Edit tour
Linux
Analysis Report
kaq4CUrP8v.elf
Overview
General Information
Sample name: | kaq4CUrP8v.elfrenamed because original name is a hash value |
Original sample name: | 99e965ba249f75003c25403014017cd2.elf |
Analysis ID: | 1430970 |
MD5: | 99e965ba249f75003c25403014017cd2 |
SHA1: | f286beb29e8eeb29ac8b55e8e283b300d56b39ea |
SHA256: | ef72171c7a5fe2769ae66b2e623d7b47692199a516653d157008e9854d7f38d2 |
Tags: | 32elfmirairenesas |
Infos: |
Detection
Score: | 64 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Multi AV Scanner detection for submitted file
Queries the IP of a very long domain name
Sample deletes itself
Sample reads /proc/mounts (often used for finding a writable filesystem)
Sample tries to kill multiple processes (SIGKILL)
Connects to many different domains
Detected TCP or UDP traffic on non-standard ports
Found strings indicative of a multi-platform dropper
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable
Sample has stripped symbol table
Sample listens on a socket
Sample tries to kill a process (SIGKILL)
Uses the "uname" system call to query kernel version information (possible evasion)
Classification
Analysis Advice
Static ELF header machine description suggests that the sample might not execute correctly on this machine. |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1430970 |
Start date and time: | 2024-04-24 12:38:02 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 7s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | kaq4CUrP8v.elfrenamed because original name is a hash value |
Original Sample Name: | 99e965ba249f75003c25403014017cd2.elf |
Detection: | MAL |
Classification: | mal64.spre.troj.evad.linELF@0/0@56/0 |
- Connection to analysis system has been lost, crash info: Unknown
- VT rate limit hit for: kz.adolfhitler.su.=(fS66a0PV!E((/35X+=(fJJPV!a0E<h@@
- VT rate limit hit for: kz.adolfhitler.su.=(fc66a0PV!E((/45+=(fYdNNPV!a0E@d@@
- VT rate limit hit for: kz.adolfhitler.su.(f(66a0PV!E((]&Q5-(f)NNPV!a0E@@@
- VT rate limit hit for: sex.secure-cyber-security.(fVVa0PV!EHH/|$W5{4sexsecure-cyber-securitys(f.VPV!a0EHS@@ $W"54p&sexsecure-cyber-securit.s(fnVVa0PV!EHH/2$W5"4$sexsecure-cyber-securitys(fpoVV
- VT rate limit hit for: siegheil.hiter.su.(f66a0PV!EH(.pH5.(fNNPV!a0E@@@
Command: | /tmp/kaq4CUrP8v.elf |
PID: | 5487 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | black botnet voodoo |
Standard Error: |
- system is lnxubuntu20
- kaq4CUrP8v.elf New Fork (PID: 5489, Parent: 5487)
- kaq4CUrP8v.elf New Fork (PID: 5491, Parent: 5489)
- kaq4CUrP8v.elf New Fork (PID: 5493, Parent: 5489)
- kaq4CUrP8v.elf New Fork (PID: 5494, Parent: 5489)
- kaq4CUrP8v.elf New Fork (PID: 5496, Parent: 5489)
- systemd New Fork (PID: 5499, Parent: 1)
- systemd New Fork (PID: 5520, Parent: 1)
- gdm3 New Fork (PID: 5531, Parent: 1289)
- systemd New Fork (PID: 5533, Parent: 2955)
- gdm3 New Fork (PID: 5534, Parent: 1289)
- gvfsd-fuse New Fork (PID: 5535, Parent: 3147)
- systemd New Fork (PID: 5538, Parent: 1)
- systemd New Fork (PID: 5541, Parent: 1)
- systemd New Fork (PID: 5542, Parent: 1)
- gdm3 New Fork (PID: 5543, Parent: 1289)
- systemd New Fork (PID: 5547, Parent: 1)
- systemd New Fork (PID: 5548, Parent: 1)
- systemd New Fork (PID: 5549, Parent: 1)
- systemd New Fork (PID: 5550, Parent: 1)
- systemd New Fork (PID: 5551, Parent: 1)
- systemd New Fork (PID: 5552, Parent: 1)
- systemd New Fork (PID: 5553, Parent: 1)
- systemd New Fork (PID: 5554, Parent: 1)
- systemd New Fork (PID: 5555, Parent: 1)
- systemd New Fork (PID: 5556, Parent: 1)
- systemd New Fork (PID: 5557, Parent: 1)
- systemd New Fork (PID: 5561, Parent: 2955)
- cleanup
⊘No yara matches
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Source: | String: |
Networking |
---|
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
System Summary |
---|
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior |
Source: | String containing 'busybox' found: | ||
Source: | String containing 'busybox' found: |
Source: | .symtab present: |
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior |
Source: | Classification label: |
Persistence and Installation Behavior |
---|
Source: | File: | Jump to behavior |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | File: | Jump to behavior |
Source: | Queries kernel information via 'uname': | Jump to behavior | ||
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | Windows Management Instrumentation | 1 Scripting | Path Interception | 1 File Deletion | OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | 1 Service Stop |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | 1 File and Directory Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 11 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
⊘No configs have been found
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
15% | Virustotal | Browse | ||
29% | ReversingLabs | Linux.Trojan.Mirai |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
security.REBIRTH-NETWORK.SU | 212.70.149.10 | true | false | unknown | |
kz.adolfhitler.su.M(f<NNPV!a0E@O@@^r5,QkzadolfhitlersusR(fNN | unknown | unknown | true | unknown | |
siegheil.hiter.su.`(f->66a0PV!E((P35$;`(fw?NNPV!a0E@@@.P5,^siegheilhitersus`(f66a0PV!E((P35.`(fONNPV!a0E@@@m75,siegheilhitersus`(f66 | unknown | unknown | true | unknown | |
kz.adolfhitler.su.(fw66a0PV!EH(]8.Q5-(f\NNPV!a0E@@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.(fM66a0PV!EH(]k.Q5-(fONNPV!a0E@u@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.@(fk66a0PV!EH(btT5a#r@(flNNPV!a0E@@@ | unknown | unknown | true | unknown | |
siegheil.hiter.su.`(f66a0PV!E((P4p5cG`(fMNNPV!a0E@@@./&5,siegheilhitersus`(f"66a0PV!E((P3X5&.9`(f$JJPV!a0E<@@xF1sX|@.a(f | unknown | unknown | true | low | |
kz.adolfhitler.su.=(fs66a0PV!E((/i35T+=(fNNPV!a0E@d@@ | unknown | unknown | true | low | |
sex.secure-cyber-security.(frVVa0PV!EHH/$W54sexsecure-cyber-securitys(fo.VPV!a0EH@@$W%54)#sexsecure-cyber-securit.s(fVVa0PV!EHH!/$W5%4!sexsecure-cyber-securitys(fVV | unknown | unknown | true | low | |
kz.adolfhitler.su.W(f&NNPV!a0E@@@^r5,Qkzadolfhitlersus\(fJJ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.(f066a0PV!E((]E&Q5>2-(fNNPV!a0E@C@@ | unknown | unknown | true | unknown | |
siegheil.hiter.su.(fG66a0PV!EH(>px5.(f)JJPV!a0E<Q@@._FEZ3(f`66 | unknown | unknown | true | unknown | |
siegheil.hiter.su.(f66a0PV!EH(q5).(f0NNPV!a0E@@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.\(fJJPV!a0E<cZ@@VF[k](fp5JJPV.a0E<c[@@UF | unknown | unknown | true | unknown | |
siegheil.hiter.su.(fAJ66a0PV!EH(q5i.(fKNNPV!a0E@z@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.(fNNa0PV!EH@/E$W5,$Ckzadolfhitlersus(fZJJ | unknown | unknown | true | low | |
kz.adolfhitler.su.@(f66a0PV!EH(p'5G<@(fNNPV!a0E@@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.H(fnNNPV!a0E@@@/^r5,QkzadolfhitlersusM(f<NN | unknown | unknown | true | low | |
sex.secure-cyber-security.(f'VVa0PV!EHH1/$W54sexsecure-cyber-securitys(f(.JPV!a0E<F@@Fi3Y6<$ | unknown | unknown | true | low | |
siegheil.hiter.su.`(f"66a0PV!E((P3X5&f9`(f$JJPV!a0E<@@.F1sX|@a(fJJPV!a0E<@@xF1sT..H | unknown | unknown | true | unknown | |
kz.adolfhitler.su.A(fZ66a0PV!EH(:t925iDA(fn\JJPV!a0E<@@ | unknown | unknown | true | unknown | |
siegheil.hiter.su.`(f66a0PV!E((P35y`(fONNPV!a0E@@@.75,siegheilhitersus`(f66a0PV!E((P4p5.G`(fMNNPV!a0E@@@m/&5,siegheilhiter.us`(f"66a0PV!E((P3X5&f9`(f$JJPV!a0E<@.xF1sX|@a(fJJ | unknown | unknown | true | low | |
siegheil.hiter.su.`(f66a0PV!E((Pv35`(f#NNPV!a0E@@@.S$5,.siegheilhitersus`(f->66a0PV!E((P35$ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.@(f:66a0PV!EH(p5N)@(f;NNPV!a0E@z@@ | unknown | unknown | true | unknown | |
sex.secure-cyber-security.(fVVa0PV!EHH!/$W5%4!sexsecure-cyber-securitys(f.VPV!a0EH@@$W54Vsexsecure-cyber-securit.s(f'VVa0PV!EHH1/$W54sexsecure-cyber-securitys(f(JJ | unknown | unknown | true | low | |
sex.secure-cyber-security.(fnVVa0PV!EHH/2$W5"4$sexsecure-cyber-securitys(fpo.VPV!a0EHo@@$W54 sexsecure-cyber-securit.s(frVVa0PV!EHH/$W54sexsecure-cyber-securitys(foVV | unknown | unknown | true | low | |
kz.adolfhitler.su.(f`NNa0PV!EH@2/$W5,Ckzadolfhitlersus(fANN | unknown | unknown | true | low | |
security.rebirth-network.su | unknown | unknown | true | unknown | |
kz.adolfhitler.su.(f{66a0PV!EH(].Q5-(f`JJPV!a0E<[@@ | unknown | unknown | true | unknown | |
security.rebirth-network.su. | unknown | unknown | true | unknown | |
kz.adolfhitler.su.(f&CNNa0PV!EH@/$W5z,iCkzadolfhitlersus(fODNN | unknown | unknown | true | low | |
siegheil.hiter.su.(fw66a0PV!EH(Uq!5*.(fyNNPV!a0E@@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.=(fS66a0PV!E((/J45}%+=(f[NNPV!a0E@d@@ | unknown | unknown | true | low | |
kz.adolfhitler.su.(f2NNa0PV!EH@S/$W5I,Ckzadolfhitlersus(f;3NN | unknown | unknown | true | low | |
kz.adolfhitler.su.(fNNa0PV!EH@v/$W5~,eCkzadolfhitlersus(fNN | unknown | unknown | true | low | |
kz.adolfhitler.su.R(fNNPV!a0E@@@^r|5,QkzadolfhitlersusW(f&NN | unknown | unknown | true | unknown | |
kz.adolfhitler.su.@(f066a0PV!EH(q56@(f#NNPV!a0E@@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.=(f<F66a0PV!E((/n359+=(fFNNPV!a0E@d@@ | unknown | unknown | true | low | |
sex.secure-cyber-security | unknown | unknown | true | unknown | |
siegheil.hiter.su.(f66a0PV!EH(.pH5.(fNNPV!a0E@@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.(f(66a0PV!E((]&Q5-(f)NNPV!a0E@@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.=(fc66a0PV!E((/45+=(fYdNNPV!a0E@d@@ | unknown | unknown | true | low | |
sex.secure-cyber-security.(fVVa0PV!EHH/|$W5{4sexsecure-cyber-securitys(f.VPV!a0EHS@@ $W"54p&sexsecure-cyber-securit.s(fnVVa0PV!EHH/2$W5"4$sexsecure-cyber-securitys(fpoVV | unknown | unknown | true | low | |
kz.adolfhitler.su.=(fS66a0PV!E((/35X+=(fJJPV!a0E<h@@ | unknown | unknown | true | low |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
212.70.149.14 | unknown | Bulgaria | 208410 | INTERNET-HOSTINGBG | false | |
212.70.149.10 | security.REBIRTH-NETWORK.SU | Bulgaria | 208410 | INTERNET-HOSTINGBG | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
212.70.149.14 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
212.70.149.10 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
security.REBIRTH-NETWORK.SU | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
INTERNET-HOSTINGBG | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
INTERNET-HOSTINGBG | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 6.543292217895151 |
TrID: |
|
File name: | kaq4CUrP8v.elf |
File size: | 95'676 bytes |
MD5: | 99e965ba249f75003c25403014017cd2 |
SHA1: | f286beb29e8eeb29ac8b55e8e283b300d56b39ea |
SHA256: | ef72171c7a5fe2769ae66b2e623d7b47692199a516653d157008e9854d7f38d2 |
SHA512: | 77c3309ef0f52b7623b295e0da2b40fe345c409471978f1a1193d4bbf8b729b9d8a2b19d411105d1640bd989ba4a9dfadb789558600def309b5c2dc44f227cc6 |
SSDEEP: | 1536:NqlcQXUoQ58Na1huL6dYkfIOQPHXdH9bzSAb0cunr:NqtUfaa1VdYiIfPZ1a/ |
TLSH: | FD93AE21E4212CD1C83215F4B4B9C57883125EF101760CBBAEDEE95A18BB7DDB58EB6C |
File Content Preview: | .ELF..............*.......@.4...,t......4. ...(...............@...@.lr..lr..............Hs..HsB.HsB.................Q.td..............................././"O.n......#.*@........#.*@LA..&O.n.l..................................././.../.a"O.!...n...a.b("...q. |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 95276 |
Section Header Size: | 40 |
Number of Section Headers: | 10 |
Header String Table Index: | 9 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x400094 | 0x94 | 0x2e | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.text | PROGBITS | 0x4000e0 | 0xe0 | 0x14160 | 0x0 | 0x6 | AX | 0 | 0 | 32 |
.fini | PROGBITS | 0x414240 | 0x14240 | 0x22 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.rodata | PROGBITS | 0x414264 | 0x14264 | 0x3008 | 0x0 | 0x2 | A | 0 | 0 | 4 |
.ctors | PROGBITS | 0x427348 | 0x17348 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x427350 | 0x17350 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x42735c | 0x1735c | 0x90 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.bss | NOBITS | 0x4273ec | 0x173ec | 0x964c | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.shstrtab | STRTAB | 0x0 | 0x173ec | 0x3e | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x400000 | 0x400000 | 0x1726c | 0x1726c | 6.5657 | 0x5 | R E | 0x10000 | .init .text .fini .rodata | |
LOAD | 0x17348 | 0x427348 | 0x427348 | 0xa4 | 0x96f0 | 4.3752 | 0x6 | RW | 0x10000 | .ctors .dtors .data .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x7 | RWE | 0x4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 24, 2024 12:38:49.755964041 CEST | 54446 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:38:50.787281036 CEST | 54446 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:38:51.114788055 CEST | 35342 | 54446 | 212.70.149.14 | 192.168.2.14 |
Apr 24, 2024 12:38:53.976644039 CEST | 54448 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:38:54.303822994 CEST | 35342 | 54448 | 212.70.149.14 | 192.168.2.14 |
Apr 24, 2024 12:38:57.154733896 CEST | 54450 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:38:57.481554985 CEST | 35342 | 54450 | 212.70.149.14 | 192.168.2.14 |
Apr 24, 2024 12:39:24.507055998 CEST | 54452 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:39:25.537967920 CEST | 54452 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:39:25.865752935 CEST | 35342 | 54452 | 212.70.149.14 | 192.168.2.14 |
Apr 24, 2024 12:39:28.730288029 CEST | 54454 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:39:29.761806011 CEST | 54454 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:39:30.090126991 CEST | 35342 | 54454 | 212.70.149.14 | 192.168.2.14 |
Apr 24, 2024 12:39:57.116915941 CEST | 54456 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:39:57.446119070 CEST | 35342 | 54456 | 212.70.149.14 | 192.168.2.14 |
Apr 24, 2024 12:40:00.944758892 CEST | 54458 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:40:01.271105051 CEST | 35342 | 54458 | 212.70.149.14 | 192.168.2.14 |
Apr 24, 2024 12:40:04.796897888 CEST | 54460 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:40:05.125154018 CEST | 35342 | 54460 | 212.70.149.14 | 192.168.2.14 |
Apr 24, 2024 12:40:08.727904081 CEST | 54462 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:40:09.053875923 CEST | 35342 | 54462 | 212.70.149.14 | 192.168.2.14 |
Apr 24, 2024 12:40:12.587097883 CEST | 54464 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:40:12.914338112 CEST | 35342 | 54464 | 212.70.149.14 | 192.168.2.14 |
Apr 24, 2024 12:40:15.763176918 CEST | 54466 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:40:16.090121031 CEST | 35342 | 54466 | 212.70.149.14 | 192.168.2.14 |
Apr 24, 2024 12:40:18.408457994 CEST | 37486 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:40:18.734536886 CEST | 35342 | 37486 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:40:18.734987020 CEST | 37486 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:40:18.735940933 CEST | 37486 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:40:19.062999010 CEST | 35342 | 37486 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:40:19.063303947 CEST | 37486 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:40:19.390506029 CEST | 35342 | 37486 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:40:33.751101017 CEST | 37486 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:40:34.623291016 CEST | 37486 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:40:34.951339006 CEST | 35342 | 37486 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:40:35.940973043 CEST | 35342 | 37486 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:40:35.941095114 CEST | 37486 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:41:06.539750099 CEST | 35342 | 37486 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:41:06.540064096 CEST | 37486 | 35342 | 192.168.2.14 | 212.70.149.10 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 24, 2024 12:38:48.984549999 CEST | 41614 | 53 | 192.168.2.14 | 1.0.0.1 |
Apr 24, 2024 12:38:49.138201952 CEST | 53 | 41614 | 1.0.0.1 | 192.168.2.14 |
Apr 24, 2024 12:38:49.138437033 CEST | 55668 | 53 | 192.168.2.14 | 1.0.0.1 |
Apr 24, 2024 12:38:49.292596102 CEST | 53 | 55668 | 1.0.0.1 | 192.168.2.14 |
Apr 24, 2024 12:38:49.292855978 CEST | 45551 | 53 | 192.168.2.14 | 1.0.0.1 |
Apr 24, 2024 12:38:49.446845055 CEST | 53 | 45551 | 1.0.0.1 | 192.168.2.14 |
Apr 24, 2024 12:38:49.446990967 CEST | 56154 | 53 | 192.168.2.14 | 1.0.0.1 |
Apr 24, 2024 12:38:49.601027012 CEST | 53 | 56154 | 1.0.0.1 | 192.168.2.14 |
Apr 24, 2024 12:38:49.601229906 CEST | 55737 | 53 | 192.168.2.14 | 1.0.0.1 |
Apr 24, 2024 12:38:49.754904032 CEST | 53 | 55737 | 1.0.0.1 | 192.168.2.14 |
Apr 24, 2024 12:38:53.115556955 CEST | 43256 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:38:53.287628889 CEST | 53 | 43256 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:38:53.287832975 CEST | 49090 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:38:53.459858894 CEST | 53 | 49090 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:38:53.460123062 CEST | 39252 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:38:53.632179022 CEST | 53 | 39252 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:38:53.632327080 CEST | 36782 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:38:53.804411888 CEST | 53 | 36782 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:38:53.804529905 CEST | 47247 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:38:53.976466894 CEST | 53 | 47247 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:38:56.304152012 CEST | 45226 | 53 | 192.168.2.14 | 8.8.8.8 |
Apr 24, 2024 12:38:56.473851919 CEST | 53 | 45226 | 8.8.8.8 | 192.168.2.14 |
Apr 24, 2024 12:38:56.474034071 CEST | 49735 | 53 | 192.168.2.14 | 8.8.8.8 |
Apr 24, 2024 12:38:56.643589020 CEST | 53 | 49735 | 8.8.8.8 | 192.168.2.14 |
Apr 24, 2024 12:38:56.643809080 CEST | 56161 | 53 | 192.168.2.14 | 8.8.8.8 |
Apr 24, 2024 12:38:56.814028025 CEST | 53 | 56161 | 8.8.8.8 | 192.168.2.14 |
Apr 24, 2024 12:38:56.814217091 CEST | 59958 | 53 | 192.168.2.14 | 8.8.8.8 |
Apr 24, 2024 12:38:56.983599901 CEST | 53 | 59958 | 8.8.8.8 | 192.168.2.14 |
Apr 24, 2024 12:38:56.983843088 CEST | 38287 | 53 | 192.168.2.14 | 8.8.8.8 |
Apr 24, 2024 12:38:57.154318094 CEST | 53 | 38287 | 8.8.8.8 | 192.168.2.14 |
Apr 24, 2024 12:38:59.482048988 CEST | 35939 | 53 | 192.168.2.14 | 94.16.114.254 |
Apr 24, 2024 12:39:04.487103939 CEST | 55936 | 53 | 192.168.2.14 | 94.16.114.254 |
Apr 24, 2024 12:39:09.492091894 CEST | 50312 | 53 | 192.168.2.14 | 94.16.114.254 |
Apr 24, 2024 12:39:14.497055054 CEST | 54140 | 53 | 192.168.2.14 | 94.16.114.254 |
Apr 24, 2024 12:39:19.502053976 CEST | 53921 | 53 | 192.168.2.14 | 94.16.114.254 |
Apr 24, 2024 12:39:27.866818905 CEST | 32915 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:39:28.040093899 CEST | 53 | 32915 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:39:28.040482998 CEST | 35108 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:39:28.212524891 CEST | 53 | 35108 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:39:28.212855101 CEST | 40409 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:39:28.384960890 CEST | 53 | 40409 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:39:28.385359049 CEST | 46104 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:39:28.557528973 CEST | 53 | 46104 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:39:28.557900906 CEST | 45350 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:39:28.729793072 CEST | 53 | 45350 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:39:32.091033936 CEST | 53814 | 53 | 192.168.2.14 | 91.217.137.37 |
Apr 24, 2024 12:39:37.096245050 CEST | 35192 | 53 | 192.168.2.14 | 91.217.137.37 |
Apr 24, 2024 12:39:42.101457119 CEST | 49267 | 53 | 192.168.2.14 | 91.217.137.37 |
Apr 24, 2024 12:39:47.106514931 CEST | 44554 | 53 | 192.168.2.14 | 91.217.137.37 |
Apr 24, 2024 12:39:52.111684084 CEST | 53346 | 53 | 192.168.2.14 | 91.217.137.37 |
Apr 24, 2024 12:39:59.446666002 CEST | 51115 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 24, 2024 12:39:59.745687008 CEST | 53 | 51115 | 195.10.195.195 | 192.168.2.14 |
Apr 24, 2024 12:39:59.745985985 CEST | 51599 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 24, 2024 12:40:00.044981956 CEST | 53 | 51599 | 195.10.195.195 | 192.168.2.14 |
Apr 24, 2024 12:40:00.045558929 CEST | 41879 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 24, 2024 12:40:00.344731092 CEST | 53 | 41879 | 195.10.195.195 | 192.168.2.14 |
Apr 24, 2024 12:40:00.345139027 CEST | 34402 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 24, 2024 12:40:00.644591093 CEST | 53 | 34402 | 195.10.195.195 | 192.168.2.14 |
Apr 24, 2024 12:40:00.644841909 CEST | 54038 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 24, 2024 12:40:00.944396973 CEST | 53 | 54038 | 195.10.195.195 | 192.168.2.14 |
Apr 24, 2024 12:40:03.272160053 CEST | 47995 | 53 | 192.168.2.14 | 194.36.144.87 |
Apr 24, 2024 12:40:03.576263905 CEST | 53 | 47995 | 194.36.144.87 | 192.168.2.14 |
Apr 24, 2024 12:40:03.576472044 CEST | 37666 | 53 | 192.168.2.14 | 194.36.144.87 |
Apr 24, 2024 12:40:03.880276918 CEST | 53 | 37666 | 194.36.144.87 | 192.168.2.14 |
Apr 24, 2024 12:40:03.880496025 CEST | 57987 | 53 | 192.168.2.14 | 194.36.144.87 |
Apr 24, 2024 12:40:04.187505960 CEST | 53 | 57987 | 194.36.144.87 | 192.168.2.14 |
Apr 24, 2024 12:40:04.188014984 CEST | 55845 | 53 | 192.168.2.14 | 194.36.144.87 |
Apr 24, 2024 12:40:04.491950035 CEST | 53 | 55845 | 194.36.144.87 | 192.168.2.14 |
Apr 24, 2024 12:40:04.492552042 CEST | 44208 | 53 | 192.168.2.14 | 194.36.144.87 |
Apr 24, 2024 12:40:04.796556950 CEST | 53 | 44208 | 194.36.144.87 | 192.168.2.14 |
Apr 24, 2024 12:40:07.126244068 CEST | 44193 | 53 | 192.168.2.14 | 81.169.136.222 |
Apr 24, 2024 12:40:07.446326971 CEST | 53 | 44193 | 81.169.136.222 | 192.168.2.14 |
Apr 24, 2024 12:40:07.446811914 CEST | 43582 | 53 | 192.168.2.14 | 81.169.136.222 |
Apr 24, 2024 12:40:07.764719963 CEST | 53 | 43582 | 81.169.136.222 | 192.168.2.14 |
Apr 24, 2024 12:40:07.765147924 CEST | 49039 | 53 | 192.168.2.14 | 81.169.136.222 |
Apr 24, 2024 12:40:08.085499048 CEST | 53 | 49039 | 81.169.136.222 | 192.168.2.14 |
Apr 24, 2024 12:40:08.085781097 CEST | 59291 | 53 | 192.168.2.14 | 81.169.136.222 |
Apr 24, 2024 12:40:08.403485060 CEST | 53 | 59291 | 81.169.136.222 | 192.168.2.14 |
Apr 24, 2024 12:40:08.403729916 CEST | 48315 | 53 | 192.168.2.14 | 81.169.136.222 |
Apr 24, 2024 12:40:08.727674961 CEST | 53 | 48315 | 81.169.136.222 | 192.168.2.14 |
Apr 24, 2024 12:40:11.054430962 CEST | 41976 | 53 | 192.168.2.14 | 194.36.144.87 |
Apr 24, 2024 12:40:11.361311913 CEST | 53 | 41976 | 194.36.144.87 | 192.168.2.14 |
Apr 24, 2024 12:40:11.361536980 CEST | 48713 | 53 | 192.168.2.14 | 194.36.144.87 |
Apr 24, 2024 12:40:11.668180943 CEST | 53 | 48713 | 194.36.144.87 | 192.168.2.14 |
Apr 24, 2024 12:40:11.668474913 CEST | 44926 | 53 | 192.168.2.14 | 194.36.144.87 |
Apr 24, 2024 12:40:11.974991083 CEST | 53 | 44926 | 194.36.144.87 | 192.168.2.14 |
Apr 24, 2024 12:40:11.975344896 CEST | 41338 | 53 | 192.168.2.14 | 194.36.144.87 |
Apr 24, 2024 12:40:12.279334068 CEST | 53 | 41338 | 194.36.144.87 | 192.168.2.14 |
Apr 24, 2024 12:40:12.279630899 CEST | 51135 | 53 | 192.168.2.14 | 194.36.144.87 |
Apr 24, 2024 12:40:12.586766005 CEST | 53 | 51135 | 194.36.144.87 | 192.168.2.14 |
Apr 24, 2024 12:40:14.915014029 CEST | 43113 | 53 | 192.168.2.14 | 8.8.8.8 |
Apr 24, 2024 12:40:15.084544897 CEST | 53 | 43113 | 8.8.8.8 | 192.168.2.14 |
Apr 24, 2024 12:40:15.084762096 CEST | 46862 | 53 | 192.168.2.14 | 8.8.8.8 |
Apr 24, 2024 12:40:15.254237890 CEST | 53 | 46862 | 8.8.8.8 | 192.168.2.14 |
Apr 24, 2024 12:40:15.254477978 CEST | 48081 | 53 | 192.168.2.14 | 8.8.8.8 |
Apr 24, 2024 12:40:15.423865080 CEST | 53 | 48081 | 8.8.8.8 | 192.168.2.14 |
Apr 24, 2024 12:40:15.424205065 CEST | 38697 | 53 | 192.168.2.14 | 8.8.8.8 |
Apr 24, 2024 12:40:15.593327999 CEST | 53 | 38697 | 8.8.8.8 | 192.168.2.14 |
Apr 24, 2024 12:40:15.593712091 CEST | 57077 | 53 | 192.168.2.14 | 8.8.8.8 |
Apr 24, 2024 12:40:15.762950897 CEST | 53 | 57077 | 8.8.8.8 | 192.168.2.14 |
Apr 24, 2024 12:40:18.090603113 CEST | 41542 | 53 | 192.168.2.14 | 51.77.149.139 |
Apr 24, 2024 12:40:18.407042027 CEST | 53 | 41542 | 51.77.149.139 | 192.168.2.14 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Apr 24, 2024 12:38:57.707772017 CEST | 192.168.2.14 | 192.168.2.1 | 827a | (Port unreachable) | Destination Unreachable |
Apr 24, 2024 12:40:17.724065065 CEST | 192.168.2.14 | 192.168.2.1 | 827a | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 24, 2024 12:38:48.984549999 CEST | 192.168.2.14 | 1.0.0.1 | 0x7145 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:38:49.138437033 CEST | 192.168.2.14 | 1.0.0.1 | 0x7145 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:38:49.292855978 CEST | 192.168.2.14 | 1.0.0.1 | 0x7145 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:38:49.446990967 CEST | 192.168.2.14 | 1.0.0.1 | 0x7145 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:38:49.601229906 CEST | 192.168.2.14 | 1.0.0.1 | 0x7145 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:38:53.115556955 CEST | 192.168.2.14 | 134.195.4.2 | 0xf42b | Standard query (0) | 39872 | 43010 | false | |
Apr 24, 2024 12:38:53.287832975 CEST | 192.168.2.14 | 134.195.4.2 | 0xf42b | Standard query (0) | 34752 | 43010 | false | |
Apr 24, 2024 12:38:53.460123062 CEST | 192.168.2.14 | 134.195.4.2 | 0xf42b | Standard query (0) | 25280 | 43010 | false | |
Apr 24, 2024 12:38:53.632327080 CEST | 192.168.2.14 | 134.195.4.2 | 0xf42b | Standard query (0) | 25024 | 43010 | false | |
Apr 24, 2024 12:38:53.804529905 CEST | 192.168.2.14 | 134.195.4.2 | 0xf42b | Standard query (0) | 18624 | 43010 | false | |
Apr 24, 2024 12:38:56.304152012 CEST | 192.168.2.14 | 8.8.8.8 | 0xacf5 | Standard query (0) | 27840 | 43010 | false | |
Apr 24, 2024 12:38:56.474034071 CEST | 192.168.2.14 | 8.8.8.8 | 0xacf5 | Standard query (0) | 24000 | 43010 | false | |
Apr 24, 2024 12:38:56.643809080 CEST | 192.168.2.14 | 8.8.8.8 | 0xacf5 | Standard query (0) | 21696 | 43010 | false | |
Apr 24, 2024 12:38:56.814217091 CEST | 192.168.2.14 | 8.8.8.8 | 0xacf5 | Standard query (0) | 10688 | 43010 | false | |
Apr 24, 2024 12:38:56.983843088 CEST | 192.168.2.14 | 8.8.8.8 | 0xacf5 | Standard query (0) | 11200 | 43010 | false | |
Apr 24, 2024 12:38:59.482048988 CEST | 192.168.2.14 | 94.16.114.254 | 0xbe51 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:39:04.487103939 CEST | 192.168.2.14 | 94.16.114.254 | 0xbe51 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:39:09.492091894 CEST | 192.168.2.14 | 94.16.114.254 | 0xbe51 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:39:14.497055054 CEST | 192.168.2.14 | 94.16.114.254 | 0xbe51 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:39:19.502053976 CEST | 192.168.2.14 | 94.16.114.254 | 0xbe51 | Standard query (0) | 5268 | 64000 | false | |
Apr 24, 2024 12:39:27.866818905 CEST | 192.168.2.14 | 134.195.4.2 | 0x19b4 | Standard query (0) | 15129 | 46209 | false | |
Apr 24, 2024 12:39:28.040482998 CEST | 192.168.2.14 | 134.195.4.2 | 0x19b4 | Standard query (0) | 236 | 62651 | false | |
Apr 24, 2024 12:39:28.212855101 CEST | 192.168.2.14 | 134.195.4.2 | 0x19b4 | Standard query (0) | 0 | 80 | false | |
Apr 24, 2024 12:39:28.385359049 CEST | 192.168.2.14 | 134.195.4.2 | 0x19b4 | Standard query (0) | 18944 | 0 | false | |
Apr 24, 2024 12:39:28.557900906 CEST | 192.168.2.14 | 134.195.4.2 | 0x19b4 | Standard query (0) | 259 | 775 | false | |
Apr 24, 2024 12:39:32.091033936 CEST | 192.168.2.14 | 91.217.137.37 | 0x63a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:39:37.096245050 CEST | 192.168.2.14 | 91.217.137.37 | 0x63a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:39:42.101457119 CEST | 192.168.2.14 | 91.217.137.37 | 0x63a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:39:47.106514931 CEST | 192.168.2.14 | 91.217.137.37 | 0x63a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:39:52.111684084 CEST | 192.168.2.14 | 91.217.137.37 | 0x63a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:39:59.446666002 CEST | 192.168.2.14 | 195.10.195.195 | 0x7ddd | Standard query (0) | 256 | 383 | false | |
Apr 24, 2024 12:39:59.745985985 CEST | 192.168.2.14 | 195.10.195.195 | 0x7ddd | Standard query (0) | 256 | 384 | false | |
Apr 24, 2024 12:40:00.045558929 CEST | 192.168.2.14 | 195.10.195.195 | 0x7ddd | Standard query (0) | 256 | 384 | false | |
Apr 24, 2024 12:40:00.345139027 CEST | 192.168.2.14 | 195.10.195.195 | 0x7ddd | Standard query (0) | 256 | 384 | false | |
Apr 24, 2024 12:40:00.644841909 CEST | 192.168.2.14 | 195.10.195.195 | 0x7ddd | Standard query (0) | 256 | 384 | false | |
Apr 24, 2024 12:40:03.272160053 CEST | 192.168.2.14 | 194.36.144.87 | 0xbea6 | Standard query (0) | 0 | 80 | false | |
Apr 24, 2024 12:40:03.576472044 CEST | 192.168.2.14 | 194.36.144.87 | 0xbea6 | Standard query (0) | 0 | 80 | false | |
Apr 24, 2024 12:40:03.880496025 CEST | 192.168.2.14 | 194.36.144.87 | 0xbea6 | Standard query (0) | 0 | 80 | false | |
Apr 24, 2024 12:40:04.188014984 CEST | 192.168.2.14 | 194.36.144.87 | 0xbea6 | Standard query (0) | 0 | 80 | false | |
Apr 24, 2024 12:40:04.492552042 CEST | 192.168.2.14 | 194.36.144.87 | 0xbea6 | Standard query (0) | 0 | 259 | false | |
Apr 24, 2024 12:40:07.126244068 CEST | 192.168.2.14 | 81.169.136.222 | 0x2de1 | Standard query (0) | 27072 | 43010 | false | |
Apr 24, 2024 12:40:07.446811914 CEST | 192.168.2.14 | 81.169.136.222 | 0x2de1 | Standard query (0) | 11200 | 43010 | false | |
Apr 24, 2024 12:40:07.765147924 CEST | 192.168.2.14 | 81.169.136.222 | 0x2de1 | Standard query (0) | 63936 | 43010 | false | |
Apr 24, 2024 12:40:08.085781097 CEST | 192.168.2.14 | 81.169.136.222 | 0x2de1 | Standard query (0) | 45248 | 43010 | false | |
Apr 24, 2024 12:40:08.403729916 CEST | 192.168.2.14 | 81.169.136.222 | 0x2de1 | Standard query (0) | 44992 | 43010 | false | |
Apr 24, 2024 12:40:11.054430962 CEST | 192.168.2.14 | 194.36.144.87 | 0xf943 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:40:11.361536980 CEST | 192.168.2.14 | 194.36.144.87 | 0xf943 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:40:11.668474913 CEST | 192.168.2.14 | 194.36.144.87 | 0xf943 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:40:11.975344896 CEST | 192.168.2.14 | 194.36.144.87 | 0xf943 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:40:12.279630899 CEST | 192.168.2.14 | 194.36.144.87 | 0xf943 | Standard query (0) | 20566 | 42785 | false | |
Apr 24, 2024 12:40:14.915014029 CEST | 192.168.2.14 | 8.8.8.8 | 0x2ecd | Standard query (0) | 27840 | 43010 | false | |
Apr 24, 2024 12:40:15.084762096 CEST | 192.168.2.14 | 8.8.8.8 | 0x2ecd | Standard query (0) | 24256 | 43010 | false | |
Apr 24, 2024 12:40:15.254477978 CEST | 192.168.2.14 | 8.8.8.8 | 0x2ecd | Standard query (0) | 14784 | 43010 | false | |
Apr 24, 2024 12:40:15.424205065 CEST | 192.168.2.14 | 8.8.8.8 | 0x2ecd | Standard query (0) | 14272 | 43010 | false | |
Apr 24, 2024 12:40:15.593712091 CEST | 192.168.2.14 | 8.8.8.8 | 0x2ecd | Standard query (0) | 25006 | 12288 | false | |
Apr 24, 2024 12:40:18.090603113 CEST | 192.168.2.14 | 51.77.149.139 | 0xa2e1 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 24, 2024 12:38:49.138201952 CEST | 1.0.0.1 | 192.168.2.14 | 0x7145 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:38:49.292596102 CEST | 1.0.0.1 | 192.168.2.14 | 0x7145 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:38:49.446845055 CEST | 1.0.0.1 | 192.168.2.14 | 0x7145 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:38:49.601027012 CEST | 1.0.0.1 | 192.168.2.14 | 0x7145 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:38:49.754904032 CEST | 1.0.0.1 | 192.168.2.14 | 0x7145 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:40:03.576263905 CEST | 194.36.144.87 | 192.168.2.14 | 0xbea6 | Format error (1) | none | none | 0 | 60660 | false | |
Apr 24, 2024 12:40:03.880276918 CEST | 194.36.144.87 | 192.168.2.14 | 0xbea6 | Format error (1) | none | none | 0 | 60660 | false | |
Apr 24, 2024 12:40:04.187505960 CEST | 194.36.144.87 | 192.168.2.14 | 0xbea6 | Format error (1) | none | none | 0 | 60660 | false | |
Apr 24, 2024 12:40:04.491950035 CEST | 194.36.144.87 | 192.168.2.14 | 0xbea6 | Format error (1) | none | none | 8469 | 2048 | false | |
Apr 24, 2024 12:40:04.796556950 CEST | 194.36.144.87 | 192.168.2.14 | 0xbea6 | Format error (1) | none | none | 12288 | 20566 | false | |
Apr 24, 2024 12:40:11.361311913 CEST | 194.36.144.87 | 192.168.2.14 | 0xf943 | Format error (1) | none | none | 62651 | 25006 | false | |
Apr 24, 2024 12:40:11.668180943 CEST | 194.36.144.87 | 192.168.2.14 | 0xf943 | Format error (1) | none | none | 62651 | 25006 | false | |
Apr 24, 2024 12:40:11.974991083 CEST | 194.36.144.87 | 192.168.2.14 | 0xf943 | Format error (1) | none | none | 62651 | 25006 | false | |
Apr 24, 2024 12:40:12.279334068 CEST | 194.36.144.87 | 192.168.2.14 | 0xf943 | Format error (1) | none | none | 62651 | 25006 | false | |
Apr 24, 2024 12:40:12.586766005 CEST | 194.36.144.87 | 192.168.2.14 | 0xf943 | Format error (1) | none | none | 12288 | 20566 | false | |
Apr 24, 2024 12:40:18.407042027 CEST | 51.77.149.139 | 192.168.2.14 | 0xa2e1 | No error (0) | 212.70.149.10 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/kaq4CUrP8v.elf |
Arguments: | /tmp/kaq4CUrP8v.elf |
File size: | 4139976 bytes |
MD5 hash: | 8943e5f8f8c280467b4472c15ae93ba9 |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/kaq4CUrP8v.elf |
Arguments: | - |
File size: | 4139976 bytes |
MD5 hash: | 8943e5f8f8c280467b4472c15ae93ba9 |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/kaq4CUrP8v.elf |
Arguments: | - |
File size: | 4139976 bytes |
MD5 hash: | 8943e5f8f8c280467b4472c15ae93ba9 |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/kaq4CUrP8v.elf |
Arguments: | - |
File size: | 4139976 bytes |
MD5 hash: | 8943e5f8f8c280467b4472c15ae93ba9 |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/kaq4CUrP8v.elf |
Arguments: | - |
File size: | 4139976 bytes |
MD5 hash: | 8943e5f8f8c280467b4472c15ae93ba9 |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/kaq4CUrP8v.elf |
Arguments: | - |
File size: | 4139976 bytes |
MD5 hash: | 8943e5f8f8c280467b4472c15ae93ba9 |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/journalctl |
Arguments: | /usr/bin/journalctl --smart-relinquish-var |
File size: | 80120 bytes |
MD5 hash: | bf3a987344f3bacafc44efd882abda8b |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/pulseaudio |
Arguments: | /usr/bin/pulseaudio --daemonize=no --log-target=journal |
File size: | 100832 bytes |
MD5 hash: | 0c3b4c789d8ffb12b25507f27e14c186 |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/libexec/gvfsd-fuse |
Arguments: | - |
File size: | 47632 bytes |
MD5 hash: | d18fbf1cbf8eb57b17fac48b7b4be933 |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /bin/fusermount |
Arguments: | fusermount -u -q -z -- /run/user/1000/gvfs |
File size: | 39144 bytes |
MD5 hash: | 576a1b135c82bdcbc97a91acea900566 |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:48 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:49 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:38:50 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:50 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:38:50 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:50 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:38:50 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:50 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:38:50 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:50 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:38:50 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:50 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:38:50 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:38:50 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:40:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:40:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |