Windows
Analysis Report
https://liumugan.com/click.php?key=u68h3lc85fvstvrsqxpm&cid=com39uqovn9vqlj36hdg&zone=3777459-3943232122-3786755655&campaign=321305220&type=Push&age=0&creative_id=376401&campaign_id=88260&site_id=4840&placement_id=42664961&preset_id=494
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 6976 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 6968 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2388 --fi eld-trial- handle=231 2,i,153483 0306069943 5213,13828 1383073973 43340,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6612 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t http:/// MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 4092 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2064 --fi eld-trial- handle=201 2,i,529569 7509498573 612,124699 7941124902 0970,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 1164 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://liumu gan.com/cl ick.php?ke y=u68h3lc8 5fvstvrsqx pm&cid=com 39uqovn9vq lj36hdg&zo ne=3777459 -394323212 2-37867556 55&campaig n=32130522 0&type=Pus h&age=0&cr eative_id= 376401&cam paign_id=8 8260&site_ id=4840&pl acement_id =42664961& preset_id= 494" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
www.google.com | 142.251.41.4 | true | false | high | |
fp2e7a.wpc.phicdn.net | 192.229.211.108 | true | false | unknown | |
liumugan.com | 3.134.30.98 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false | high | ||
false |
| unknown | |
false | high | ||
false | high | ||
false | high |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
3.134.30.98 | liumugan.com | United States | 16509 | AMAZON-02US | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.251.41.4 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1432427 |
Start date and time: | 2024-04-27 02:02:40 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 8s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://liumugan.com/click.php?key=u68h3lc85fvstvrsqxpm&cid=com39uqovn9vqlj36hdg&zone=3777459-3943232122-3786755655&campaign=321305220&type=Push&age=0&creative_id=376401&campaign_id=88260&site_id=4840&placement_id=42664961&preset_id=494 |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 9 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@23/17@5/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.81.227, 64.233.180.84, 142.250.81.238, 34.104.35.123, 142.250.65.170, 142.250.80.67, 199.232.214.172, 40.68.123.157, 192.229.211.108, 104.77.8.26, 72.21.81.240, 23.196.184.26, 13.95.31.18, 20.242.39.171, 142.250.65.227
- Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, wu.azureedge.net, clients2.google.com, ocsp.digicert.com, itunes.apple.com.edgekey.net, ocsp.edge.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, glb.sls.prod.dcat.dsp.trafficmanager.net, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, fonts.gstatic.com, e673.dsce9.akamaiedge.net, wu.ec.azureedge.net, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net, apps.apple.com, fe3cr.delivery.mp.microsoft.com, itunes-cdn.itunes-apple.com.akadns.net, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.959907336470073 |
Encrypted: | false |
SSDEEP: | 48:82dCTOSXHpidAKZdA19ehwiZUklqehVy+3:8HrLay |
MD5: | 749E5B04D34997060EAF26329A8FF87A |
SHA1: | AB3C6A0694DBF2D92B59553B8B8B2E4E0568D77A |
SHA-256: | 60E77CECC4299A2E170922B0B9D00DD22A39CA4591045CFFF68A736150119D22 |
SHA-512: | FCDD426E25970A6B60BFC0FC49D6DC14ECADA4BB0ECB4F67A1F90F86CF22BC84CD1ACDCAC354D269AB0B5018817014BCD10B78E244C46146BFE2DF1E7A31802F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.978913091711437 |
Encrypted: | false |
SSDEEP: | 48:89dCTOSXHpidAKZdA1weh/iZUkAQkqehKy+2:8yr59Q/y |
MD5: | ED2F391823318A7E1433B4E2B167F453 |
SHA1: | F97177AD734CCD90FB09962D5905116D79AF1718 |
SHA-256: | 267204F31AEAB7E6ACE96945EBFD00A8013F89C7B7529F69469FBF175EDF317C |
SHA-512: | 070A81D13B04599047418AF9658E7E02489D9D51813D4C7011B9D381B1B5ED8D2E06DE39C5D63E06C50125A4552701A4B4BD7A094E0FBC7C1753241DF646A1E9 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 3.9922521313395536 |
Encrypted: | false |
SSDEEP: | 48:8xzdCTOSsHpidAKZdA14tseh7sFiZUkmgqeh7sEy+BX:8xkrEney |
MD5: | 68115B88681D25A3B5446677DD15E225 |
SHA1: | 1996DEF4A1E9D1158A3D77299AA83F30FFBDB972 |
SHA-256: | 366B05C21AF99E854A84FF4BC816CCFC4EC1B1695FECDD3B575176E690E877D9 |
SHA-512: | 84E248ED8E0F61469733AAEE1E23AA10461B6795A7DC39B42D98567BC9721F1A31B99189F54245625152270DA72B07B0A6021944C0A76321849FB2BF526B953C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.973851934413966 |
Encrypted: | false |
SSDEEP: | 48:8vdCTOSXHpidAKZdA1vehDiZUkwqehmy+R:8oraMy |
MD5: | 8C0DDB4E939FFE470308A69D20D1DC49 |
SHA1: | 09985DE03EE45E7815359473DF426A5A7334DADC |
SHA-256: | 541087172BBF6EAA100CEF7F3EC638EAB7ED231BFEEC0B721715BF04BCAD94A1 |
SHA-512: | 0DC7510B1B605398F9389C345DA3724D5AA6BEF7330E6697017C09CCA129E14829299BC7F79F6187BAA4721560A3616099091250B4D10CD344102F8E345F7815 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.963525275015459 |
Encrypted: | false |
SSDEEP: | 48:84wdCTOSXHpidAKZdA1hehBiZUk1W1qeh4y+C:84tra9Yy |
MD5: | B13154C504309A4E330663A08555B6A9 |
SHA1: | 62417246254391899AA75048E9092DE17B7ACAC2 |
SHA-256: | 1D7133DC937D332E69DD97999856673149E03AF3D292615E849C491B04051447 |
SHA-512: | ECE617ECF8B86A55B0C47A8EFB623BEE67BE98EC6569FEF7D421548A62DF068FB436384544B38B6339644B4769CDB79DCC8FDC6BEBFBD57B775CF787AA2E497F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.9778383732050604 |
Encrypted: | false |
SSDEEP: | 48:8hdCTOSXHpidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbey+yT+:8erkT/TbxWOvTbey7T |
MD5: | FDAB2252E0E8E0C86AE4B62F10479E95 |
SHA1: | CB4FCA89BFC3FB864DE618814255A6AB63D7F2D3 |
SHA-256: | 8AA9E91B7EA100AACD8ED7DB3A6F1F5EEE7BB9781A99D49CBF051BB55B9D9251 |
SHA-512: | D88CEF045C10646210C3146BFA2685353825772E51A209D49B48557D573DBC1F06B911FA9C70FC270D7290A7A803906B409937D617B194BA4835BA8314F543F9 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 750 |
Entropy (8bit): | 5.149400926731259 |
Encrypted: | false |
SSDEEP: | 12:uch+qP8CylNgBHslriFTAYsSw7sZAnIIIIIII5wuCPXIwuGHHHHHHHYZw4/ffffY:P462UBHslgT9lCuABuoB7HHHHHHHYqm4 |
MD5: | 0E573305F7534A9EF640C0895C466494 |
SHA1: | 264B41F13A7F739D1E3D8BF4B360DA049E0290AC |
SHA-256: | 7FD8068C46C4D7554C6FDD42F3D3083282409F540C6DAC5B6BF91F98CDFAEC93 |
SHA-512: | B7CCD3EE86FF3372E598645859D49AB9B0D5E21FDB91166403CDDA91BA494B538A2CA9788B199DA1ACEE10DE9FE4C1BD00A14079E6F9376F25BAB7D0762E6A52 |
Malicious: | false |
Reputation: | low |
URL: | https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 15860 |
Entropy (8bit): | 7.988022700476719 |
Encrypted: | false |
SSDEEP: | 384:S7qmPTF4N21t//YW2FS6+1XxrsbGmjlAbvqMmtCN:S621tHY4xwbGmjloSM7N |
MD5: | E9F5AAF547F165386CD313B995DDDD8E |
SHA1: | ACDEF5603C2387B0E5BFFD744B679A24A8BC1968 |
SHA-256: | F5AEBDFEA35D1E7656EF4ACC5DB1F243209755AE3300943EF8FC6280F363C860 |
SHA-512: | 2A71EDB5490F286642A874D52A1969F54282BC43CB24E8D5A297E13B320321FB7B7AF5524EAC609CF5F95EE08D5E4EC5803E2A3C8D13C09F6CC38713C665D0CE |
Malicious: | false |
Reputation: | low |
URL: | https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3955 |
Entropy (8bit): | 4.816416294207965 |
Encrypted: | false |
SSDEEP: | 48:TVW3qkYfmNsiO6PyfOIVMz0U7V3Tc1c2ezt34dGjsRQSKdAJ:Tw6tBiO19Mz57V3YK2ct3YasqvQ |
MD5: | 213D2BB8E6222D6FADE65BBC247E2F82 |
SHA1: | 024FB2007DC7FFE79B2428107930644C3601591A |
SHA-256: | 9E0A68847EA452C9E7934B5249009194460ED005D504B3B5AC8FCA6C173CF8B5 |
SHA-512: | 62A0469712B1FF8728274DA7F2FB39FD9B37C00A25A11D5647FA769A829D3BB4E456BA6AA2B0DB626886F6B2D0925CD93F66766EE5E7F3A61FE16F709A95FBDB |
Malicious: | false |
Reputation: | low |
URL: | https://liumugan.com/click.php?key=u68h3lc85fvstvrsqxpm&cid=com39uqovn9vqlj36hdg&zone=3777459-3943232122-3786755655&campaign=321305220&type=Push&age=0&creative_id=376401&campaign_id=88260&site_id=4840&placement_id=42664961&preset_id=494 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 15744 |
Entropy (8bit): | 7.986588355476176 |
Encrypted: | false |
SSDEEP: | 384:z1TLklSElcS5V6qQTMUP07JwirW6RlLwK79/:p7EJ5E2bJwi5jLwK79/ |
MD5: | 15D9F621C3BD1599F0169DCF0BD5E63E |
SHA1: | 7CA9C5967F3BB8BFFEAB24B639B49C1E7D03FA52 |
SHA-256: | F6734F8177112C0839B961F96D813FCB189D81B60E96C33278C1983B6F419615 |
SHA-512: | D35A47162FC160CD5F806C3BB7FEB50EC96FDFC81753660EAD22EF33F89BE6B1BFD63D1135F6B479D35C2E9D30F2360FFC8819EFCA672270E230635BCB206C82 |
Malicious: | false |
Reputation: | low |
URL: | https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4352 |
Entropy (8bit): | 5.397517794607866 |
Encrypted: | false |
SSDEEP: | 96:1OLNFlOLNTFZKOLNZOLNW3yOLNwOLN8Vc+umOLN+1N1OCNnlOCNiFZKOCNWOCND5:ANFQNDN8NW3XNtNGqN+lNn1NhN6ND3eo |
MD5: | 4E3C0364981FEF592C32B4E469B7A715 |
SHA1: | 49A51C52BC78D231B6F0CC2705BE21FB2570DCEE |
SHA-256: | 396BD1AB182A204C8C227C5D6AEF6CBE3A3481500E816635B408DA715695DFA1 |
SHA-512: | 5D577699EC2429000091F32BC2C91E38C1341834D9BC16AF5EDB2D7040D5B55E94893381C0B583B703226C396C842EB9970B5754D0EBEA364D4E9FB5158BF3C8 |
Malicious: | false |
Reputation: | low |
URL: | "https://fonts.googleapis.com/css?family=Roboto:400,700" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 230866 |
Entropy (8bit): | 5.4646270618602735 |
Encrypted: | false |
SSDEEP: | 1536:ZFT1baprKzg0HDhBxWld0c7BcaW8GnKqkaXYML/k8dm3jGu5aXpLd89KlB8VFQtX:Zb8r4D+9iBcQtj84jiMsm7EPDWb |
MD5: | 7C5377253BF43021FB06349824676EAD |
SHA1: | 500FF00E0940F1AA8D1C6FB98B2ABF2117BE8E3B |
SHA-256: | 8170AC6D21A3BFF3B1D88125F1D8F62F096F5CB155B9F56E61B7DB491200E7BB |
SHA-512: | BF1272EE83484F3D841BAADC41DC5E1FAE5B16336433FE4C0A4C08237959D5C81D38AF903CEF14CA2F9290449F7C1BFC67057C2CF1A92931F0FC36E7F59E4C9D |
Malicious: | false |
Reputation: | low |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 27, 2024 02:03:22.878427029 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:22.878726959 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:23.001902103 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:32.355408907 CEST | 49710 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.355492115 CEST | 443 | 49710 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:32.355571032 CEST | 49710 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.356611013 CEST | 49711 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.356722116 CEST | 443 | 49711 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:32.356796026 CEST | 49711 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.357347012 CEST | 49711 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.357384920 CEST | 443 | 49711 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:32.357623100 CEST | 49710 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.357660055 CEST | 443 | 49710 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:32.570662022 CEST | 443 | 49711 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:32.571641922 CEST | 443 | 49710 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:32.579478979 CEST | 49710 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.579515934 CEST | 443 | 49710 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:32.579754114 CEST | 49711 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.579775095 CEST | 443 | 49711 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:32.580806971 CEST | 443 | 49711 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:32.580859900 CEST | 49711 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.581631899 CEST | 443 | 49710 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:32.581681013 CEST | 49710 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.583136082 CEST | 49711 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.583224058 CEST | 443 | 49711 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:32.584881067 CEST | 49710 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.585057974 CEST | 443 | 49710 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:32.585208893 CEST | 49711 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.585221052 CEST | 443 | 49711 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:32.645111084 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:32.645132065 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:32.645137072 CEST | 49711 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.650701046 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:32.650753021 CEST | 49710 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:32.650774956 CEST | 443 | 49710 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:32.841981888 CEST | 49710 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:33.387808084 CEST | 443 | 49711 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:33.387852907 CEST | 443 | 49711 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:33.387928963 CEST | 443 | 49711 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:33.387969971 CEST | 49711 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:33.388005018 CEST | 49711 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:33.966942072 CEST | 49712 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:33.966988087 CEST | 443 | 49712 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:33.967041016 CEST | 49712 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:33.967292070 CEST | 49713 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:33.967344046 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:33.967392921 CEST | 49713 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:33.967530966 CEST | 49714 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:33.967566967 CEST | 443 | 49714 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:33.967607021 CEST | 49714 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:33.967886925 CEST | 49715 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:33.967957973 CEST | 443 | 49715 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:33.968023062 CEST | 49715 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:33.969242096 CEST | 49715 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:33.969290972 CEST | 443 | 49715 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:33.969419956 CEST | 49714 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:33.969438076 CEST | 443 | 49714 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:33.969790936 CEST | 49713 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:33.969810963 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:33.970006943 CEST | 49712 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:33.970027924 CEST | 443 | 49712 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.054997921 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 27, 2024 02:03:34.055089951 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:34.077461958 CEST | 49711 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:34.077500105 CEST | 443 | 49711 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:34.236826897 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.239339113 CEST | 443 | 49712 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.240473986 CEST | 443 | 49714 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.240726948 CEST | 443 | 49715 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.350091934 CEST | 49715 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.350171089 CEST | 443 | 49715 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.350173950 CEST | 49714 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.350205898 CEST | 443 | 49714 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.350466967 CEST | 49712 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.350490093 CEST | 443 | 49712 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.350995064 CEST | 49713 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.351021051 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.351939917 CEST | 443 | 49712 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.351952076 CEST | 443 | 49712 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.351998091 CEST | 49712 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.352005959 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.352016926 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.352051020 CEST | 49713 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.352441072 CEST | 443 | 49715 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.352447987 CEST | 443 | 49715 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.352499008 CEST | 49715 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.354067087 CEST | 443 | 49714 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.354080915 CEST | 443 | 49714 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.354120016 CEST | 49714 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.358640909 CEST | 49712 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.358947039 CEST | 443 | 49712 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.359420061 CEST | 49715 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.359622002 CEST | 443 | 49715 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.359915972 CEST | 49714 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.360071898 CEST | 443 | 49714 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.360162020 CEST | 49713 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.360279083 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.360842943 CEST | 49712 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.360855103 CEST | 443 | 49712 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.360923052 CEST | 49715 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.360944986 CEST | 443 | 49715 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.360955954 CEST | 49714 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.360965967 CEST | 443 | 49714 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.400048018 CEST | 49712 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.449182034 CEST | 49713 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.449204922 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.449240923 CEST | 49715 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.532037973 CEST | 443 | 49712 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.532118082 CEST | 443 | 49712 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.532381058 CEST | 49712 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.532396078 CEST | 443 | 49712 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.536495924 CEST | 443 | 49712 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.536550045 CEST | 49712 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.559819937 CEST | 49714 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.638206959 CEST | 49713 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.659780025 CEST | 49712 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.659807920 CEST | 443 | 49712 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.744546890 CEST | 443 | 49714 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.744607925 CEST | 49714 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.744630098 CEST | 443 | 49714 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.744657993 CEST | 443 | 49714 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.744693041 CEST | 49714 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.751677990 CEST | 49714 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.751707077 CEST | 443 | 49714 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.757124901 CEST | 49713 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.804121017 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.892653942 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.892703056 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.892755032 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.892802000 CEST | 49713 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.892823935 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.892857075 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.892860889 CEST | 49713 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.892889977 CEST | 49713 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.893970013 CEST | 49713 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.893987894 CEST | 443 | 49713 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.984561920 CEST | 443 | 49715 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.984682083 CEST | 49715 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:34.984687090 CEST | 443 | 49715 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:34.984730005 CEST | 49715 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:35.004800081 CEST | 49715 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:35.004832029 CEST | 443 | 49715 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:35.008150101 CEST | 49718 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:35.008207083 CEST | 443 | 49718 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:35.008287907 CEST | 49718 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:35.008769989 CEST | 49718 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:35.008786917 CEST | 443 | 49718 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:35.278651953 CEST | 443 | 49718 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:35.280492067 CEST | 49718 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:35.280512094 CEST | 443 | 49718 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:35.280925035 CEST | 443 | 49718 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:35.281519890 CEST | 49718 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:35.281591892 CEST | 443 | 49718 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:35.281822920 CEST | 49718 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:35.328114986 CEST | 443 | 49718 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:35.989847898 CEST | 443 | 49718 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:35.989886999 CEST | 443 | 49718 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:35.990005016 CEST | 49718 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:35.990044117 CEST | 443 | 49718 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:35.992887020 CEST | 443 | 49718 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:35.993572950 CEST | 49718 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:35.993689060 CEST | 49718 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:03:35.993705034 CEST | 443 | 49718 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:03:43.415374994 CEST | 49710 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:43.456116915 CEST | 443 | 49710 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:43.564781904 CEST | 443 | 49710 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:43.564860106 CEST | 443 | 49710 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:43.564908028 CEST | 49710 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:43.626235962 CEST | 49710 | 443 | 192.168.2.5 | 3.134.30.98 |
Apr 27, 2024 02:03:43.626271963 CEST | 443 | 49710 | 3.134.30.98 | 192.168.2.5 |
Apr 27, 2024 02:03:43.873317957 CEST | 49722 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:43.873383999 CEST | 443 | 49722 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:43.873450041 CEST | 49722 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:43.875515938 CEST | 49722 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:43.875540018 CEST | 443 | 49722 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:44.083180904 CEST | 443 | 49722 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:44.083273888 CEST | 49722 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:44.104420900 CEST | 49722 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:44.104451895 CEST | 443 | 49722 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:44.104829073 CEST | 443 | 49722 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:44.166134119 CEST | 49722 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:44.254734039 CEST | 49722 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:44.300121069 CEST | 443 | 49722 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:44.642893076 CEST | 443 | 49722 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:44.643205881 CEST | 49722 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:44.643241882 CEST | 443 | 49722 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:44.643254042 CEST | 49722 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:44.643744946 CEST | 443 | 49722 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:44.643802881 CEST | 443 | 49722 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:44.644032955 CEST | 49722 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:44.755748034 CEST | 49725 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:44.755808115 CEST | 443 | 49725 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:44.755878925 CEST | 49725 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:44.758578062 CEST | 49725 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:44.758599997 CEST | 443 | 49725 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:44.944082022 CEST | 443 | 49725 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:44.944185019 CEST | 49725 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:44.948024988 CEST | 49725 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:44.948043108 CEST | 443 | 49725 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:44.948451042 CEST | 443 | 49725 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:44.952574968 CEST | 49725 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:44.996120930 CEST | 443 | 49725 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:45.146214962 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:45.161237955 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:45.161536932 CEST | 49727 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:45.161582947 CEST | 443 | 49727 | 23.1.237.91 | 192.168.2.5 |
Apr 27, 2024 02:03:45.161681890 CEST | 49727 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:45.163150072 CEST | 49727 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:45.163168907 CEST | 443 | 49727 | 23.1.237.91 | 192.168.2.5 |
Apr 27, 2024 02:03:45.301743984 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 27, 2024 02:03:45.316586971 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 27, 2024 02:03:45.482125998 CEST | 443 | 49727 | 23.1.237.91 | 192.168.2.5 |
Apr 27, 2024 02:03:45.482400894 CEST | 49727 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:45.606060028 CEST | 443 | 49725 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:45.606158972 CEST | 443 | 49725 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:45.606343031 CEST | 49725 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:45.672728062 CEST | 49725 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:45.672770023 CEST | 443 | 49725 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:45.672790051 CEST | 49725 | 443 | 192.168.2.5 | 104.76.104.139 |
Apr 27, 2024 02:03:45.672796965 CEST | 443 | 49725 | 104.76.104.139 | 192.168.2.5 |
Apr 27, 2024 02:03:48.172291994 CEST | 49727 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:48.172321081 CEST | 443 | 49727 | 23.1.237.91 | 192.168.2.5 |
Apr 27, 2024 02:03:48.174048901 CEST | 443 | 49727 | 23.1.237.91 | 192.168.2.5 |
Apr 27, 2024 02:03:48.174117088 CEST | 49727 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:48.174897909 CEST | 49727 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:48.175290108 CEST | 49727 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:03:48.175404072 CEST | 443 | 49727 | 23.1.237.91 | 192.168.2.5 |
Apr 27, 2024 02:03:48.183063030 CEST | 49727 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 27, 2024 02:04:34.736143112 CEST | 49735 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:04:34.736207008 CEST | 443 | 49735 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:04:34.736272097 CEST | 49735 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:04:34.736486912 CEST | 49735 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:04:34.736498117 CEST | 443 | 49735 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:04:34.999102116 CEST | 443 | 49735 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:04:34.999597073 CEST | 49735 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:04:34.999635935 CEST | 443 | 49735 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:04:35.000495911 CEST | 443 | 49735 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:04:35.001311064 CEST | 49735 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:04:35.001657009 CEST | 443 | 49735 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:04:35.042781115 CEST | 49735 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:04:45.001625061 CEST | 443 | 49735 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:04:45.001796007 CEST | 443 | 49735 | 142.251.41.4 | 192.168.2.5 |
Apr 27, 2024 02:04:45.001940966 CEST | 49735 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:04:46.222918034 CEST | 49735 | 443 | 192.168.2.5 | 142.251.41.4 |
Apr 27, 2024 02:04:46.222944021 CEST | 443 | 49735 | 142.251.41.4 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 27, 2024 02:03:31.308676004 CEST | 53 | 64885 | 1.1.1.1 | 192.168.2.5 |
Apr 27, 2024 02:03:31.653258085 CEST | 65389 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 27, 2024 02:03:31.653465986 CEST | 63926 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 27, 2024 02:03:31.742378950 CEST | 53 | 63926 | 1.1.1.1 | 192.168.2.5 |
Apr 27, 2024 02:03:32.261172056 CEST | 51954 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 27, 2024 02:03:32.261518002 CEST | 58037 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 27, 2024 02:03:32.353970051 CEST | 53 | 51954 | 1.1.1.1 | 192.168.2.5 |
Apr 27, 2024 02:03:32.354037046 CEST | 53 | 58037 | 1.1.1.1 | 192.168.2.5 |
Apr 27, 2024 02:03:32.391273022 CEST | 53 | 61250 | 1.1.1.1 | 192.168.2.5 |
Apr 27, 2024 02:03:32.670397043 CEST | 56179 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 27, 2024 02:03:32.762403011 CEST | 53 | 56179 | 1.1.1.1 | 192.168.2.5 |
Apr 27, 2024 02:03:34.171473980 CEST | 53 | 50741 | 1.1.1.1 | 192.168.2.5 |
Apr 27, 2024 02:03:35.833333969 CEST | 53 | 62773 | 1.1.1.1 | 192.168.2.5 |
Apr 27, 2024 02:03:53.854643106 CEST | 53 | 56666 | 1.1.1.1 | 192.168.2.5 |
Apr 27, 2024 02:04:15.883403063 CEST | 53 | 61170 | 1.1.1.1 | 192.168.2.5 |
Apr 27, 2024 02:04:30.166013956 CEST | 53 | 56473 | 1.1.1.1 | 192.168.2.5 |
Apr 27, 2024 02:04:38.914748907 CEST | 53 | 58787 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 27, 2024 02:03:31.653258085 CEST | 192.168.2.5 | 1.1.1.1 | 0x835e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 27, 2024 02:03:31.653465986 CEST | 192.168.2.5 | 1.1.1.1 | 0x2be | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 27, 2024 02:03:32.261172056 CEST | 192.168.2.5 | 1.1.1.1 | 0xd887 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 27, 2024 02:03:32.261518002 CEST | 192.168.2.5 | 1.1.1.1 | 0xe8b8 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 27, 2024 02:03:32.670397043 CEST | 192.168.2.5 | 1.1.1.1 | 0xebda | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 27, 2024 02:03:31.742378950 CEST | 1.1.1.1 | 192.168.2.5 | 0x2be | No error (0) | 65 | IN (0x0001) | false | |||
Apr 27, 2024 02:03:32.353970051 CEST | 1.1.1.1 | 192.168.2.5 | 0xd887 | No error (0) | 3.134.30.98 | A (IP address) | IN (0x0001) | false | ||
Apr 27, 2024 02:03:32.762403011 CEST | 1.1.1.1 | 192.168.2.5 | 0xebda | No error (0) | 142.251.41.4 | A (IP address) | IN (0x0001) | false | ||
Apr 27, 2024 02:03:44.609076023 CEST | 1.1.1.1 | 192.168.2.5 | 0x6cc9 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 27, 2024 02:03:44.609076023 CEST | 1.1.1.1 | 192.168.2.5 | 0x6cc9 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49711 | 3.134.30.98 | 443 | 6968 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-27 00:03:32 UTC | 870 | OUT | |
2024-04-27 00:03:33 UTC | 444 | IN | |
2024-04-27 00:03:33 UTC | 3967 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49712 | 142.251.41.4 | 443 | 6968 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-27 00:03:34 UTC | 615 | OUT | |
2024-04-27 00:03:34 UTC | 1703 | IN | |
2024-04-27 00:03:34 UTC | 514 | IN | |
2024-04-27 00:03:34 UTC | 249 | IN | |
2024-04-27 00:03:34 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49714 | 142.251.41.4 | 443 | 6968 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-27 00:03:34 UTC | 353 | OUT | |
2024-04-27 00:03:34 UTC | 1761 | IN | |
2024-04-27 00:03:34 UTC | 417 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.5 | 49715 | 142.251.41.4 | 443 | 6968 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-27 00:03:34 UTC | 518 | OUT | |
2024-04-27 00:03:34 UTC | 1843 | IN | |
2024-04-27 00:03:34 UTC | 458 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.5 | 49713 | 142.251.41.4 | 443 | 6968 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-27 00:03:34 UTC | 738 | OUT | |
2024-04-27 00:03:34 UTC | 356 | IN | |
2024-04-27 00:03:34 UTC | 899 | IN | |
2024-04-27 00:03:34 UTC | 1255 | IN | |
2024-04-27 00:03:34 UTC | 959 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.5 | 49718 | 142.251.41.4 | 443 | 6968 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-27 00:03:35 UTC | 920 | OUT | |
2024-04-27 00:03:35 UTC | 356 | IN | |
2024-04-27 00:03:35 UTC | 899 | IN | |
2024-04-27 00:03:35 UTC | 1255 | IN | |
2024-04-27 00:03:35 UTC | 1031 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.5 | 49710 | 3.134.30.98 | 443 | 6968 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-27 00:03:43 UTC | 909 | OUT | |
2024-04-27 00:03:43 UTC | 235 | IN | |
2024-04-27 00:03:43 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.5 | 49722 | 104.76.104.139 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-27 00:03:44 UTC | 161 | OUT | |
2024-04-27 00:03:44 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.5 | 49725 | 104.76.104.139 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-27 00:03:44 UTC | 239 | OUT | |
2024-04-27 00:03:45 UTC | 530 | IN | |
2024-04-27 00:03:45 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
9 | 192.168.2.5 | 49727 | 23.1.237.91 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-27 00:03:48 UTC | 2148 | OUT | |
2024-04-27 00:03:48 UTC | 1 | OUT | |
2024-04-27 00:03:48 UTC | 2483 | OUT |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 02:03:22 |
Start date: | 27/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 02:03:28 |
Start date: | 27/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 02:03:29 |
Start date: | 27/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 4 |
Start time: | 02:03:30 |
Start date: | 27/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 5 |
Start time: | 02:03:31 |
Start date: | 27/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |