Windows
Analysis Report
https://www.1stwashingtongroup.net/Fem7-alert.mp3
Overview
General Information
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 4900 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 332 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2324 --fi eld-trial- handle=223 2,i,119431 7216648437 1858,28699 9166831106 4521,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 6812 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= audio.mojo m.AudioSer vice --lan g=en-US -- service-sa ndbox-type =audio --m ojo-platfo rm-channel -handle=54 28 --field -trial-han dle=2232,i ,119431721 6648437185 8,28699916 6831106452 1,262144 - -disable-f eatures=Op timization GuideModel Downloadin g,Optimiza tionHints, Optimizati onHintsFet ching,Opti mizationTa rgetPredic tion /pref etch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6508 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://www.1 stwashingt ongroup.ne t/Fem7-ale rt.mp3" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
www.google.com | 192.178.50.36 | true | false | high | |
fp2e7a.wpc.phicdn.net | 192.229.211.108 | true | false | unknown | |
1stwashingtongroup.net | 89.116.159.223 | true | false | unknown | |
www.1stwashingtongroup.net | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
192.178.50.36 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
89.116.159.223 | 1stwashingtongroup.net | Lithuania | 15419 | LRTC-ASLT | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1431907 |
Start date and time: | 2024-04-26 00:21:12 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 15s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://www.1stwashingtongroup.net/Fem7-alert.mp3 |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 10 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@18/2@4/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.64.195, 172.217.3.78, 173.194.211.84, 34.104.35.123, 13.85.23.86, 72.21.81.240, 192.229.211.108, 20.3.187.198, 20.166.126.56, 142.250.217.163
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
- HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: https://www.1stwashingtongroup.net/Fem7-alert.mp3
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 200832 |
Entropy (8bit): | 7.695958183565904 |
Encrypted: | false |
SSDEEP: | 6144:4lsFCVxSmdxiWKwHtlYMKrXFTNRp+TSAU1M:4lHVx5ihwHvYrDRhAU2 |
MD5: | 0116152611DD51432E852781F8CC7E82 |
SHA1: | 2408D3D281B25649894F78A4E19F7F8A8AC735F9 |
SHA-256: | FC59BBB18F923747B9CD3F3B23537FF09C5AD2FDFC1505A4800A3F269A234E65 |
SHA-512: | 4378F49A8E77BA6F34DC8B0F738B1FDBFA1E686CFB60C07E83B9D76F4EAB1CCF444785FEE5B9932DA77E42FA189BB14FFCAFAC3D9C9965CBF276C2D06AA94CB0 |
Malicious: | false |
Reputation: | low |
URL: | https://www.1stwashingtongroup.net/Fem7-alert.mp3:2f7589800fcbdc:0 |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 26, 2024 00:21:54.986778975 CEST | 49678 | 443 | 192.168.2.4 | 104.46.162.224 |
Apr 26, 2024 00:21:56.033559084 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Apr 26, 2024 00:22:04.693789005 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:04.693830967 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:04.693902016 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:04.694147110 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:04.694160938 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:04.694597006 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:04.694643021 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:04.694705009 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:04.694889069 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:04.694907904 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.248879910 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.249265909 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.249285936 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.250735044 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.250813007 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.258594990 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.258701086 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.258750916 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.259660006 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.259982109 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.260005951 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.261651039 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.261710882 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.262741089 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.262823105 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.298614979 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.298641920 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.316070080 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.316082954 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.345367908 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.364069939 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.612757921 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.612819910 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.612840891 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.612899065 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.612898111 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.612950087 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.612965107 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.612970114 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.612977028 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.612992048 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.613019943 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.613020897 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.613046885 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.613056898 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.613086939 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.613471031 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.613519907 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.613538980 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.613548994 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.613560915 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.613580942 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.613606930 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.640324116 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Apr 26, 2024 00:22:05.648025036 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.648128033 CEST | 443 | 49736 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:05.648211002 CEST | 49736 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.661861897 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:05.704127073 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016014099 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016076088 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016123056 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016141891 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016141891 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.016166925 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016191959 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.016208887 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016227007 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016243935 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016262054 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.016273022 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016299009 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.016799927 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016819954 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016869068 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016879082 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.016892910 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016916037 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.016916990 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.016958952 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.041619062 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:22:06.041697025 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:22:06.041778088 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:22:06.042354107 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:22:06.042393923 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:22:06.067081928 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.193269968 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.193304062 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.193342924 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.193367958 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.193383932 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.193448067 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.193454981 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.193495035 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.194303989 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.194346905 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.194375038 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.194380045 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.194421053 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.195033073 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.195072889 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.195099115 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.195103884 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.195128918 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.195163012 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.372267008 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372291088 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372365952 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372375011 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.372390985 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372427940 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372442007 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372448921 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.372456074 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372497082 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372504950 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.372510910 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372550964 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.372553110 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372584105 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372596979 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372623920 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.372629881 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372646093 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372665882 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.372668982 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.372719049 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.372725010 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.423512936 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.445323944 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:22:06.480547905 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:22:06.480583906 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:22:06.484364033 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:22:06.484452009 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:22:06.487978935 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:22:06.488192081 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:22:06.532629967 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:22:06.532651901 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:22:06.546859980 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.546943903 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.546962023 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.546972990 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.547015905 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.547111034 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.547173977 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.547178984 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.547353029 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.547405005 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.552181005 CEST | 49735 | 443 | 192.168.2.4 | 89.116.159.223 |
Apr 26, 2024 00:22:06.552196026 CEST | 443 | 49735 | 89.116.159.223 | 192.168.2.4 |
Apr 26, 2024 00:22:06.581125021 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:22:07.852339029 CEST | 49740 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:07.852401972 CEST | 443 | 49740 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:07.852488995 CEST | 49740 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:07.854022980 CEST | 49740 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:07.854058027 CEST | 443 | 49740 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:08.134382010 CEST | 443 | 49740 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:08.140124083 CEST | 443 | 49740 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:08.143687963 CEST | 49740 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:08.194199085 CEST | 49740 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:08.194225073 CEST | 443 | 49740 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:08.195122957 CEST | 443 | 49740 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:08.236962080 CEST | 49740 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:08.301476955 CEST | 49740 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:08.344162941 CEST | 443 | 49740 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:08.428131104 CEST | 443 | 49740 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:08.428222895 CEST | 443 | 49740 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:08.432581902 CEST | 49740 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:08.433933020 CEST | 49740 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:08.433962107 CEST | 443 | 49740 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:08.509730101 CEST | 49741 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:08.509783983 CEST | 443 | 49741 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:08.509917021 CEST | 49741 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:08.510376930 CEST | 49741 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:08.510389090 CEST | 443 | 49741 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:08.766491890 CEST | 443 | 49741 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:08.766809940 CEST | 49741 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:08.768620014 CEST | 49741 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:08.768629074 CEST | 443 | 49741 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:08.768860102 CEST | 443 | 49741 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:08.770267010 CEST | 49741 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:08.812119007 CEST | 443 | 49741 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:09.016585112 CEST | 443 | 49741 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:09.016705990 CEST | 443 | 49741 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:09.016751051 CEST | 49741 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:09.017373085 CEST | 49741 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:09.017390966 CEST | 443 | 49741 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:09.017400026 CEST | 49741 | 443 | 192.168.2.4 | 23.202.106.101 |
Apr 26, 2024 00:22:09.017405987 CEST | 443 | 49741 | 23.202.106.101 | 192.168.2.4 |
Apr 26, 2024 00:22:16.434128046 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:22:16.434257984 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:22:16.435949087 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:22:17.427834034 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:22:17.427901983 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:23:05.960056067 CEST | 49750 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:23:05.960104942 CEST | 443 | 49750 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:23:05.960510015 CEST | 49750 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:23:05.961013079 CEST | 49750 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:23:05.961026907 CEST | 443 | 49750 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:23:06.352073908 CEST | 443 | 49750 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:23:06.352780104 CEST | 49750 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:23:06.352796078 CEST | 443 | 49750 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:23:06.353889942 CEST | 443 | 49750 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:23:06.354458094 CEST | 49750 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:23:06.354635954 CEST | 443 | 49750 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:23:06.407110929 CEST | 49750 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:23:13.944499016 CEST | 49723 | 80 | 192.168.2.4 | 23.55.103.43 |
Apr 26, 2024 00:23:13.944617033 CEST | 49724 | 80 | 192.168.2.4 | 199.232.210.172 |
Apr 26, 2024 00:23:14.075839043 CEST | 80 | 49724 | 199.232.210.172 | 192.168.2.4 |
Apr 26, 2024 00:23:14.075870037 CEST | 80 | 49724 | 199.232.210.172 | 192.168.2.4 |
Apr 26, 2024 00:23:14.075968027 CEST | 49724 | 80 | 192.168.2.4 | 199.232.210.172 |
Apr 26, 2024 00:23:14.165662050 CEST | 80 | 49723 | 23.55.103.43 | 192.168.2.4 |
Apr 26, 2024 00:23:14.165735006 CEST | 49723 | 80 | 192.168.2.4 | 23.55.103.43 |
Apr 26, 2024 00:23:16.338213921 CEST | 443 | 49750 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:23:16.338382959 CEST | 443 | 49750 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 00:23:16.338437080 CEST | 49750 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:23:17.394762993 CEST | 49750 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 00:23:17.394792080 CEST | 443 | 49750 | 192.178.50.36 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 26, 2024 00:22:03.207982063 CEST | 53 | 55240 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 00:22:03.288609982 CEST | 53 | 49441 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 00:22:04.117103100 CEST | 53 | 63138 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 00:22:04.394839048 CEST | 52108 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 00:22:04.395440102 CEST | 58011 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 00:22:04.630968094 CEST | 53 | 52108 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 00:22:04.962604046 CEST | 53 | 58011 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 00:22:05.909471035 CEST | 50748 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 00:22:05.909706116 CEST | 49677 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 00:22:06.035001040 CEST | 53 | 50748 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 00:22:06.035274982 CEST | 53 | 49677 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 00:22:21.132828951 CEST | 53 | 49981 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 00:22:25.514962912 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Apr 26, 2024 00:22:40.211918116 CEST | 53 | 55315 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 00:23:02.773130894 CEST | 53 | 49901 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 00:23:02.820616007 CEST | 53 | 53556 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Apr 26, 2024 00:22:04.962717056 CEST | 192.168.2.4 | 1.1.1.1 | c243 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 26, 2024 00:22:04.394839048 CEST | 192.168.2.4 | 1.1.1.1 | 0x8325 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 00:22:04.395440102 CEST | 192.168.2.4 | 1.1.1.1 | 0x57ee | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 26, 2024 00:22:05.909471035 CEST | 192.168.2.4 | 1.1.1.1 | 0x305d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 00:22:05.909706116 CEST | 192.168.2.4 | 1.1.1.1 | 0x6485 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 26, 2024 00:22:04.630968094 CEST | 1.1.1.1 | 192.168.2.4 | 0x8325 | No error (0) | 1stwashingtongroup.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 00:22:04.630968094 CEST | 1.1.1.1 | 192.168.2.4 | 0x8325 | No error (0) | 89.116.159.223 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 00:22:04.962604046 CEST | 1.1.1.1 | 192.168.2.4 | 0x57ee | No error (0) | 1stwashingtongroup.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 00:22:06.035001040 CEST | 1.1.1.1 | 192.168.2.4 | 0x305d | No error (0) | 192.178.50.36 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 00:22:06.035274982 CEST | 1.1.1.1 | 192.168.2.4 | 0x6485 | No error (0) | 65 | IN (0x0001) | false | |||
Apr 26, 2024 00:22:18.812448978 CEST | 1.1.1.1 | 192.168.2.4 | 0x4f6 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 00:22:18.812448978 CEST | 1.1.1.1 | 192.168.2.4 | 0x4f6 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 00:22:31.734123945 CEST | 1.1.1.1 | 192.168.2.4 | 0x3f9d | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 00:22:31.734123945 CEST | 1.1.1.1 | 192.168.2.4 | 0x3f9d | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 00:22:55.322046041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf16e | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 00:22:55.322046041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf16e | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 00:23:15.957571030 CEST | 1.1.1.1 | 192.168.2.4 | 0xc9f1 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 00:23:15.957571030 CEST | 1.1.1.1 | 192.168.2.4 | 0xc9f1 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49736 | 89.116.159.223 | 443 | 332 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 22:22:05 UTC | 683 | OUT | |
2024-04-25 22:22:05 UTC | 306 | IN | |
2024-04-25 22:22:05 UTC | 16078 | IN | |
2024-04-25 22:22:05 UTC | 16384 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49735 | 89.116.159.223 | 443 | 332 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 22:22:05 UTC | 583 | OUT | |
2024-04-25 22:22:06 UTC | 335 | IN | |
2024-04-25 22:22:06 UTC | 16049 | IN | |
2024-04-25 22:22:06 UTC | 16384 | IN | |
2024-04-25 22:22:06 UTC | 16384 | IN | |
2024-04-25 22:22:06 UTC | 16384 | IN | |
2024-04-25 22:22:06 UTC | 16384 | IN | |
2024-04-25 22:22:06 UTC | 16384 | IN | |
2024-04-25 22:22:06 UTC | 16384 | IN | |
2024-04-25 22:22:06 UTC | 16384 | IN | |
2024-04-25 22:22:06 UTC | 16384 | IN | |
2024-04-25 22:22:06 UTC | 16384 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49740 | 23.202.106.101 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 22:22:08 UTC | 161 | OUT | |
2024-04-25 22:22:08 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49741 | 23.202.106.101 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 22:22:08 UTC | 239 | OUT | |
2024-04-25 22:22:09 UTC | 487 | IN | |
2024-04-25 22:22:09 UTC | 55 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 00:21:56 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 00:22:00 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7699e0000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 00:22:03 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 4 |
Start time: | 00:22:05 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | false |
Has administrator privileges: | false |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |