Linux
Analysis Report
XHYKEGTtfq.elf
Overview
General Information
Sample name: | XHYKEGTtfq.elfrenamed because original name is a hash value |
Original sample name: | 73b136cb342e7a64855905830cdf0c0b.elf |
Analysis ID: | 1430906 |
MD5: | 73b136cb342e7a64855905830cdf0c0b |
SHA1: | 87c0098d9c86435194231c2f5623a7e8c488a861 |
SHA256: | c860d081fb8cfed28d01b054bf1611c295a6d307537563ad02650cc94c280746 |
Tags: | 32elfpowerpc |
Infos: |
Detection
Score: | 60 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Classification
Analysis Advice
Static ELF header machine description suggests that the sample might not execute correctly on this machine. |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1430906 |
Start date and time: | 2024-04-24 10:57:06 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 2s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | XHYKEGTtfq.elfrenamed because original name is a hash value |
Original Sample Name: | 73b136cb342e7a64855905830cdf0c0b.elf |
Detection: | MAL |
Classification: | mal60.spre.troj.evad.linELF@0/0@0/0 |
- Connection to analysis system has been lost, crash info: Unknown
Command: | /tmp/XHYKEGTtfq.elf |
PID: | 5432 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | black botnet voodoo |
Standard Error: |
- system is lnxubuntu20
- XHYKEGTtfq.elf New Fork (PID: 5434, Parent: 5432)
- XHYKEGTtfq.elf New Fork (PID: 5436, Parent: 5434)
- XHYKEGTtfq.elf New Fork (PID: 5438, Parent: 5434)
- XHYKEGTtfq.elf New Fork (PID: 5440, Parent: 5434)
- XHYKEGTtfq.elf New Fork (PID: 5441, Parent: 5434)
- systemd New Fork (PID: 5444, Parent: 1)
- systemd New Fork (PID: 5461, Parent: 1)
- systemd New Fork (PID: 5478, Parent: 1)
- gvfsd-fuse New Fork (PID: 5479, Parent: 3122)
- systemd New Fork (PID: 5480, Parent: 2935)
- systemd New Fork (PID: 5484, Parent: 1)
- systemd New Fork (PID: 5485, Parent: 1)
- systemd New Fork (PID: 5486, Parent: 1)
- systemd New Fork (PID: 5490, Parent: 1)
- systemd New Fork (PID: 5491, Parent: 1)
- systemd New Fork (PID: 5492, Parent: 1)
- systemd New Fork (PID: 5493, Parent: 1)
- systemd New Fork (PID: 5494, Parent: 1)
- systemd New Fork (PID: 5495, Parent: 1)
- systemd New Fork (PID: 5496, Parent: 1)
- systemd New Fork (PID: 5497, Parent: 1)
- systemd New Fork (PID: 5498, Parent: 1)
- gdm3 New Fork (PID: 5499, Parent: 1400)
- gdm3 New Fork (PID: 5500, Parent: 1400)
- gdm3 New Fork (PID: 5501, Parent: 1400)
- systemd New Fork (PID: 5502, Parent: 1)
- systemd New Fork (PID: 5505, Parent: 1)
- gpu-manager New Fork (PID: 5506, Parent: 5505)
- sh New Fork (PID: 5507, Parent: 5506)
- systemd New Fork (PID: 5508, Parent: 1)
- generate-config New Fork (PID: 5509, Parent: 5508)
- systemd New Fork (PID: 5510, Parent: 1)
- systemd New Fork (PID: 5511, Parent: 1)
- generate-config New Fork (PID: 5512, Parent: 5511)
- systemd New Fork (PID: 5513, Parent: 1)
- gpu-manager New Fork (PID: 5514, Parent: 5513)
- sh New Fork (PID: 5515, Parent: 5514)
- systemd New Fork (PID: 5516, Parent: 1)
- generate-config New Fork (PID: 5517, Parent: 5516)
- systemd New Fork (PID: 5518, Parent: 1)
- systemd New Fork (PID: 5519, Parent: 1)
- generate-config New Fork (PID: 5520, Parent: 5519)
- systemd New Fork (PID: 5521, Parent: 1)
- systemd New Fork (PID: 5522, Parent: 1)
- generate-config New Fork (PID: 5523, Parent: 5522)
- systemd New Fork (PID: 5524, Parent: 1)
- systemd New Fork (PID: 5526, Parent: 2935)
- cleanup
Click to jump to signature section
AV Detection |
---|
Source: | Virustotal: | Perma Link |
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior |
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
System Summary |
---|
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior |
Source: | Program segment: |
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior |
Source: | Classification label: |
Persistence and Installation Behavior |
---|
Source: | File: | Jump to behavior |
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior |
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior |
Source: | Pkill executable: | Jump to behavior | ||
Source: | Pkill executable: | Jump to behavior | ||
Source: | Pkill executable: | Jump to behavior | ||
Source: | Pkill executable: | Jump to behavior | ||
Source: | Pkill executable: | Jump to behavior |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | File: | Jump to behavior |
Source: | Submission file: | ||
Source: | Submission file: |
Source: | Truncated file: | Jump to behavior | ||
Source: | Truncated file: | Jump to behavior | ||
Source: | Truncated file: | Jump to behavior | ||
Source: | Truncated file: | Jump to behavior |
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | Windows Management Instrumentation | 1 Scripting | Path Interception | 1 Disable or Modify Tools | OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | 1 Service Stop |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Indicator Removal | LSASS Memory | 1 File and Directory Discovery | Remote Desktop Protocol | Data from Removable Media | Junk Data | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 Obfuscated Files or Information | Security Account Manager | 1 System Information Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | Steganography | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 File Deletion | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Protocol Impersonation | Traffic Duplication | Data Destruction |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
11% | Virustotal | Browse |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
212.70.149.14 | unknown | Bulgaria | 208410 | INTERNET-HOSTINGBG | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
212.70.149.14 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
INTERNET-HOSTINGBG | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
File type: | |
Entropy (8bit): | 7.970205312474335 |
TrID: |
|
File name: | XHYKEGTtfq.elf |
File size: | 46'656 bytes |
MD5: | 73b136cb342e7a64855905830cdf0c0b |
SHA1: | 87c0098d9c86435194231c2f5623a7e8c488a861 |
SHA256: | c860d081fb8cfed28d01b054bf1611c295a6d307537563ad02650cc94c280746 |
SHA512: | 81af757f1e3cc4608da40137130a6efb1be3c1e2edc08f6ed75159f9e440fcb695feb95728ef0d6157202be1e356d4d269448c279444bef88e34d24dd0cf6b72 |
SSDEEP: | 768:cnhQn2SuI+h7gjER7R3Q2stXIhyXkGhe0WDo31aostZwceD6hnTKcb4uVcqgw0Eo:XNO6Qc2UXIoX1e0J31fstZwyN3b4u+qc |
TLSH: | FE23F13ADD692D3AFC6FFD323D5A8363A72ED68515A3A3950184FF414C4D02AED848C4 |
File Content Preview: | .ELF...........................4.........4. ...(........................../4...........................@...@........dt.Q................................sfga.P.....................W.......?.E.h4...@b........=.a...!.1.Z!K.......T.(..lj.T .`F.}.>...p.....>#9 |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 0 |
Section Header Size: | 40 |
Number of Section Headers: | 0 |
Header String Table Index: | 0 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x10000000 | 0x10000000 | 0x1000 | 0x32f34 | 7.8829 | 0x6 | RW | 0x10000 | ||
LOAD | 0x0 | 0x10040000 | 0x10040000 | 0xb540 | 0xb540 | 7.9720 | 0x5 | R E | 0x10000 | ||
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 24, 2024 10:57:52.829941034 CEST | 42674 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 10:57:53.158019066 CEST | 35342 | 42674 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 10:57:56.824860096 CEST | 42678 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 10:57:57.152399063 CEST | 35342 | 42678 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 10:58:00.767880917 CEST | 42680 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 10:58:01.093925953 CEST | 35342 | 42680 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 10:58:03.966942072 CEST | 42682 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 10:58:04.298343897 CEST | 35342 | 42682 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 10:58:31.321029902 CEST | 42684 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 10:58:31.647145033 CEST | 35342 | 42684 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 10:58:35.187374115 CEST | 42686 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 10:58:35.513803005 CEST | 35342 | 42686 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 10:58:37.805960894 CEST | 42688 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 10:58:38.133001089 CEST | 35342 | 42688 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 10:58:41.753118038 CEST | 42690 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 10:58:42.079061031 CEST | 35342 | 42690 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 10:59:09.112138033 CEST | 42692 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 10:59:09.438483000 CEST | 35342 | 42692 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 10:59:36.465599060 CEST | 42694 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 10:59:36.792435884 CEST | 35342 | 42694 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 10:59:40.336221933 CEST | 42696 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 10:59:40.662914038 CEST | 35342 | 42696 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 10:59:44.196711063 CEST | 42698 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 10:59:44.522787094 CEST | 35342 | 42698 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 10:59:48.135737896 CEST | 42700 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 10:59:48.462379932 CEST | 35342 | 42700 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 10:59:52.012990952 CEST | 42702 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 10:59:52.339411020 CEST | 35342 | 42702 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 11:00:19.366575956 CEST | 42704 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 11:00:19.692785025 CEST | 35342 | 42704 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 11:00:21.985075951 CEST | 42706 | 35342 | 192.168.2.13 | 212.70.149.14 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 24, 2024 10:57:52.537662983 CEST | 52777 | 53 | 192.168.2.13 | 51.158.108.203 |
Apr 24, 2024 10:57:52.828303099 CEST | 53 | 52777 | 51.158.108.203 | 192.168.2.13 |
Apr 24, 2024 10:57:55.158890963 CEST | 45841 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:57:55.476224899 CEST | 53 | 45841 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:57:55.476520061 CEST | 38594 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:57:55.804251909 CEST | 53 | 38594 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:57:55.804567099 CEST | 46735 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:57:56.113241911 CEST | 53 | 46735 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:57:56.113457918 CEST | 46019 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:57:56.514849901 CEST | 53 | 46019 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:57:56.515017986 CEST | 35299 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:57:56.824580908 CEST | 53 | 35299 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:57:59.152807951 CEST | 38202 | 53 | 192.168.2.13 | 185.181.61.24 |
Apr 24, 2024 10:57:59.476119995 CEST | 53 | 38202 | 185.181.61.24 | 192.168.2.13 |
Apr 24, 2024 10:57:59.476305008 CEST | 60188 | 53 | 192.168.2.13 | 185.181.61.24 |
Apr 24, 2024 10:57:59.804452896 CEST | 53 | 60188 | 185.181.61.24 | 192.168.2.13 |
Apr 24, 2024 10:57:59.804702997 CEST | 45652 | 53 | 192.168.2.13 | 185.181.61.24 |
Apr 24, 2024 10:58:00.127368927 CEST | 53 | 45652 | 185.181.61.24 | 192.168.2.13 |
Apr 24, 2024 10:58:00.127605915 CEST | 47825 | 53 | 192.168.2.13 | 185.181.61.24 |
Apr 24, 2024 10:58:00.449290991 CEST | 53 | 47825 | 185.181.61.24 | 192.168.2.13 |
Apr 24, 2024 10:58:00.449518919 CEST | 38373 | 53 | 192.168.2.13 | 185.181.61.24 |
Apr 24, 2024 10:58:00.767709970 CEST | 53 | 38373 | 185.181.61.24 | 192.168.2.13 |
Apr 24, 2024 10:58:03.094355106 CEST | 44823 | 53 | 192.168.2.13 | 134.195.4.2 |
Apr 24, 2024 10:58:03.269135952 CEST | 53 | 44823 | 134.195.4.2 | 192.168.2.13 |
Apr 24, 2024 10:58:03.269284010 CEST | 47576 | 53 | 192.168.2.13 | 134.195.4.2 |
Apr 24, 2024 10:58:03.442320108 CEST | 53 | 47576 | 134.195.4.2 | 192.168.2.13 |
Apr 24, 2024 10:58:03.442640066 CEST | 53605 | 53 | 192.168.2.13 | 134.195.4.2 |
Apr 24, 2024 10:58:03.616166115 CEST | 53 | 53605 | 134.195.4.2 | 192.168.2.13 |
Apr 24, 2024 10:58:03.616322994 CEST | 47311 | 53 | 192.168.2.13 | 134.195.4.2 |
Apr 24, 2024 10:58:03.793488026 CEST | 53 | 47311 | 134.195.4.2 | 192.168.2.13 |
Apr 24, 2024 10:58:03.793601036 CEST | 46671 | 53 | 192.168.2.13 | 134.195.4.2 |
Apr 24, 2024 10:58:03.966528893 CEST | 53 | 46671 | 134.195.4.2 | 192.168.2.13 |
Apr 24, 2024 10:58:06.298695087 CEST | 38695 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 10:58:11.303807020 CEST | 42614 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 10:58:16.305469036 CEST | 53924 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 10:58:21.310739994 CEST | 43056 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 10:58:26.315515041 CEST | 45338 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 10:58:33.648534060 CEST | 39878 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 10:58:33.957607031 CEST | 53 | 39878 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 10:58:33.957890034 CEST | 37910 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 10:58:34.262073040 CEST | 53 | 37910 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 10:58:34.262415886 CEST | 42911 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 10:58:34.569291115 CEST | 53 | 42911 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 10:58:34.569632053 CEST | 46989 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 10:58:34.879728079 CEST | 53 | 46989 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 10:58:34.879972935 CEST | 35274 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 10:58:35.186902046 CEST | 53 | 35274 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 10:58:37.514334917 CEST | 50148 | 53 | 192.168.2.13 | 51.158.108.203 |
Apr 24, 2024 10:58:37.805547953 CEST | 53 | 50148 | 51.158.108.203 | 192.168.2.13 |
Apr 24, 2024 10:58:40.133846998 CEST | 46261 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:58:40.441004038 CEST | 53 | 46261 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:58:40.441299915 CEST | 36207 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:58:40.758447886 CEST | 53 | 36207 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:58:40.758658886 CEST | 33544 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:58:41.134124994 CEST | 53 | 33544 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:58:41.134320974 CEST | 60824 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:58:41.443811893 CEST | 53 | 60824 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:58:41.444091082 CEST | 34569 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:58:41.752899885 CEST | 53 | 34569 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:58:44.079926968 CEST | 38404 | 53 | 192.168.2.13 | 94.16.114.254 |
Apr 24, 2024 10:58:49.081254959 CEST | 41787 | 53 | 192.168.2.13 | 94.16.114.254 |
Apr 24, 2024 10:58:54.086536884 CEST | 56639 | 53 | 192.168.2.13 | 94.16.114.254 |
Apr 24, 2024 10:58:59.091737032 CEST | 59855 | 53 | 192.168.2.13 | 94.16.114.254 |
Apr 24, 2024 10:59:04.104593039 CEST | 54591 | 53 | 192.168.2.13 | 94.16.114.254 |
Apr 24, 2024 10:59:11.439615011 CEST | 36175 | 53 | 192.168.2.13 | 91.217.137.37 |
Apr 24, 2024 10:59:16.444818020 CEST | 39534 | 53 | 192.168.2.13 | 91.217.137.37 |
Apr 24, 2024 10:59:21.450050116 CEST | 43959 | 53 | 192.168.2.13 | 91.217.137.37 |
Apr 24, 2024 10:59:26.455229998 CEST | 50950 | 53 | 192.168.2.13 | 91.217.137.37 |
Apr 24, 2024 10:59:31.460372925 CEST | 45235 | 53 | 192.168.2.13 | 91.217.137.37 |
Apr 24, 2024 10:59:38.793472052 CEST | 52358 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:59:39.100649118 CEST | 53 | 52358 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:59:39.101006031 CEST | 60768 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:59:39.408070087 CEST | 53 | 60768 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:59:39.408582926 CEST | 60381 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:59:39.719038963 CEST | 53 | 60381 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:59:39.719460964 CEST | 39585 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:59:40.026556969 CEST | 53 | 39585 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:59:40.026803017 CEST | 32776 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:59:40.335963011 CEST | 53 | 32776 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:59:42.663521051 CEST | 48330 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 10:59:42.970443964 CEST | 53 | 48330 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 10:59:42.970669031 CEST | 49045 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 10:59:43.273282051 CEST | 53 | 49045 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 10:59:43.273499966 CEST | 35645 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 10:59:43.580207109 CEST | 53 | 35645 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 10:59:43.580478907 CEST | 58013 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 10:59:43.888185978 CEST | 53 | 58013 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 10:59:43.888392925 CEST | 34726 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 10:59:44.196475983 CEST | 53 | 34726 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 10:59:46.523507118 CEST | 47771 | 53 | 192.168.2.13 | 185.181.61.24 |
Apr 24, 2024 10:59:46.846268892 CEST | 53 | 47771 | 185.181.61.24 | 192.168.2.13 |
Apr 24, 2024 10:59:46.846836090 CEST | 54292 | 53 | 192.168.2.13 | 185.181.61.24 |
Apr 24, 2024 10:59:47.168649912 CEST | 53 | 54292 | 185.181.61.24 | 192.168.2.13 |
Apr 24, 2024 10:59:47.169198990 CEST | 34936 | 53 | 192.168.2.13 | 185.181.61.24 |
Apr 24, 2024 10:59:47.490906000 CEST | 53 | 34936 | 185.181.61.24 | 192.168.2.13 |
Apr 24, 2024 10:59:47.491437912 CEST | 34026 | 53 | 192.168.2.13 | 185.181.61.24 |
Apr 24, 2024 10:59:47.813054085 CEST | 53 | 34026 | 185.181.61.24 | 192.168.2.13 |
Apr 24, 2024 10:59:47.813406944 CEST | 35466 | 53 | 192.168.2.13 | 185.181.61.24 |
Apr 24, 2024 10:59:48.135298014 CEST | 53 | 35466 | 185.181.61.24 | 192.168.2.13 |
Apr 24, 2024 10:59:50.463210106 CEST | 47933 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:59:50.771748066 CEST | 53 | 47933 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:59:50.772161961 CEST | 48325 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:59:51.079488993 CEST | 53 | 48325 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:59:51.079859972 CEST | 33520 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:59:51.396220922 CEST | 53 | 33520 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:59:51.396677971 CEST | 33185 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:59:51.703886032 CEST | 53 | 33185 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:59:51.704359055 CEST | 36642 | 53 | 192.168.2.13 | 51.77.149.139 |
Apr 24, 2024 10:59:52.012482882 CEST | 53 | 36642 | 51.77.149.139 | 192.168.2.13 |
Apr 24, 2024 10:59:54.340229988 CEST | 44905 | 53 | 192.168.2.13 | 94.16.114.254 |
Apr 24, 2024 10:59:59.345390081 CEST | 50876 | 53 | 192.168.2.13 | 94.16.114.254 |
Apr 24, 2024 11:00:04.350707054 CEST | 49167 | 53 | 192.168.2.13 | 94.16.114.254 |
Apr 24, 2024 11:00:09.355878115 CEST | 59920 | 53 | 192.168.2.13 | 94.16.114.254 |
Apr 24, 2024 11:00:14.361112118 CEST | 42168 | 53 | 192.168.2.13 | 94.16.114.254 |
Apr 24, 2024 11:00:21.693627119 CEST | 37684 | 53 | 192.168.2.13 | 51.158.108.203 |
Apr 24, 2024 11:00:21.984572887 CEST | 53 | 37684 | 51.158.108.203 | 192.168.2.13 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Apr 24, 2024 10:58:01.382989883 CEST | 192.168.2.13 | 192.168.2.1 | 8279 | (Port unreachable) | Destination Unreachable |
Apr 24, 2024 10:59:21.410352945 CEST | 192.168.2.13 | 192.168.2.1 | 8279 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 24, 2024 10:59:46.846268892 CEST | 185.181.61.24 | 192.168.2.13 | 0xf795 | Format error (1) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 10:59:47.168649912 CEST | 185.181.61.24 | 192.168.2.13 | 0xf795 | Format error (1) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 10:59:47.490906000 CEST | 185.181.61.24 | 192.168.2.13 | 0xf795 | Format error (1) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 10:59:47.813054085 CEST | 185.181.61.24 | 192.168.2.13 | 0xf795 | Format error (1) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 10:59:48.135298014 CEST | 185.181.61.24 | 192.168.2.13 | 0xf795 | Format error (1) | none | none | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/XHYKEGTtfq.elf |
Arguments: | /tmp/XHYKEGTtfq.elf |
File size: | 5388968 bytes |
MD5 hash: | ae65271c943d3451b7f026d1fadccea6 |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/XHYKEGTtfq.elf |
Arguments: | - |
File size: | 5388968 bytes |
MD5 hash: | ae65271c943d3451b7f026d1fadccea6 |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/XHYKEGTtfq.elf |
Arguments: | - |
File size: | 5388968 bytes |
MD5 hash: | ae65271c943d3451b7f026d1fadccea6 |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/XHYKEGTtfq.elf |
Arguments: | - |
File size: | 5388968 bytes |
MD5 hash: | ae65271c943d3451b7f026d1fadccea6 |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/XHYKEGTtfq.elf |
Arguments: | - |
File size: | 5388968 bytes |
MD5 hash: | ae65271c943d3451b7f026d1fadccea6 |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/XHYKEGTtfq.elf |
Arguments: | - |
File size: | 5388968 bytes |
MD5 hash: | ae65271c943d3451b7f026d1fadccea6 |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/journalctl |
Arguments: | /usr/bin/journalctl --smart-relinquish-var |
File size: | 80120 bytes |
MD5 hash: | bf3a987344f3bacafc44efd882abda8b |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/libexec/gvfsd-fuse |
Arguments: | - |
File size: | 47632 bytes |
MD5 hash: | d18fbf1cbf8eb57b17fac48b7b4be933 |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /bin/fusermount |
Arguments: | fusermount -u -q -z -- /run/user/1000/gvfs |
File size: | 39144 bytes |
MD5 hash: | 576a1b135c82bdcbc97a91acea900566 |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:51 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/pulseaudio |
Arguments: | /usr/bin/pulseaudio --daemonize=no --log-target=journal |
File size: | 100832 bytes |
MD5 hash: | 0c3b4c789d8ffb12b25507f27e14c186 |
Start time (UTC): | 08:57:52 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:52 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 08:57:52 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:52 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 08:57:52 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:52 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 08:57:52 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:52 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 08:57:52 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:52 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 08:57:53 |
Start date (UTC): | 24/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:54 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:54 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 08:57:55 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:55 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/gpu-manager |
Arguments: | /usr/bin/gpu-manager --log /var/log/gpu-manager.log |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
Start time (UTC): | 08:57:55 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/gpu-manager |
Arguments: | - |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
Start time (UTC): | 08:57:55 |
Start date (UTC): | 24/04/2024 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:55 |
Start date (UTC): | 24/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:55 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
Start time (UTC): | 08:57:55 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:55 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | /usr/share/gdm/generate-config |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:55 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:55 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/pkill |
Arguments: | pkill --signal HUP --uid gdm dconf-service |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
Start time (UTC): | 08:57:56 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:56 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/gpu-manager |
Arguments: | /usr/bin/gpu-manager --log /var/log/gpu-manager.log |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
Start time (UTC): | 08:57:56 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:56 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | /usr/share/gdm/generate-config |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:56 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:56 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/pkill |
Arguments: | pkill --signal HUP --uid gdm dconf-service |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
Start time (UTC): | 08:57:57 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:57 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/gpu-manager |
Arguments: | /usr/bin/gpu-manager --log /var/log/gpu-manager.log |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
Start time (UTC): | 08:57:57 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/gpu-manager |
Arguments: | - |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
Start time (UTC): | 08:57:57 |
Start date (UTC): | 24/04/2024 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:57 |
Start date (UTC): | 24/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:57 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
Start time (UTC): | 08:57:57 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:57 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | /usr/share/gdm/generate-config |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:57 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:57 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/pkill |
Arguments: | pkill --signal HUP --uid gdm dconf-service |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
Start time (UTC): | 08:57:58 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:58 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/gpu-manager |
Arguments: | /usr/bin/gpu-manager --log /var/log/gpu-manager.log |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
Start time (UTC): | 08:57:58 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:57:58 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | /usr/share/gdm/generate-config |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:58 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:57:58 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/pkill |
Arguments: | pkill --signal HUP --uid gdm dconf-service |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
Start time (UTC): | 08:58:00 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:58:00 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/gpu-manager |
Arguments: | /usr/bin/gpu-manager --log /var/log/gpu-manager.log |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
Start time (UTC): | 08:58:00 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:58:00 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | /usr/share/gdm/generate-config |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:58:00 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:58:00 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/pkill |
Arguments: | pkill --signal HUP --uid gdm dconf-service |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
Start time (UTC): | 08:58:01 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:58:01 |
Start date (UTC): | 24/04/2024 |
Path: | /bin/plymouth |
Arguments: | /bin/plymouth quit |
File size: | 51352 bytes |
MD5 hash: | 87003efd8dad470042f5e75360a8f49f |
Start time (UTC): | 08:59:21 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 08:59:21 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |