Linux
Analysis Report
2V7qaSy0Jl.elf
Overview
General Information
Sample name: | 2V7qaSy0Jl.elfrenamed because original name is a hash value |
Original sample name: | 4b15139d9470c06c80f03adc079299dc.elf |
Analysis ID: | 1430965 |
MD5: | 4b15139d9470c06c80f03adc079299dc |
SHA1: | c5b21eb6f1b006e1453885ddf9f0008b5cd5bf68 |
SHA256: | a9301a5114ab68806699349380c7d06da2ba1f1b10001d6f47442c3d3eca5399 |
Tags: | 32elfmipsmirai |
Infos: |
Detection
Score: | 60 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Classification
Analysis Advice
Static ELF header machine description suggests that the sample might not execute correctly on this machine. |
All HTTP servers contacted by the sample do not answer. The sample is likely an old dropper which does no longer work. |
Static ELF header machine description suggests that the sample might only run correctly on MIPS or ARM architectures. |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1430965 |
Start date and time: | 2024-04-24 12:33:27 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 13s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | 2V7qaSy0Jl.elfrenamed because original name is a hash value |
Original Sample Name: | 4b15139d9470c06c80f03adc079299dc.elf |
Detection: | MAL |
Classification: | mal60.spre.troj.evad.linELF@0/0@73/0 |
- Connection to analysis system has been lost, crash info: Unknown
- VT rate limit hit for: kz.adolfhitler.su._(faNNPV!a/E@W@@q5,'kzadolfhitlersusd(fNN
- VT rate limit hit for: kz.adolfhitler.su.i(fJJPV!a/E<m@@Fi(f66a
- VT rate limit hit for: kz.adolfhitler.su.(f4NNPV!a/E@E@@0G5,*kzadolfhitlersus(fDJJ
- VT rate limit hit for: kz.adolfhitler.su.(fDJJPV!a/E<W@sKyE 4@@pJ8PING(f8JJJPV.a/E<U@@F
- VT rate limit hit for: kz.adolfhitler.su.(f66a/PV!EH(A05(f'!NNPV!a/E@y@@
- VT rate limit hit for: kz.adolfhitler.su.(fINNa/PV!E(@/H^3l5,Hjkzadolfhitlersus(fNN
- VT rate limit hit for: kz.adolfhitler.su.(f7NNa/PV!E(@/HH3l5,jkzadolfhitlersus(f8NN
- VT rate limit hit for: kz.adolfhitler.su.(feNNa/PV!E(@#/HC3l5X,xjkzadolfhitlersus(fgNN
- VT rate limit hit for: kz.adolfhitler.su.(f66a/PV!EH(h+mw=5ML(fINNPV!a/E@l@@
- VT rate limit hit for: sex.secure-cyber-security.(fk66a/PV!EH(F05_nof(fVVPV!a/EH@@
- VT rate limit hit for: sex.secure-cyber-security.(f{166a/PV!EH(%15Lf(f2VVPV!a/EH@@
- VT rate limit hit for: sex.secure-cyber-security.(fy66a/PV!E((H.,f3;5Na(fVVPV!a/EH@@
- VT rate limit hit for: sex.secure-cyber-security.(fQ66a/PV!E((~.,03;5a(fSJJPV!a/E<@@.F"58$(fJJPV!a/E<@@iF"5
- VT rate limit hit for: siegheil.hiter.su.1(fc66a/PV!EH(]2_5/?1(f-NNPV!a/E@(@@
- VT rate limit hit for: siegheil.hiter.su.1(fa66a/PV!EH(]+25?1(fbNNPV!a/E@'@@
- VT rate limit hit for: siegheil.hiter.su.2(f]d66a/PV!EH(]25[?2(feJJPV!a/E<m@@
- VT rate limit hit for: siegheil.hiter.su.H(fGNNPV!a/E@@@b[%5,5siegheilhitersusM(fJJ
Command: | /tmp/2V7qaSy0Jl.elf |
PID: | 5461 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | black botnet voodoo |
Standard Error: |
- system is lnxubuntu20
- 2V7qaSy0Jl.elf New Fork (PID: 5464, Parent: 5461)
- 2V7qaSy0Jl.elf New Fork (PID: 5466, Parent: 5464)
- 2V7qaSy0Jl.elf New Fork (PID: 5468, Parent: 5464)
- 2V7qaSy0Jl.elf New Fork (PID: 5470, Parent: 5464)
- 2V7qaSy0Jl.elf New Fork (PID: 5471, Parent: 5464)
- systemd New Fork (PID: 5474, Parent: 1)
- systemd New Fork (PID: 5495, Parent: 1)
- systemd New Fork (PID: 5508, Parent: 1)
- systemd New Fork (PID: 5510, Parent: 1)
- systemd New Fork (PID: 5511, Parent: 1)
- systemd New Fork (PID: 5513, Parent: 1)
- systemd New Fork (PID: 5514, Parent: 1)
- systemd New Fork (PID: 5515, Parent: 1)
- systemd New Fork (PID: 5516, Parent: 1)
- systemd New Fork (PID: 5517, Parent: 1)
- systemd New Fork (PID: 5520, Parent: 1)
- systemd New Fork (PID: 5521, Parent: 1)
- systemd New Fork (PID: 5522, Parent: 1)
- systemd New Fork (PID: 5523, Parent: 1)
- gdm3 New Fork (PID: 5524, Parent: 1400)
- gdm3 New Fork (PID: 5525, Parent: 1400)
- systemd New Fork (PID: 5526, Parent: 1)
- gdm3 New Fork (PID: 5527, Parent: 1400)
- systemd New Fork (PID: 5528, Parent: 1)
- systemd New Fork (PID: 5529, Parent: 1)
- systemd New Fork (PID: 5530, Parent: 1)
- generate-config New Fork (PID: 5531, Parent: 5530)
- systemd New Fork (PID: 5532, Parent: 1)
- systemd New Fork (PID: 5533, Parent: 1)
- generate-config New Fork (PID: 5534, Parent: 5533)
- systemd New Fork (PID: 5535, Parent: 1)
- systemd New Fork (PID: 5536, Parent: 1)
- generate-config New Fork (PID: 5537, Parent: 5536)
- systemd New Fork (PID: 5540, Parent: 1)
- gpu-manager New Fork (PID: 5541, Parent: 5540)
- sh New Fork (PID: 5542, Parent: 5541)
- systemd New Fork (PID: 5543, Parent: 1)
- generate-config New Fork (PID: 5544, Parent: 5543)
- systemd New Fork (PID: 5545, Parent: 1)
- systemd New Fork (PID: 5546, Parent: 1)
- generate-config New Fork (PID: 5547, Parent: 5546)
- systemd New Fork (PID: 5548, Parent: 1)
- systemd New Fork (PID: 5549, Parent: 2935)
- systemd New Fork (PID: 5550, Parent: 2935)
- cleanup
Click to jump to signature section
AV Detection |
---|
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior |
Source: | String: |
Networking |
---|
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: |
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | Network traffic detected: |
System Summary |
---|
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior |
Source: | String containing 'busybox' found: | ||
Source: | String containing 'busybox' found: |
Source: | .symtab present: |
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior |
Source: | Classification label: |
Source: | Shell command executed: | Jump to behavior |
Source: | Grep executable: | Jump to behavior |
Source: | Pkill executable: | Jump to behavior | ||
Source: | Pkill executable: | Jump to behavior | ||
Source: | Pkill executable: | Jump to behavior | ||
Source: | Pkill executable: | Jump to behavior | ||
Source: | Pkill executable: | Jump to behavior |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | File: | Jump to behavior |
Source: | Truncated file: | Jump to behavior | ||
Source: | Truncated file: | Jump to behavior |
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior |
Source: | Queries kernel information via 'uname': | Jump to behavior | ||
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 2 Scripting | Valid Accounts | Windows Management Instrumentation | 2 Scripting | Path Interception | 1 Disable or Modify Tools | OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | 1 Service Stop |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Indicator Removal | LSASS Memory | 1 System Information Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Standard Port | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 File Deletion | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 12 Application Layer Protocol | Traffic Duplication | Data Destruction |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
19% | Virustotal | Browse | ||
13% | ReversingLabs | Linux.Trojan.Mirai |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
sex.secure-cyber-security.(f{166a/PV!EH(%15Lf(f2VVPV!a/EH@@ | unknown | unknown | true | low | |
kz.adolfhitler.su.(f66a/PV!EH(A05(f'!NNPV!a/E@y@@ | unknown | unknown | true | low | |
siegheil.hiter.su.2(f]d66a/PV!EH(]25[?2(feJJPV!a/E<m@@ | unknown | unknown | true | low | |
kz.adolfhitler.su.i(fJJPV!a/E<m@@Fi(f66a | unknown | unknown | true | low | |
kz.adolfhitler.su.(f4NNPV!a/E@E@@0G5,*kzadolfhitlersus(fDJJ | unknown | unknown | true | low | |
siegheil.hiter.su.1(fa66a/PV!EH(]+25?1(fbNNPV!a/E@'@@ | unknown | unknown | true | low | |
sex.secure-cyber-security.(fQ66a/PV!E((~.,03;5a(fSJJPV!a/E<@@.F"58$(fJJPV!a/E<@@iF"5 | unknown | unknown | true | low | |
kz.adolfhitler.su.(f7NNa/PV!E(@/HH3l5,jkzadolfhitlersus(f8NN | unknown | unknown | true | low | |
kz.adolfhitler.su.(f66a/PV!EH(h+mw=5ML(fINNPV!a/E@l@@ | unknown | unknown | true | low | |
siegheil.hiter.su.1(fc66a/PV!EH(]2_5/?1(f-NNPV!a/E@(@@ | unknown | unknown | true | low | |
siegheil.hiter.su.H(fGNNPV!a/E@@@b[%5,5siegheilhitersusM(fJJ | unknown | unknown | true | low | |
kz.adolfhitler.su.(fINNa/PV!E(@/H^3l5,Hjkzadolfhitlersus(fNN | unknown | unknown | true | low | |
kz.adolfhitler.su.(feNNa/PV!E(@#/HC3l5X,xjkzadolfhitlersus(fgNN | unknown | unknown | true | low | |
sex.secure-cyber-security.(fy66a/PV!E((H.,f3;5Na(fVVPV!a/EH@@ | unknown | unknown | true | low | |
kz.adolfhitler.su._(faNNPV!a/E@W@@q5,'kzadolfhitlersusd(fNN | unknown | unknown | true | low | |
sex.secure-cyber-security.(fk66a/PV!EH(F05_nof(fVVPV!a/EH@@ | unknown | unknown | true | low | |
kz.adolfhitler.su.(fDJJPV!a/E<W@sKyE 4@@pJ8PING(f8JJJPV.a/E<U@@F | unknown | unknown | true | low | |
security.rebirth-network.su. | unknown | unknown | true | unknown | |
siegheil.hiter.su.M(fJJPV!a/E<@@R0FE\4N(f#66a | unknown | unknown | true | low | |
siegheil.hiter.su.(fP@66a/PV!EH(15/(fEANNPV!a/E@.@@+5,/sieg.eilhitersun(f66a/PV!EH(0T5>/(fNN | unknown | unknown | true | low | |
siegheil.hiter.su.2(f66a/PV!EH(]2!51?2(fNNPV!a/E@(W@@ | unknown | unknown | true | low | |
kz.adolfhitler.su.(fN66a/PV!EH(h,lQ=5&L(fPNNPV!a/E@@@ | unknown | unknown | true | low | |
sex.secure-cyber-security.(fOG66a/PV!EH(/5t1f(fHJJPV!a/E<ol@@ | unknown | unknown | true | low | |
kz.adolfhitler.su.(fB66a/PV!EH(0$5(f'NNPV!a/E@@@ | unknown | unknown | true | low | |
kz.adolfhitler.su.(fpT66a/PV!EH(/5(fVNNPV!a/E@Q@@ | unknown | unknown | true | low | |
kz.adolfhitler.su.Z(fNNPV!a/E@U@@!5,kzadolfhitlersus_(faNN | unknown | unknown | true | low | |
kz.adolfhitler.su.(fNNa/PV!E(@d/H3l5, Fjkzadolfhitlersus(fNN | unknown | unknown | true | low | |
sex.secure-cyber-security.(fk66a/PV!E((.,3;5a(fVVPV!a/EH.@@ | unknown | unknown | true | low | |
sex.secure-cyber-security.(f'66a/PV!EH(0P5>f(fVVPV!a/EHd@@ | unknown | unknown | true | low | |
sex.secure-cyber-security.(f0\66a/PV!E((.,3;5a(f3]VVPV!a/EH]@@ | unknown | unknown | true | low | |
sex.secure-cyber-security.(f~66a/PV!E((9.,u3;56a(fVVPV!a/EH`@@ | unknown | unknown | true | low | |
kz.adolfhitler.su.d(fNNPV!a/E@\@@um5,+kzadolfhitlersusi(fJJ | unknown | unknown | true | low | |
kz.adolfhitler.su.p(fJNNPV!a/E@<t@@95,gkzadolfhitlersusu(fNN | unknown | unknown | true | low | |
kz.adolfhitler.su.(f66a/PV!EH(hb+m=5L(f?NNPV!a/E@ @@ | unknown | unknown | true | low | |
kz.adolfhitler.su.z(f1 NNPV!a/E@BB@@3V5,kzadolfhitlersus(f4NN | unknown | unknown | true | low | |
siegheil.hiter.su.(f^66a/PV!EH(/5/(fNNPV!a/E@ | unknown | unknown | true | low | |
siegheil.hiter.su.6(fBBBPV!a/E4@@o}J?[yr3`Nq%s9(fNNPV!a/.E@@ | unknown | unknown | true | low | |
siegheil.hiter.su.(f66a/PV!EH(0T5>/(fNNPV!a/E@.@@95,/siegheilhitersun(fpC66a/PV!EH(1'59 | unknown | unknown | true | low | |
kz.adolfhitler.su.(f&66a/PV!EH(0V5x(f'NNPV!a/E@@@ | unknown | unknown | true | low | |
kz.adolfhitler.su.(fENNa/PV!E(@/G3l5*,jkzadolfhitlersus(fXFJJ | unknown | unknown | true | low | |
siegheil.hiter.su.(fb66a/PV!EH(C15?/(f9dJJPV!a/E<.@@F_< | unknown | unknown | true | low | |
kz.adolfhitler.su.U(fUBBPV!a/E4@@o}J?[yr3`NqsU(fNNPV!a/.E@Q3@ | unknown | unknown | true | low | |
siegheil.hiter.su.(fpC66a/PV!EH(1'59?/(fDNNPV!a/E@ | unknown | unknown | true | low | |
kz.adolfhitler.su.(f66a/PV!EH(r15(fJJPV!a/E<@@.F%n1(fQ66a/PV!E((.,"F%P(fXXPV!a/E | unknown | unknown | true | low | |
siegheil.hiter.su.>(fZNNPV!a/E@@@R[%5,5siegheilhitersusC(fNN | unknown | unknown | true | low | |
kz.adolfhitler.su.u(fNNPV!a/E@?@@65,QGkzadolfhitlersusz(f1 NN | unknown | unknown | true | low | |
sex.secure-cyber-security | unknown | unknown | true | unknown | |
sex.secure-cyber-security.(fq66a/PV!EH( 05Z@f(ftVVPV!a/EH@@ | unknown | unknown | true | low | |
siegheil.hiter.su.1(f66a/PV!EH(]c25@5?1(fNNPV!a/E@'@@ | unknown | unknown | true | low | |
siegheil.hiter.su.C(fNNPV!a/E@@@[%5,5siegheilhitersusH(fGNN | unknown | unknown | true | low |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
212.70.149.14 | unknown | Bulgaria | 208410 | INTERNET-HOSTINGBG | false | |
185.125.190.26 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
212.70.149.14 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
185.125.190.26 | Get hash | malicious | Gafgyt, Mirai | Browse | ||
Get hash | malicious | Gafgyt | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai, Okiru | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Gafgyt | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
CANONICAL-ASGB | Get hash | malicious | Gafgyt, Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Gafgyt | Browse |
| ||
Get hash | malicious | Gafgyt | Browse |
| ||
Get hash | malicious | Gafgyt | Browse |
| ||
Get hash | malicious | Gafgyt | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
INTERNET-HOSTINGBG | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
File type: | |
Entropy (8bit): | 4.856719362975037 |
TrID: |
|
File name: | 2V7qaSy0Jl.elf |
File size: | 200'216 bytes |
MD5: | 4b15139d9470c06c80f03adc079299dc |
SHA1: | c5b21eb6f1b006e1453885ddf9f0008b5cd5bf68 |
SHA256: | a9301a5114ab68806699349380c7d06da2ba1f1b10001d6f47442c3d3eca5399 |
SHA512: | b98715532fe496025af57b863b73419c5c28839b316117099098557494964644a49213045a2079b2f9f701dbfa8abcbe047e4a3f776d8f3eaf8bce15fbc5be5c |
SSDEEP: | 1536:WOGrIYbQfEa7nLerNyR1phl7g7tu5ybDrgmYv6rjnUQFljO3MEl0kXVTr:isYMEa7L51p7Su5GYirrxljO1 |
TLSH: | 8D147285BFA13FFFD81ECD334295CA05029C9A0A5299AF776A34D508F68B14E59D3C8C |
File Content Preview: | .ELF....................`.@.4...........4. ...(...............@...@.....................<...<.C.<.C.H...............Q.td...............................'...................<...'!.............9'.. ........................<...'!.............9'.. ............ |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 199656 |
Section Header Size: | 40 |
Number of Section Headers: | 14 |
Header String Table Index: | 13 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x400094 | 0x94 | 0x7c | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.text | PROGBITS | 0x400110 | 0x110 | 0x2ce30 | 0x0 | 0x6 | AX | 0 | 0 | 16 |
.fini | PROGBITS | 0x42cf40 | 0x2cf40 | 0x4c | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.rodata | PROGBITS | 0x42cf90 | 0x2cf90 | 0x2f80 | 0x0 | 0x2 | A | 0 | 0 | 16 |
.ctors | PROGBITS | 0x43003c | 0x3003c | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x430044 | 0x30044 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data.rel.ro | PROGBITS | 0x430050 | 0x30050 | 0x5a8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x4305f8 | 0x305f8 | 0x8c | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.got | PROGBITS | 0x430690 | 0x30690 | 0x4f4 | 0x4 | 0x10000003 | WAp | 0 | 0 | 16 |
.sbss | NOBITS | 0x430b84 | 0x30b84 | 0x20 | 0x0 | 0x10000003 | WAp | 0 | 0 | 4 |
.bss | NOBITS | 0x430bb0 | 0x30b84 | 0x9694 | 0x0 | 0x3 | WA | 0 | 0 | 16 |
.mdebug.abi32 | PROGBITS | 0x288 | 0x30b84 | 0x0 | 0x0 | 0x0 | 0 | 0 | 1 | |
.shstrtab | STRTAB | 0x0 | 0x30b84 | 0x64 | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x400000 | 0x400000 | 0x2ff10 | 0x2ff10 | 4.8427 | 0x5 | R E | 0x10000 | .init .text .fini .rodata | |
LOAD | 0x3003c | 0x43003c | 0x43003c | 0xb48 | 0xa208 | 4.8216 | 0x6 | RW | 0x10000 | .ctors .dtors .data.rel.ro .data .got .sbss .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x7 | RWE | 0x4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 24, 2024 12:34:21.724380016 CEST | 42666 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:34:22.725714922 CEST | 42666 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:34:23.052942038 CEST | 35342 | 42666 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 12:34:26.550323963 CEST | 42668 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:34:26.878401041 CEST | 35342 | 42668 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 12:34:30.213701010 CEST | 48202 | 443 | 192.168.2.13 | 185.125.190.26 |
Apr 24, 2024 12:34:53.905941010 CEST | 42670 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:34:54.232738972 CEST | 35342 | 42670 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 12:35:01.189780951 CEST | 48202 | 443 | 192.168.2.13 | 185.125.190.26 |
Apr 24, 2024 12:35:21.256206989 CEST | 42672 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:35:21.583138943 CEST | 35342 | 42672 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 12:35:48.608824015 CEST | 42674 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:35:48.936546087 CEST | 35342 | 42674 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 12:35:51.789064884 CEST | 42676 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:35:52.115964890 CEST | 35342 | 42676 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 12:35:54.953016996 CEST | 42678 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:35:55.279783010 CEST | 35342 | 42678 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 12:35:58.841857910 CEST | 42680 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:35:59.168785095 CEST | 35342 | 42680 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 12:36:02.021025896 CEST | 42682 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:36:02.348181009 CEST | 35342 | 42682 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 12:36:29.367343903 CEST | 42684 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:36:29.694278002 CEST | 35342 | 42684 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 12:36:33.222265005 CEST | 42686 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:36:33.549424887 CEST | 35342 | 42686 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 12:36:37.084141016 CEST | 42688 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:36:37.412451982 CEST | 35342 | 42688 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 12:36:40.938770056 CEST | 42690 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:36:41.957861900 CEST | 42690 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:36:42.284940004 CEST | 35342 | 42690 | 212.70.149.14 | 192.168.2.13 |
Apr 24, 2024 12:36:45.738903999 CEST | 42692 | 35342 | 192.168.2.13 | 212.70.149.14 |
Apr 24, 2024 12:36:46.066106081 CEST | 35342 | 42692 | 212.70.149.14 | 192.168.2.13 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 24, 2024 12:34:20.749727011 CEST | 40094 | 53 | 192.168.2.13 | 134.195.4.2 |
Apr 24, 2024 12:34:20.921669960 CEST | 53 | 40094 | 134.195.4.2 | 192.168.2.13 |
Apr 24, 2024 12:34:21.031465054 CEST | 59007 | 53 | 192.168.2.13 | 134.195.4.2 |
Apr 24, 2024 12:34:21.203629017 CEST | 53 | 59007 | 134.195.4.2 | 192.168.2.13 |
Apr 24, 2024 12:34:21.203917980 CEST | 33228 | 53 | 192.168.2.13 | 134.195.4.2 |
Apr 24, 2024 12:34:21.377615929 CEST | 53 | 33228 | 134.195.4.2 | 192.168.2.13 |
Apr 24, 2024 12:34:21.377872944 CEST | 38982 | 53 | 192.168.2.13 | 134.195.4.2 |
Apr 24, 2024 12:34:21.550031900 CEST | 53 | 38982 | 134.195.4.2 | 192.168.2.13 |
Apr 24, 2024 12:34:21.550260067 CEST | 32987 | 53 | 192.168.2.13 | 134.195.4.2 |
Apr 24, 2024 12:34:21.722579002 CEST | 53 | 32987 | 134.195.4.2 | 192.168.2.13 |
Apr 24, 2024 12:34:25.053827047 CEST | 60562 | 53 | 192.168.2.13 | 195.10.195.195 |
Apr 24, 2024 12:34:25.352678061 CEST | 53 | 60562 | 195.10.195.195 | 192.168.2.13 |
Apr 24, 2024 12:34:25.352930069 CEST | 58688 | 53 | 192.168.2.13 | 195.10.195.195 |
Apr 24, 2024 12:34:25.651704073 CEST | 53 | 58688 | 195.10.195.195 | 192.168.2.13 |
Apr 24, 2024 12:34:25.651911020 CEST | 50623 | 53 | 192.168.2.13 | 195.10.195.195 |
Apr 24, 2024 12:34:25.951138973 CEST | 53 | 50623 | 195.10.195.195 | 192.168.2.13 |
Apr 24, 2024 12:34:25.951340914 CEST | 50148 | 53 | 192.168.2.13 | 195.10.195.195 |
Apr 24, 2024 12:34:26.250564098 CEST | 53 | 50148 | 195.10.195.195 | 192.168.2.13 |
Apr 24, 2024 12:34:26.250869989 CEST | 39363 | 53 | 192.168.2.13 | 195.10.195.195 |
Apr 24, 2024 12:34:26.549981117 CEST | 53 | 39363 | 195.10.195.195 | 192.168.2.13 |
Apr 24, 2024 12:34:28.879648924 CEST | 42620 | 53 | 192.168.2.13 | 91.217.137.37 |
Apr 24, 2024 12:34:33.884917974 CEST | 45392 | 53 | 192.168.2.13 | 91.217.137.37 |
Apr 24, 2024 12:34:38.890202045 CEST | 48826 | 53 | 192.168.2.13 | 91.217.137.37 |
Apr 24, 2024 12:34:43.895443916 CEST | 44719 | 53 | 192.168.2.13 | 91.217.137.37 |
Apr 24, 2024 12:34:48.900679111 CEST | 53485 | 53 | 192.168.2.13 | 91.217.137.37 |
Apr 24, 2024 12:34:56.233582020 CEST | 43720 | 53 | 192.168.2.13 | 1.0.0.1 |
Apr 24, 2024 12:35:01.238744020 CEST | 58015 | 53 | 192.168.2.13 | 1.0.0.1 |
Apr 24, 2024 12:35:06.243990898 CEST | 38546 | 53 | 192.168.2.13 | 1.0.0.1 |
Apr 24, 2024 12:35:11.245857000 CEST | 53105 | 53 | 192.168.2.13 | 1.0.0.1 |
Apr 24, 2024 12:35:16.251039982 CEST | 59757 | 53 | 192.168.2.13 | 1.0.0.1 |
Apr 24, 2024 12:35:23.584141970 CEST | 39075 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 12:35:28.589385986 CEST | 56467 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 12:35:33.594841957 CEST | 33460 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 12:35:38.598064899 CEST | 58198 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 12:35:43.603347063 CEST | 43490 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 12:35:50.937335014 CEST | 36541 | 53 | 192.168.2.13 | 8.8.8.8 |
Apr 24, 2024 12:35:51.109081984 CEST | 53 | 36541 | 8.8.8.8 | 192.168.2.13 |
Apr 24, 2024 12:35:51.109307051 CEST | 57053 | 53 | 192.168.2.13 | 8.8.8.8 |
Apr 24, 2024 12:35:51.279011011 CEST | 53 | 57053 | 8.8.8.8 | 192.168.2.13 |
Apr 24, 2024 12:35:51.279153109 CEST | 57011 | 53 | 192.168.2.13 | 8.8.8.8 |
Apr 24, 2024 12:35:51.449029922 CEST | 53 | 57011 | 8.8.8.8 | 192.168.2.13 |
Apr 24, 2024 12:35:51.449291945 CEST | 35056 | 53 | 192.168.2.13 | 8.8.8.8 |
Apr 24, 2024 12:35:51.619117975 CEST | 53 | 35056 | 8.8.8.8 | 192.168.2.13 |
Apr 24, 2024 12:35:51.619280100 CEST | 48235 | 53 | 192.168.2.13 | 8.8.8.8 |
Apr 24, 2024 12:35:51.788897038 CEST | 53 | 48235 | 8.8.8.8 | 192.168.2.13 |
Apr 24, 2024 12:35:54.116475105 CEST | 44704 | 53 | 192.168.2.13 | 1.0.0.1 |
Apr 24, 2024 12:35:54.335184097 CEST | 53 | 44704 | 1.0.0.1 | 192.168.2.13 |
Apr 24, 2024 12:35:54.335381985 CEST | 45059 | 53 | 192.168.2.13 | 1.0.0.1 |
Apr 24, 2024 12:35:54.489109993 CEST | 53 | 45059 | 1.0.0.1 | 192.168.2.13 |
Apr 24, 2024 12:35:54.489298105 CEST | 42755 | 53 | 192.168.2.13 | 1.0.0.1 |
Apr 24, 2024 12:35:54.643241882 CEST | 53 | 42755 | 1.0.0.1 | 192.168.2.13 |
Apr 24, 2024 12:35:54.643445015 CEST | 54499 | 53 | 192.168.2.13 | 1.0.0.1 |
Apr 24, 2024 12:35:54.797982931 CEST | 53 | 54499 | 1.0.0.1 | 192.168.2.13 |
Apr 24, 2024 12:35:54.798171997 CEST | 58109 | 53 | 192.168.2.13 | 1.0.0.1 |
Apr 24, 2024 12:35:54.952725887 CEST | 53 | 58109 | 1.0.0.1 | 192.168.2.13 |
Apr 24, 2024 12:35:57.280587912 CEST | 37899 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:35:57.599709988 CEST | 53 | 37899 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:35:57.600018978 CEST | 34502 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:35:57.911170006 CEST | 53 | 34502 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:35:57.911398888 CEST | 54668 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:35:58.218224049 CEST | 53 | 54668 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:35:58.218625069 CEST | 36010 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:35:58.532439947 CEST | 53 | 36010 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:35:58.532774925 CEST | 56452 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:35:58.841478109 CEST | 53 | 56452 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:36:01.169682026 CEST | 45728 | 53 | 192.168.2.13 | 8.8.8.8 |
Apr 24, 2024 12:36:01.340322018 CEST | 53 | 45728 | 8.8.8.8 | 192.168.2.13 |
Apr 24, 2024 12:36:01.340647936 CEST | 37011 | 53 | 192.168.2.13 | 8.8.8.8 |
Apr 24, 2024 12:36:01.509948015 CEST | 53 | 37011 | 8.8.8.8 | 192.168.2.13 |
Apr 24, 2024 12:36:01.510245085 CEST | 40956 | 53 | 192.168.2.13 | 8.8.8.8 |
Apr 24, 2024 12:36:01.679730892 CEST | 53 | 40956 | 8.8.8.8 | 192.168.2.13 |
Apr 24, 2024 12:36:01.680042982 CEST | 38468 | 53 | 192.168.2.13 | 8.8.8.8 |
Apr 24, 2024 12:36:01.851156950 CEST | 53 | 38468 | 8.8.8.8 | 192.168.2.13 |
Apr 24, 2024 12:36:01.851454973 CEST | 45617 | 53 | 192.168.2.13 | 8.8.8.8 |
Apr 24, 2024 12:36:02.020677090 CEST | 53 | 45617 | 8.8.8.8 | 192.168.2.13 |
Apr 24, 2024 12:36:04.349106073 CEST | 44991 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 12:36:09.349927902 CEST | 42495 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 12:36:14.355161905 CEST | 45295 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 12:36:19.360415936 CEST | 47935 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 12:36:24.362019062 CEST | 45123 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 24, 2024 12:36:31.694760084 CEST | 48282 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:36:31.999504089 CEST | 53 | 48282 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:36:31.999748945 CEST | 33745 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:36:32.303766012 CEST | 53 | 33745 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:36:32.304054022 CEST | 57657 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:36:32.607088089 CEST | 53 | 57657 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:36:32.607470036 CEST | 56738 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:36:32.909149885 CEST | 53 | 56738 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:36:32.909552097 CEST | 33451 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:36:33.221880913 CEST | 53 | 33451 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:36:35.550287008 CEST | 55070 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:36:35.853543043 CEST | 53 | 55070 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:36:35.853949070 CEST | 48014 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:36:36.164977074 CEST | 53 | 48014 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:36:36.165235996 CEST | 51416 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:36:36.471419096 CEST | 53 | 51416 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:36:36.471714973 CEST | 42847 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:36:36.775018930 CEST | 53 | 42847 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:36:36.775332928 CEST | 41373 | 53 | 192.168.2.13 | 178.254.22.166 |
Apr 24, 2024 12:36:37.083791018 CEST | 53 | 41373 | 178.254.22.166 | 192.168.2.13 |
Apr 24, 2024 12:36:39.413196087 CEST | 49625 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 12:36:39.720490932 CEST | 53 | 49625 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 12:36:39.720774889 CEST | 51906 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 12:36:40.023600101 CEST | 53 | 51906 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 12:36:40.023859024 CEST | 34870 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 12:36:40.328062057 CEST | 53 | 34870 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 12:36:40.328388929 CEST | 37198 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 12:36:40.635768890 CEST | 53 | 37198 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 12:36:40.636130095 CEST | 42461 | 53 | 192.168.2.13 | 51.254.162.59 |
Apr 24, 2024 12:36:40.938402891 CEST | 53 | 42461 | 51.254.162.59 | 192.168.2.13 |
Apr 24, 2024 12:36:44.285648108 CEST | 54920 | 53 | 192.168.2.13 | 51.158.108.203 |
Apr 24, 2024 12:36:44.575817108 CEST | 53 | 54920 | 51.158.108.203 | 192.168.2.13 |
Apr 24, 2024 12:36:44.576180935 CEST | 57877 | 53 | 192.168.2.13 | 51.158.108.203 |
Apr 24, 2024 12:36:44.866288900 CEST | 53 | 57877 | 51.158.108.203 | 192.168.2.13 |
Apr 24, 2024 12:36:44.866543055 CEST | 58712 | 53 | 192.168.2.13 | 51.158.108.203 |
Apr 24, 2024 12:36:45.157073021 CEST | 53 | 58712 | 51.158.108.203 | 192.168.2.13 |
Apr 24, 2024 12:36:45.157468081 CEST | 33163 | 53 | 192.168.2.13 | 51.158.108.203 |
Apr 24, 2024 12:36:45.447946072 CEST | 53 | 33163 | 51.158.108.203 | 192.168.2.13 |
Apr 24, 2024 12:36:45.448251009 CEST | 49450 | 53 | 192.168.2.13 | 51.158.108.203 |
Apr 24, 2024 12:36:45.738585949 CEST | 53 | 49450 | 51.158.108.203 | 192.168.2.13 |
Apr 24, 2024 12:36:48.066925049 CEST | 46829 | 53 | 192.168.2.13 | 185.181.61.24 |
Apr 24, 2024 12:36:48.383956909 CEST | 53 | 46829 | 185.181.61.24 | 192.168.2.13 |
Apr 24, 2024 12:36:48.384319067 CEST | 35149 | 53 | 192.168.2.13 | 185.181.61.24 |
Apr 24, 2024 12:36:48.702682018 CEST | 53 | 35149 | 185.181.61.24 | 192.168.2.13 |
Apr 24, 2024 12:36:48.703048944 CEST | 44838 | 53 | 192.168.2.13 | 185.181.61.24 |
Apr 24, 2024 12:36:49.019984007 CEST | 53 | 44838 | 185.181.61.24 | 192.168.2.13 |
Apr 24, 2024 12:36:49.020494938 CEST | 33027 | 53 | 192.168.2.13 | 185.181.61.24 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Apr 24, 2024 12:34:28.436666012 CEST | 192.168.2.13 | 192.168.2.1 | 8279 | (Port unreachable) | Destination Unreachable |
Apr 24, 2024 12:35:48.451652050 CEST | 192.168.2.13 | 192.168.2.1 | 8279 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 24, 2024 12:34:20.749727011 CEST | 192.168.2.13 | 134.195.4.2 | 0xa10 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:21.031465054 CEST | 192.168.2.13 | 134.195.4.2 | 0xa10 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:21.203917980 CEST | 192.168.2.13 | 134.195.4.2 | 0xa10 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:21.377872944 CEST | 192.168.2.13 | 134.195.4.2 | 0xa10 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:21.550260067 CEST | 192.168.2.13 | 134.195.4.2 | 0xa10 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:25.053827047 CEST | 192.168.2.13 | 195.10.195.195 | 0x3f96 | Standard query (0) | 31168 | 43010 | false | |
Apr 24, 2024 12:34:25.352930069 CEST | 192.168.2.13 | 195.10.195.195 | 0x3f96 | Standard query (0) | 12736 | 43010 | false | |
Apr 24, 2024 12:34:25.651911020 CEST | 192.168.2.13 | 195.10.195.195 | 0x3f96 | Standard query (0) | 3520 | 43010 | false | |
Apr 24, 2024 12:34:25.951340914 CEST | 192.168.2.13 | 195.10.195.195 | 0x3f96 | Standard query (0) | 53952 | 43010 | false | |
Apr 24, 2024 12:34:26.250869989 CEST | 192.168.2.13 | 195.10.195.195 | 0x3f96 | Standard query (0) | 55744 | 43010 | false | |
Apr 24, 2024 12:34:28.879648924 CEST | 192.168.2.13 | 91.217.137.37 | 0xfb35 | Standard query (0) | 16401 | 4189 | false | |
Apr 24, 2024 12:34:33.884917974 CEST | 192.168.2.13 | 91.217.137.37 | 0xfb35 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:34:38.890202045 CEST | 192.168.2.13 | 91.217.137.37 | 0xfb35 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:34:43.895443916 CEST | 192.168.2.13 | 91.217.137.37 | 0xfb35 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:34:48.900679111 CEST | 192.168.2.13 | 91.217.137.37 | 0xfb35 | Standard query (0) | 12032 | 20566 | false | |
Apr 24, 2024 12:34:56.233582020 CEST | 192.168.2.13 | 1.0.0.1 | 0xec0c | Standard query (0) | 16401 | 9668 | false | |
Apr 24, 2024 12:35:01.238744020 CEST | 192.168.2.13 | 1.0.0.1 | 0xec0c | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:35:06.243990898 CEST | 192.168.2.13 | 1.0.0.1 | 0xec0c | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:35:11.245857000 CEST | 192.168.2.13 | 1.0.0.1 | 0xec0c | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:35:16.251039982 CEST | 192.168.2.13 | 1.0.0.1 | 0xec0c | Standard query (0) | 12032 | 20566 | false | |
Apr 24, 2024 12:35:23.584141970 CEST | 192.168.2.13 | 1.1.1.1 | 0x83a9 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:35:28.589385986 CEST | 192.168.2.13 | 1.1.1.1 | 0x83a9 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:35:33.594841957 CEST | 192.168.2.13 | 1.1.1.1 | 0x83a9 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:35:38.598064899 CEST | 192.168.2.13 | 1.1.1.1 | 0x83a9 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:35:43.603347063 CEST | 192.168.2.13 | 1.1.1.1 | 0x83a9 | Standard query (0) | 44814 | 26880 | false | |
Apr 24, 2024 12:35:50.937335014 CEST | 192.168.2.13 | 8.8.8.8 | 0xd7de | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:51.109307051 CEST | 192.168.2.13 | 8.8.8.8 | 0xd7de | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:51.279153109 CEST | 192.168.2.13 | 8.8.8.8 | 0xd7de | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:51.449291945 CEST | 192.168.2.13 | 8.8.8.8 | 0xd7de | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:51.619280100 CEST | 192.168.2.13 | 8.8.8.8 | 0xd7de | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:54.116475105 CEST | 192.168.2.13 | 1.0.0.1 | 0xd0a1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:54.335381985 CEST | 192.168.2.13 | 1.0.0.1 | 0xd0a1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:54.489298105 CEST | 192.168.2.13 | 1.0.0.1 | 0xd0a1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:54.643445015 CEST | 192.168.2.13 | 1.0.0.1 | 0xd0a1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:54.798171997 CEST | 192.168.2.13 | 1.0.0.1 | 0xd0a1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:57.280587912 CEST | 192.168.2.13 | 178.254.22.166 | 0x8db1 | Standard query (0) | 18112 | 43010 | false | |
Apr 24, 2024 12:35:57.600018978 CEST | 192.168.2.13 | 178.254.22.166 | 0x8db1 | Standard query (0) | 15552 | 43010 | false | |
Apr 24, 2024 12:35:57.911398888 CEST | 192.168.2.13 | 178.254.22.166 | 0x8db1 | Standard query (0) | 448 | 43010 | false | |
Apr 24, 2024 12:35:58.218625069 CEST | 192.168.2.13 | 178.254.22.166 | 0x8db1 | Standard query (0) | 55744 | 43010 | false | |
Apr 24, 2024 12:35:58.532774925 CEST | 192.168.2.13 | 178.254.22.166 | 0x8db1 | Standard query (0) | 74 | 2766 | false | |
Apr 24, 2024 12:36:01.169682026 CEST | 192.168.2.13 | 8.8.8.8 | 0xdda2 | Standard query (0) | 256 | 401 | false | |
Apr 24, 2024 12:36:01.340647936 CEST | 192.168.2.13 | 8.8.8.8 | 0xdda2 | Standard query (0) | 256 | 401 | false | |
Apr 24, 2024 12:36:01.510245085 CEST | 192.168.2.13 | 8.8.8.8 | 0xdda2 | Standard query (0) | 256 | 401 | false | |
Apr 24, 2024 12:36:01.680042982 CEST | 192.168.2.13 | 8.8.8.8 | 0xdda2 | Standard query (0) | 256 | 401 | false | |
Apr 24, 2024 12:36:01.851454973 CEST | 192.168.2.13 | 8.8.8.8 | 0xdda2 | Standard query (0) | 256 | 402 | false | |
Apr 24, 2024 12:36:04.349106073 CEST | 192.168.2.13 | 1.1.1.1 | 0x9071 | Standard query (0) | 256 | 409 | false | |
Apr 24, 2024 12:36:09.349927902 CEST | 192.168.2.13 | 1.1.1.1 | 0x9071 | Standard query (0) | 256 | 414 | false | |
Apr 24, 2024 12:36:14.355161905 CEST | 192.168.2.13 | 1.1.1.1 | 0x9071 | Standard query (0) | 256 | 419 | false | |
Apr 24, 2024 12:36:19.360415936 CEST | 192.168.2.13 | 1.1.1.1 | 0x9071 | Standard query (0) | 256 | 424 | false | |
Apr 24, 2024 12:36:24.362019062 CEST | 192.168.2.13 | 1.1.1.1 | 0x9071 | Standard query (0) | 256 | 429 | false | |
Apr 24, 2024 12:36:31.694760084 CEST | 192.168.2.13 | 178.254.22.166 | 0x2fbc | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:36:31.999748945 CEST | 192.168.2.13 | 178.254.22.166 | 0x2fbc | Standard query (0) | 16175 | 48257 | false | |
Apr 24, 2024 12:36:32.304054022 CEST | 192.168.2.13 | 178.254.22.166 | 0x2fbc | Standard query (0) | 16384 | 16401 | false | |
Apr 24, 2024 12:36:32.607470036 CEST | 192.168.2.13 | 178.254.22.166 | 0x2fbc | Standard query (0) | 16384 | 16401 | false | |
Apr 24, 2024 12:36:32.909552097 CEST | 192.168.2.13 | 178.254.22.166 | 0x2fbc | Standard query (0) | 40962 | 64240 | false | |
Apr 24, 2024 12:36:35.550287008 CEST | 192.168.2.13 | 178.254.22.166 | 0xdc66 | Standard query (0) | 59072 | 43010 | false | |
Apr 24, 2024 12:36:35.853949070 CEST | 192.168.2.13 | 178.254.22.166 | 0xdc66 | Standard query (0) | 51648 | 43010 | false | |
Apr 24, 2024 12:36:36.165235996 CEST | 192.168.2.13 | 178.254.22.166 | 0xdc66 | Standard query (0) | 45248 | 43010 | false | |
Apr 24, 2024 12:36:36.471714973 CEST | 192.168.2.13 | 178.254.22.166 | 0xdc66 | Standard query (0) | 41664 | 43010 | false | |
Apr 24, 2024 12:36:36.775332928 CEST | 192.168.2.13 | 178.254.22.166 | 0xdc66 | Standard query (0) | 17856 | 43010 | false | |
Apr 24, 2024 12:36:39.413196087 CEST | 192.168.2.13 | 51.254.162.59 | 0x61c1 | Standard query (0) | 34752 | 43010 | false | |
Apr 24, 2024 12:36:39.720774889 CEST | 192.168.2.13 | 51.254.162.59 | 0x61c1 | Standard query (0) | 22720 | 43010 | false | |
Apr 24, 2024 12:36:40.023859024 CEST | 192.168.2.13 | 51.254.162.59 | 0x61c1 | Standard query (0) | 21952 | 43010 | false | |
Apr 24, 2024 12:36:40.328388929 CEST | 192.168.2.13 | 51.254.162.59 | 0x61c1 | Standard query (0) | 11968 | 43010 | false | |
Apr 24, 2024 12:36:40.636130095 CEST | 192.168.2.13 | 51.254.162.59 | 0x61c1 | Standard query (0) | 14336 | 0 | false | |
Apr 24, 2024 12:36:44.285648108 CEST | 192.168.2.13 | 51.158.108.203 | 0x976a | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:36:44.576180935 CEST | 192.168.2.13 | 51.158.108.203 | 0x976a | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:36:44.866543055 CEST | 192.168.2.13 | 51.158.108.203 | 0x976a | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:36:45.157468081 CEST | 192.168.2.13 | 51.158.108.203 | 0x976a | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:36:45.448251009 CEST | 192.168.2.13 | 51.158.108.203 | 0x976a | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:36:48.066925049 CEST | 192.168.2.13 | 185.181.61.24 | 0x4c05 | Standard query (0) | 2496 | 43010 | false | |
Apr 24, 2024 12:36:48.384319067 CEST | 192.168.2.13 | 185.181.61.24 | 0x4c05 | Standard query (0) | 48576 | 43010 | false | |
Apr 24, 2024 12:36:48.703048944 CEST | 192.168.2.13 | 185.181.61.24 | 0x4c05 | Standard query (0) | 43200 | 43010 | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 24, 2024 12:34:20.921669960 CEST | 134.195.4.2 | 192.168.2.13 | 0xa10 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:21.203629017 CEST | 134.195.4.2 | 192.168.2.13 | 0xa10 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:21.377615929 CEST | 134.195.4.2 | 192.168.2.13 | 0xa10 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:21.550031900 CEST | 134.195.4.2 | 192.168.2.13 | 0xa10 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:21.722579002 CEST | 134.195.4.2 | 192.168.2.13 | 0xa10 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:51.109081984 CEST | 8.8.8.8 | 192.168.2.13 | 0xd7de | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:51.279011011 CEST | 8.8.8.8 | 192.168.2.13 | 0xd7de | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:51.449029922 CEST | 8.8.8.8 | 192.168.2.13 | 0xd7de | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:51.619117975 CEST | 8.8.8.8 | 192.168.2.13 | 0xd7de | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:51.788897038 CEST | 8.8.8.8 | 192.168.2.13 | 0xd7de | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:54.335184097 CEST | 1.0.0.1 | 192.168.2.13 | 0xd0a1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:54.489109993 CEST | 1.0.0.1 | 192.168.2.13 | 0xd0a1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:54.643241882 CEST | 1.0.0.1 | 192.168.2.13 | 0xd0a1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:54.797982931 CEST | 1.0.0.1 | 192.168.2.13 | 0xd0a1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:35:54.952725887 CEST | 1.0.0.1 | 192.168.2.13 | 0xd0a1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:36:44.575817108 CEST | 51.158.108.203 | 192.168.2.13 | 0x976a | Format error (1) | none | none | 62651 | 25006 | false | |
Apr 24, 2024 12:36:44.866288900 CEST | 51.158.108.203 | 192.168.2.13 | 0x976a | Format error (1) | none | none | 62651 | 25006 | false | |
Apr 24, 2024 12:36:45.157073021 CEST | 51.158.108.203 | 192.168.2.13 | 0x976a | Format error (1) | none | none | 62651 | 25006 | false | |
Apr 24, 2024 12:36:45.447946072 CEST | 51.158.108.203 | 192.168.2.13 | 0x976a | Format error (1) | none | none | 62651 | 25006 | false | |
Apr 24, 2024 12:36:45.738585949 CEST | 51.158.108.203 | 192.168.2.13 | 0x976a | Format error (1) | none | none | 12032 | 20566 | false |
System Behavior
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/2V7qaSy0Jl.elf |
Arguments: | /tmp/2V7qaSy0Jl.elf |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/2V7qaSy0Jl.elf |
Arguments: | - |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/2V7qaSy0Jl.elf |
Arguments: | - |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/2V7qaSy0Jl.elf |
Arguments: | - |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/2V7qaSy0Jl.elf |
Arguments: | - |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/2V7qaSy0Jl.elf |
Arguments: | - |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/journalctl |
Arguments: | /usr/bin/journalctl --smart-relinquish-var |
File size: | 80120 bytes |
MD5 hash: | bf3a987344f3bacafc44efd882abda8b |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:20 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:34:21 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:21 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:34:21 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 10:34:21 |
Start date (UTC): | 24/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:21 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 10:34:21 |
Start date (UTC): | 24/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:21 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:21 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:34:21 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 10:34:21 |
Start date (UTC): | 24/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:21 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:21 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:34:22 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:22 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/gpu-manager |
Arguments: | /usr/bin/gpu-manager --log /var/log/gpu-manager.log |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
Start time (UTC): | 10:34:22 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:22 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | /usr/share/gdm/generate-config |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:22 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:22 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/pkill |
Arguments: | pkill --signal HUP --uid gdm dconf-service |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
Start time (UTC): | 10:34:23 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:23 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/gpu-manager |
Arguments: | /usr/bin/gpu-manager --log /var/log/gpu-manager.log |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
Start time (UTC): | 10:34:23 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:23 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | /usr/share/gdm/generate-config |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:23 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:23 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/pkill |
Arguments: | pkill --signal HUP --uid gdm dconf-service |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
Start time (UTC): | 10:34:25 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:25 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/gpu-manager |
Arguments: | /usr/bin/gpu-manager --log /var/log/gpu-manager.log |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
Start time (UTC): | 10:34:25 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:25 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | /usr/share/gdm/generate-config |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:25 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:25 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/pkill |
Arguments: | pkill --signal HUP --uid gdm dconf-service |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
Start time (UTC): | 10:34:26 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:26 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/gpu-manager |
Arguments: | /usr/bin/gpu-manager --log /var/log/gpu-manager.log |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
Start time (UTC): | 10:34:26 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/gpu-manager |
Arguments: | - |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
Start time (UTC): | 10:34:26 |
Start date (UTC): | 24/04/2024 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:26 |
Start date (UTC): | 24/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:26 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
Start time (UTC): | 10:34:26 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:26 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | /usr/share/gdm/generate-config |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:26 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:26 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/pkill |
Arguments: | pkill --signal HUP --uid gdm dconf-service |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
Start time (UTC): | 10:34:27 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:27 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/gpu-manager |
Arguments: | /usr/bin/gpu-manager --log /var/log/gpu-manager.log |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
Start time (UTC): | 10:34:27 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:27 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | /usr/share/gdm/generate-config |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:27 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/share/gdm/generate-config |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:27 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/pkill |
Arguments: | pkill --signal HUP --uid gdm dconf-service |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
Start time (UTC): | 10:34:28 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:28 |
Start date (UTC): | 24/04/2024 |
Path: | /bin/plymouth |
Arguments: | /bin/plymouth quit |
File size: | 51352 bytes |
MD5 hash: | 87003efd8dad470042f5e75360a8f49f |
Start time (UTC): | 10:35:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:35:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:35:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:35:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/pulseaudio |
Arguments: | /usr/bin/pulseaudio --daemonize=no --log-target=journal |
File size: | 100832 bytes |
MD5 hash: | 0c3b4c789d8ffb12b25507f27e14c186 |