35124 | 51.254.162.59 | 192.168.2.23 |
Apr 23, 2024 08:38:09.347368956 CEST | 44836 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:38:09.436312914 CEST | 53 | 44836 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:38:09.436645031 CEST | 55303 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:38:09.525543928 CEST | 53 | 55303 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:38:09.525764942 CEST | 36245 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:38:09.614806890 CEST | 53 | 36245 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:38:09.614978075 CEST | 60486 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:38:09.703597069 CEST | 53 | 60486 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:38:09.703742981 CEST | 56690 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:38:09.792481899 CEST | 53 | 56690 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:38:11.988317013 CEST | 45249 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:38:12.077138901 CEST | 53 | 45249 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:38:12.081804037 CEST | 38154 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:38:12.170972109 CEST | 53 | 38154 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:38:12.171174049 CEST | 42303 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:38:12.259927034 CEST | 53 | 42303 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:38:12.260257959 CEST | 38103 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:38:12.349139929 CEST | 53 | 38103 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:38:12.349349976 CEST | 50734 | 53 | 192.168.2.23 | 134.195.4.2 |
Apr 23, 2024 08:38:12.438083887 CEST | 53 | 50734 | 134.195.4.2 | 192.168.2.23 |
Apr 23, 2024 08:38:14.633780003 CEST | 51757 | 53 | 192.168.2.23 | 8.8.8.8 |
Apr 23, 2024 08:38:14.722126961 CEST | 53 | 51757 | 8.8.8.8 | 192.168.2.23 |
Apr 23, 2024 08:38:14.722285986 CEST | 35813 | 53 | 192.168.2.23 | 8.8.8.8 |
Apr 23, 2024 08:38:14.810353041 CEST | 53 | 35813 | 8.8.8.8 | 192.168.2.23 |
Apr 23, 2024 08:38:14.810635090 CEST | 50469 | 53 | 192.168.2.23 | 8.8.8.8 |
Apr 23, 2024 08:38:14.898578882 CEST | 53 | 50469 | 8.8.8.8 | 192.168.2.23 |
Apr 23, 2024 08:38:14.898945093 CEST | 53923 | 53 | 192.168.2.23 | 8.8.8.8 |
Apr 23, 2024 08:38:14.986776114 CEST | 53 | 53923 | 8.8.8.8 | 192.168.2.23 |
Apr 23, 2024 08:38:14.987006903 CEST | 57135 | 53 | 192.168.2.23 | 8.8.8.8 |
Apr 23, 2024 08:38:15.075104952 CEST | 53 | 57135 | 8.8.8.8 | 192.168.2.23 |
Apr 23, 2024 08:38:17.272589922 CEST | 37848 | 53 | 192.168.2.23 | 81.169.136.222 |
Apr 23, 2024 08:38:17.461401939 CEST | 53 | 37848 | 81.169.136.222 | 192.168.2.23 |
Apr 23, 2024 08:38:17.461920977 CEST | 52925 | 53 | 192.168.2.23 | 81.169.136.222 |
Apr 23, 2024 08:38:17.651691914 CEST | 53 | 52925 | 81.169.136.222 | 192.168.2.23 |
Apr 23, 2024 08:38:17.652055979 CEST | 38521 | 53 | 192.168.2.23 | 81.169.136.222 |
Apr 23, 2024 08:38:17.831685066 CEST | 53 | 38521 | 81.169.136.222 | 192.168.2.23 |
Apr 23, 2024 08:38:17.831840038 CEST | 51315 | 53 | 192.168.2.23 | 81.169.136.222 |
Apr 23, 2024 08:38:18.013098001 CEST | 53 | 51315 | 81.169.136.222 | 192.168.2.23 |
Apr 23, 2024 08:38:18.013403893 CEST | 54117 | 53 | 192.168.2.23 | 81.169.136.222 |
Apr 23, 2024 08:38:18.194746971 CEST | 53 | 54117 | 81.169.136.222 | 192.168.2.23 |
Apr 23, 2024 08:38:20.390595913 CEST | 34738 | 53 | 192.168.2.23 | 195.10.195.195 |
Apr 23, 2024 08:38:20.558585882 CEST | 53 | 34738 | 195.10.195.195 | 192.168.2.23 |
Apr 23, 2024 08:38:20.558849096 CEST | 54041 | 53 | 192.168.2.23 | 195.10.195.195 |
Apr 23, 2024 08:38:20.726454973 CEST | 53 | 54041 | 195.10.195.195 | 192.168.2.23 |
Apr 23, 2024 08:38:20.726701975 CEST | 41737 | 53 | 192.168.2.23 | 195.10.195.195 |
Apr 23, 2024 08:38:20.894826889 CEST | 53 | 41737 | 195.10.195.195 | 192.168.2.23 |
Apr 23, 2024 08:38:20.895001888 CEST | 50994 | 53 | 192.168.2.23 | 195.10.195.195 |
Apr 23, 2024 08:38:21.063225031 CEST | 53 | 50994 | 195.10.195.195 | 192.168.2.23 |
Apr 23, 2024 08:38:21.063426971 CEST | 35876 | 53 | 192.168.2.23 | 195.10.195.195 |
Apr 23, 2024 08:38:21.231611013 CEST | 53 | 35876 | 195.10.195.195 | 192.168.2.23 |
Apr 23, 2024 08:38:23.427989960 CEST | 58657 | 53 | 192.168.2.23 | 81.169.136.222 |
Apr 23, 2024 08:38:23.617257118 CEST | 53 | 58657 | 81.169.136.222 | 192.168.2.23 |
Apr 23, 2024 08:38:23.617465973 CEST | 46838 | 53 | 192.168.2.23 | 81.169.136.222 |
Apr 23, 2024 08:38:23.806201935 CEST | 53 | 46838 | 81.169.136.222 | 192.168.2.23 |
Apr 23, 2024 08:38:23.806597948 CEST | 50636 | 53 | 192.168.2.23 | 81.169.136.222 |
Apr 23, 2024 08:38:23.986159086 CEST | 53 | 50636 | 81.169.136.222 | 192.168.2.23 |
Apr 23, 2024 08:38:23.986444950 CEST | 56759 | 53 | 192.168.2.23 | 81.169.136.222 |
Apr 23, 2024 08:38:24.164601088 CEST | 53 | 56759 | 81.169.136.222 | 192.168.2.23 |
Apr 23, 2024 08:38:24.164813995 CEST | 33250 | 53 | 192.168.2.23 | 81.169.136.222 |
Apr 23, 2024 08:38:24.353857040 CEST | 53 | 33250 | 81.169.136.222 | 192.168.2.23 |
Apr 23, 2024 08:38:26.549436092 CEST | 46656 | 53 | 192.168.2.23 | 94.16.114.254 |
Apr 23, 2024 08:38:31.553945065 CEST | 48061 | 53 | 192.168.2.23 | 94.16.114.254 |
Apr 23, 2024 08:38:36.558619976 CEST | 40552 | 53 | 192.168.2.23 | 94.16.114.254 |
Apr 23, 2024 08:38:41.563102007 CEST | 40363 | 53 | 192.168.2.23 | 94.16.114.254 |
Apr 23, 2024 08:38:46.567655087 CEST | 45212 | 53 | 192.168.2.23 | 94.16.114.254 |
Apr 23, 2024 08:38:53.767502069 CEST | 49115 | 53 | 192.168.2.23 | 51.77.149.139 |
Apr 23, 2024 08:38:53.937925100 CEST | 53 | 49115 | 51.77.149.139 | 192.168.2.23 |
Apr 23, 2024 08:38:53.938299894 CEST | 33322 | 53 | 192.168.2.23 | 51.77.149.139 |
Apr 23, 2024 08:38:54.124631882 CEST | 53 | 33322 | 51.77.149.139 | 192.168.2.23 |
Apr 23, 2024 08:38:54.124851942 CEST | 48634 | 53 | 192.168.2.23 | 51.77.149.139 |
Apr 23, 2024 08:38:54.297772884 CEST | 53 | 48634 | 51.77.149.139 | 192.168.2.23 |
Apr 23, 2024 08:38:54.298439026 CEST | 38623 | 53 | 192.168.2.23 | 51.77.149.139 |
Apr 23, 2024 08:38:54.467324018 CEST | 53 | 38623 | 51.77.149.139 | 192.168.2.23 |
Apr 23, 2024 08:38:54.467756987 CEST | 46267 | 53 | 192.168.2.23 | 51.77.149.139 |
Apr 23, 2024 08:38:54.638503075 CEST | 53 | 46267 | 51.77.149.139 | 192.168.2.23 |
Apr 23, 2024 08:38:56.833980083 CEST | 55896 | 53 | 192.168.2.23 | 91.217.137.37 |
Apr 23, 2024 08:39:01.838566065 CEST | 55827 | 53 | 192.168.2.23 | 91.217.137.37 |
Apr 23, 2024 08:39:06.843570948 CEST | 41061 | 53 | 192.168.2.23 | 91.217.137.37 |
Apr 23, 2024 08:39:11.847855091 CEST | 50020 | 53 | 192.168.2.23 | 91.217.137.37 |
Apr 23, 2024 08:39:16.852495909 CEST | 57705 | 53 | 192.168.2.23 | 91.217.137.37 |
Apr 23, 2024 08:39:24.053260088 CEST | 54028 | 53 | 192.168.2.23 | 8.8.8.8 |
Apr 23, 2024 08:39:24.235625982 CEST | 53 | 54028 | 8.8.8.8 | 192.168.2.23 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Apr 23, 2024 08:37:06.812397957 CEST | 192.168.2.23 | 192.168.2.1 | 8283 | (Port unreachable) | Destination Unreachable |
Apr 23, 2024 08:38:26.920032024 CEST | 192.168.2.23 | 192.168.2.1 | 8283 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 23, 2024 08:37:00.205827951 CEST | 192.168.2.23 | 51.254.162.59 | 0x2022 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:00.370832920 CEST | 192.168.2.23 | 51.254.162.59 | 0x2022 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:00.530967951 CEST | 192.168.2.23 | 51.254.162.59 | 0x2022 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:00.691546917 CEST | 192.168.2.23 | 51.254.162.59 | 0x2022 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:00.855096102 CEST | 192.168.2.23 | 51.254.162.59 | 0x2022 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:03.215104103 CEST | 192.168.2.23 | 178.254.22.166 | 0xe980 | Standard query (0) | 13585 | 4961 | false | |
Apr 23, 2024 08:37:03.383922100 CEST | 192.168.2.23 | 178.254.22.166 | 0xe980 | Standard query (0) | 960 | 43010 | false | |
Apr 23, 2024 08:37:03.553770065 CEST | 192.168.2.23 | 178.254.22.166 | 0xe980 | Standard query (0) | 56768 | 43010 | false | |
Apr 23, 2024 08:37:03.732548952 CEST | 192.168.2.23 | 178.254.22.166 | 0xe980 | Standard query (0) | 56000 | 43010 | false | |
Apr 23, 2024 08:37:03.901271105 CEST | 192.168.2.23 | 178.254.22.166 | 0xe980 | Standard query (0) | 61120 | 43010 | false | |
Apr 23, 2024 08:37:06.268757105 CEST | 192.168.2.23 | 91.217.137.37 | 0x35bc | Standard query (0) | 11424 | 47925 | false | |
Apr 23, 2024 08:37:11.273215055 CEST | 192.168.2.23 | 91.217.137.37 | 0x35bc | Standard query (0) | 20566 | 42785 | false | |
Apr 23, 2024 08:37:16.277714968 CEST | 192.168.2.23 | 91.217.137.37 | 0x35bc | Standard query (0) | 16401 | 20005 | false | |
Apr 23, 2024 08:37:21.282233000 CEST | 192.168.2.23 | 91.217.137.37 | 0x35bc | Standard query (0) | 20566 | 42785 | false | |
Apr 23, 2024 08:37:26.286861897 CEST | 192.168.2.23 | 91.217.137.37 | 0x35bc | Standard query (0) | 16390 | 51825 | false | |
Apr 23, 2024 08:37:33.486946106 CEST | 192.168.2.23 | 134.195.4.2 | 0xc918 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:33.575910091 CEST | 192.168.2.23 | 134.195.4.2 | 0xc918 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:33.665003061 CEST | 192.168.2.23 | 134.195.4.2 | 0xc918 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:33.754481077 CEST | 192.168.2.23 | 134.195.4.2 | 0xc918 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:33.843544006 CEST | 192.168.2.23 | 134.195.4.2 | 0xc918 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:36.128396034 CEST | 192.168.2.23 | 51.254.162.59 | 0xa476 | Standard query (0) | 256 | 304 | false | |
Apr 23, 2024 08:37:36.288975954 CEST | 192.168.2.23 | 51.254.162.59 | 0xa476 | Standard query (0) | 256 | 304 | false | |
Apr 23, 2024 08:37:36.449203968 CEST | 192.168.2.23 | 51.254.162.59 | 0xa476 | Standard query (0) | 256 | 304 | false | |
Apr 23, 2024 08:37:36.610567093 CEST | 192.168.2.23 | 51.254.162.59 | 0xa476 | Standard query (0) | 256 | 304 | false | |
Apr 23, 2024 08:37:36.774358034 CEST | 192.168.2.23 | 51.254.162.59 | 0xa476 | Standard query (0) | 256 | 304 | false | |
Apr 23, 2024 08:37:39.134449959 CEST | 192.168.2.23 | 1.1.1.1 | 0x4657 | Standard query (0) | 19968 | 0 | false | |
Apr 23, 2024 08:37:44.139081955 CEST | 192.168.2.23 | 1.1.1.1 | 0x4657 | Standard query (0) | 19968 | 0 | false | |
Apr 23, 2024 08:37:49.143667936 CEST | 192.168.2.23 | 1.1.1.1 | 0x4657 | Standard query (0) | 16896 | 0 | false | |
Apr 23, 2024 08:37:54.148262978 CEST | 192.168.2.23 | 1.1.1.1 | 0x4657 | Standard query (0) | 74 | 0 | false | |
Apr 23, 2024 08:37:59.152828932 CEST | 192.168.2.23 | 1.1.1.1 | 0x4657 | Standard query (0) | 80 | 22168 | false | |
Apr 23, 2024 08:38:06.352891922 CEST | 192.168.2.23 | 51.254.162.59 | 0xaa04 | Standard query (0) | 16384 | 16401 | false | |
Apr 23, 2024 08:38:06.512967110 CEST | 192.168.2.23 | 51.254.162.59 | 0xaa04 | Standard query (0) | 16384 | 16401 | false | |
Apr 23, 2024 08:38:06.672823906 CEST | 192.168.2.23 | 51.254.162.59 | 0xaa04 | Standard query (0) | 16384 | 16401 | false | |
Apr 23, 2024 08:38:06.832638979 CEST | 192.168.2.23 | 51.254.162.59 | 0xaa04 | Standard query (0) | 16384 | 16401 | false | |
Apr 23, 2024 08:38:06.992434978 CEST | 192.168.2.23 | 51.254.162.59 | 0xaa04 | Standard query (0) | 8469 | 80 | false | |
Apr 23, 2024 08:38:09.347368956 CEST | 192.168.2.23 | 134.195.4.2 | 0xefa2 | Standard query (0) | 8469 | 80 | false | |
Apr 23, 2024 08:38:09.436645031 CEST | 192.168.2.23 | 134.195.4.2 | 0xefa2 | Standard query (0) | 8469 | 80 | false | |
Apr 23, 2024 08:38:09.525764942 CEST | 192.168.2.23 | 134.195.4.2 | 0xefa2 | Standard query (0) | 13824 | 0 | false | |
Apr 23, 2024 08:38:09.614978075 CEST | 192.168.2.23 | 134.195.4.2 | 0xefa2 | Standard query (0) | 13824 | 0 | false | |
Apr 23, 2024 08:38:09.703742981 CEST | 192.168.2.23 | 134.195.4.2 | 0xefa2 | Standard query (0) | 0 | 21591 | false | |
Apr 23, 2024 08:38:11.988317013 CEST | 192.168.2.23 | 134.195.4.2 | 0xd7df | Standard query (0) | 535 | 53 | false | |
Apr 23, 2024 08:38:12.081804037 CEST | 192.168.2.23 | 134.195.4.2 | 0xd7df | Standard query (0) | 84 | 22311 | false | |
Apr 23, 2024 08:38:12.171174049 CEST | 192.168.2.23 | 134.195.4.2 | 0xd7df | Standard query (0) | 16384 | 16401 | false | |
Apr 23, 2024 08:38:12.260257959 CEST | 192.168.2.23 | 134.195.4.2 | 0xd7df | Standard query (0) | 16384 | 16401 | false | |
Apr 23, 2024 08:38:12.349349976 CEST | 192.168.2.23 | 134.195.4.2 | 0xd7df | Standard query (0) | 61630 | 1536 | false | |
Apr 23, 2024 08:38:14.633780003 CEST | 192.168.2.23 | 8.8.8.8 | 0x13a4 | Standard query (0) | 20566 | 39057 | false | |
Apr 23, 2024 08:38:14.722285986 CEST | 192.168.2.23 | 8.8.8.8 | 0x13a4 | Standard query (0) | 15585 | 56896 | false | |
Apr 23, 2024 08:38:14.810635090 CEST | 192.168.2.23 | 8.8.8.8 | 0x13a4 | Standard query (0) | 15585 | 56896 | false | |
Apr 23, 2024 08:38:14.898945093 CEST | 192.168.2.23 | 8.8.8.8 | 0x13a4 | Standard query (0) | 80 | 22168 | false | |
Apr 23, 2024 08:38:14.987006903 CEST | 192.168.2.23 | 8.8.8.8 | 0x13a4 | Standard query (0) | 16384 | 16390 | false | |
Apr 23, 2024 08:38:17.272589922 CEST | 192.168.2.23 | 81.169.136.222 | 0xf50d | Standard query (0) | 16384 | 16401 | false | |
Apr 23, 2024 08:38:17.461920977 CEST | 192.168.2.23 | 81.169.136.222 | 0xf50d | Standard query (0) | 16384 | 16401 | false | |
Apr 23, 2024 08:38:17.652055979 CEST | 192.168.2.23 | 81.169.136.222 | 0xf50d | Standard query (0) | 16384 | 16401 | false | |
Apr 23, 2024 08:38:17.831840038 CEST | 192.168.2.23 | 81.169.136.222 | 0xf50d | Standard query (0) | 16384 | 16401 | false | |
Apr 23, 2024 08:38:18.013403893 CEST | 192.168.2.23 | 81.169.136.222 | 0xf50d | Standard query (0) | 8469 | 80 | false | |
Apr 23, 2024 08:38:20.390595913 CEST | 192.168.2.23 | 195.10.195.195 | 0xeee1 | Standard query (0) | 64704 | 43010 | false | |
Apr 23, 2024 08:38:20.558849096 CEST | 192.168.2.23 | 195.10.195.195 | 0xeee1 | Standard query (0) | 56256 | 43010 | false | |
Apr 23, 2024 08:38:20.726701975 CEST | 192.168.2.23 | 195.10.195.195 | 0xeee1 | Standard query (0) | 50624 | 43010 | false | |
Apr 23, 2024 08:38:20.895001888 CEST | 192.168.2.23 | 195.10.195.195 | 0xeee1 | Standard query (0) | 47552 | 43010 | false | |
Apr 23, 2024 08:38:21.063426971 CEST | 192.168.2.23 | 195.10.195.195 | 0xeee1 | Standard query (0) | 62656 | 43010 | false | |
Apr 23, 2024 08:38:23.427989960 CEST | 192.168.2.23 | 81.169.136.222 | 0x9b68 | Standard query (0) | 0 | 22016 | false | |
Apr 23, 2024 08:38:23.617465973 CEST | 192.168.2.23 | 81.169.136.222 | 0x9b68 | Standard query (0) | 39784 | 256 | false | |
Apr 23, 2024 08:38:23.806597948 CEST | 192.168.2.23 | 81.169.136.222 | 0x9b68 | Standard query (0) | 39784 | 256 | false | |
Apr 23, 2024 08:38:23.986444950 CEST | 192.168.2.23 | 81.169.136.222 | 0x9b68 | Standard query (0) | 39784 | 256 | false | |
Apr 23, 2024 08:38:24.164813995 CEST | 192.168.2.23 | 81.169.136.222 | 0x9b68 | Standard query (0) | 43010 | 5982 | false | |
Apr 23, 2024 08:38:26.549436092 CEST | 192.168.2.23 | 94.16.114.254 | 0x4404 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:38:31.553945065 CEST | 192.168.2.23 | 94.16.114.254 | 0x4404 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:38:36.558619976 CEST | 192.168.2.23 | 94.16.114.254 | 0x4404 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:38:41.563102007 CEST | 192.168.2.23 | 94.16.114.254 | 0x4404 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:38:46.567655087 CEST | 192.168.2.23 | 94.16.114.254 | 0x4404 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:38:53.767502069 CEST | 192.168.2.23 | 51.77.149.139 | 0x9138 | Standard query (0) | 16384 | 16401 | false | |
Apr 23, 2024 08:38:53.938299894 CEST | 192.168.2.23 | 51.77.149.139 | 0x9138 | Standard query (0) | A (IP address) | 0 | false | |
Apr 23, 2024 08:38:54.124851942 CEST | 192.168.2.23 | 51.77.149.139 | 0x9138 | Standard query (0) | 8469 | 80 | false | |
Apr 23, 2024 08:38:54.298439026 CEST | 192.168.2.23 | 51.77.149.139 | 0x9138 | Standard query (0) | 20566 | 42785 | false | |
Apr 23, 2024 08:38:54.467756987 CEST | 192.168.2.23 | 51.77.149.139 | 0x9138 | Standard query (0) | 16384 | 16390 | false | |
Apr 23, 2024 08:38:56.833980083 CEST | 192.168.2.23 | 91.217.137.37 | 0x622c | Standard query (0) | 19968 | 0 | false | |
Apr 23, 2024 08:39:01.838566065 CEST | 192.168.2.23 | 91.217.137.37 | 0x622c | Standard query (0) | 19968 | 0 | false | |
Apr 23, 2024 08:39:06.843570948 CEST | 192.168.2.23 | 91.217.137.37 | 0x622c | Standard query (0) | 19968 | 0 | false | |
Apr 23, 2024 08:39:11.847855091 CEST | 192.168.2.23 | 91.217.137.37 | 0x622c | Standard query (0) | 18944 | 0 | false | |
Apr 23, 2024 08:39:16.852495909 CEST | 192.168.2.23 | 91.217.137.37 | 0x622c | Standard query (0) | 80 | 22168 | false | |
Apr 23, 2024 08:39:24.053260088 CEST | 192.168.2.23 | 8.8.8.8 | 0x2f05 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 23, 2024 08:37:00.368906975 CEST | 51.254.162.59 | 192.168.2.23 | 0x2022 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:00.530855894 CEST | 51.254.162.59 | 192.168.2.23 | 0x2022 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:00.691401005 CEST | 51.254.162.59 | 192.168.2.23 | 0x2022 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:00.854940891 CEST | 51.254.162.59 | 192.168.2.23 | 0x2022 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:01.018590927 CEST | 51.254.162.59 | 192.168.2.23 | 0x2022 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:33.575762033 CEST | 134.195.4.2 | 192.168.2.23 | 0xc918 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:33.664654016 CEST | 134.195.4.2 | 192.168.2.23 | 0xc918 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:33.754302025 CEST | 134.195.4.2 | 192.168.2.23 | 0xc918 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:33.843307972 CEST | 134.195.4.2 | 192.168.2.23 | 0xc918 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:37:33.932544947 CEST | 134.195.4.2 | 192.168.2.23 | 0xc918 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:39:24.235625982 CEST | 8.8.8.8 | 192.168.2.23 | 0x2f05 | No error (0) | 212.70.149.10 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /tmp/SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf |
Arguments: | /tmp/SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /tmp/SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /tmp/SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /tmp/SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /tmp/SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /tmp/SecuriteInfo.com.Linux.Siggen.7232.1376.786.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/journalctl |
Arguments: | /usr/bin/journalctl --smart-relinquish-var |
File size: | 80120 bytes |
MD5 hash: | bf3a987344f3bacafc44efd882abda8b |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/libexec/gvfsd-fuse |
Arguments: | - |
File size: | 47632 bytes |
MD5 hash: | d18fbf1cbf8eb57b17fac48b7b4be933 |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /bin/fusermount |
Arguments: | fusermount -u -q -z -- /run/user/1000/gvfs |
File size: | 39144 bytes |
MD5 hash: | 576a1b135c82bdcbc97a91acea900566 |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 06:36:59 |
Start date (UTC): | 23/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 06:37:00 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:37:00 |
Start date (UTC): | 23/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 06:37:00 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:37:00 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 06:37:00 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 06:37:00 |
Start date (UTC): | 23/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 06:37:00 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:37:00 |
Start date (UTC): | 23/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 06:37:00 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:37:00 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 06:37:00 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:37:00 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 06:37:01 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:37:01 |
Start date (UTC): | 23/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 06:37:01 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:37:01 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 06:37:01 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:37:01 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 06:37:01 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:37:01 |
Start date (UTC): | 23/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 06:37:01 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:37:01 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 06:37:01 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:37:01 |
Start date (UTC): | 23/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 06:37:01 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:37:01 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 06:37:02 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 06:37:02 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |