Analysis Report Payment Confirmation.exe
Overview
General Information
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
Startup |
---|
|
Malware Configuration |
---|
No configs have been found |
---|
Yara Overview |
---|
Memory Dumps |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
DarkComet_2 | DarkComet | Jean-Philippe Teissier / @Jipe_ |
| |
Malware_QA_update | VT Research QA uploaded malware - file update.exe | Florian Roth |
| |
RAT_DarkComet | Detects DarkComet RAT | Kevin Breen <kevin@techanarchy.net> |
| |
JoeSecurity_DarkCometRat | Yara detected DarkComet | Kevin Breen <kevin@techanarchy.net> | ||
JoeSecurity_DelphiSystemParamCount | Detected Delphi use of System.ParamCount() | Joe Security | ||
Click to see the 19 entries |
Unpacked PEs |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
Malware_QA_update | VT Research QA uploaded malware - file update.exe | Florian Roth |
| |
RAT_DarkComet | Detects DarkComet RAT | Kevin Breen <kevin@techanarchy.net> |
| |
JoeSecurity_DarkCometRat | Yara detected DarkComet | Kevin Breen <kevin@techanarchy.net> | ||
JoeSecurity_DelphiSystemParamCount | Detected Delphi use of System.ParamCount() | Joe Security | ||
DarkComet_1 | DarkComet RAT | botherder https://github.com/botherder |
| |
Click to see the 19 entries |
Sigma Overview |
---|
No Sigma rule has matched |
---|
Signature Overview |
---|
Click to jump to signature section
AV Detection: |
---|
Antivirus / Scanner detection for submitted sample | Show sources |
Source: | Avira: |
Antivirus detection for dropped file | Show sources |
Source: | Avira: |
Multi AV Scanner detection for dropped file | Show sources |
Source: | ReversingLabs: |
Machine Learning detection for dropped file | Show sources |
Source: | Joe Sandbox ML: |
Machine Learning detection for sample | Show sources |
Source: | Joe Sandbox ML: |
Source: | Avira: | ||
Source: | Avira: | ||
Source: | Avira: | ||
Source: | Avira: | ||
Source: | Avira: | ||
Source: | Avira: | ||
Source: | Avira: | ||
Source: | Avira: | ||
Source: | Avira: |
Compliance: |
---|
Uses 32bit PE files | Show sources |
Source: | Static PE information: |
Source: | Code function: | 3_2_0040A490 | |
Source: | Code function: | 3_2_00406B58 | |
Source: | Code function: | 3_2_0047EE4C | |
Source: | Code function: | 3_2_00465348 |
Networking: |
---|
Uses dynamic DNS services | Show sources |
Source: | DNS query: |
Source: | Code function: | 3_2_004727B4 |
Source: | Code function: | 3_2_00470278 |
Source: | TCP traffic: |
Source: | IP Address: |
Source: | ASN Name: |
Source: | Code function: | 3_2_004727B4 |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Key, Mouse, Clipboard, Microphone and Screen Capturing: |
---|
Contains functionality to capture and log keystrokes | Show sources |
Source: | Code function: | 3_2_0047F788 | |
Source: | Code function: | 3_2_0047F788 | |
Source: | Code function: | 3_2_0047F788 | |
Source: | Code function: | 3_2_0047F788 | |
Source: | Code function: | 3_2_0047F788 | |
Source: | Code function: | 3_2_0047F788 | |
Source: | Code function: | 3_2_0047F788 | |
Source: | Code function: | 3_2_0047F788 | |
Source: | Code function: | 3_2_0047F788 | |
Source: | Code function: | 3_2_0047F788 | |
Source: | Code function: | 3_2_0047F788 |
Contains functionality to log keystrokes | Show sources |
Source: | Code function: | 3_2_0047F788 |
Contains functionality to log keystrokes | Show sources |
Source: | Code function: | 3_2_0047F788 |
Contains functionality to register a low level keyboard hook | Show sources |
Source: | Code function: | 3_2_0047FD60 |
Source: | Code function: | 3_2_004083D6 |
Source: | Code function: | 3_2_00430F5C |
Source: | Code function: | 3_2_00428440 |
Source: | Code function: | 3_2_00455020 |
Source: | Code function: | 3_2_0047F788 |
System Summary: |
---|
Malicious sample detected (through community Yara rule) | Show sources |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Potential malicious icon found | Show sources |
Source: | Icon embedded in PE file: |
Yara detected DarkComet | Show sources |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Initial sample is a PE file and has a suspicious name | Show sources |
Source: | Static PE information: |
Source: | Code function: | 3_2_0044521C | |
Source: | Code function: | 3_2_0043838C | |
Source: | Code function: | 3_2_004304E8 | |
Source: | Code function: | 3_2_00455220 | |
Source: | Code function: | 3_2_00445968 | |
Source: | Code function: | 3_2_00461974 | |
Source: | Code function: | 3_2_00445A48 | |
Source: | Code function: | 7_3_030CC8DC | |
Source: | Code function: | 7_3_030CC8DC | |
Source: | Code function: | 7_3_030CC8DC | |
Source: | Code function: | 7_3_030CC8DC | |
Source: | Code function: | 7_2_030CC8DC |
Source: | Code function: | 3_2_004706C8 |
Source: | Code function: | 3_2_0040811E |
Source: | Code function: | 0_2_0041BC60 | |
Source: | Code function: | 3_2_0043E01C | |
Source: | Code function: | 3_2_00402360 | |
Source: | Code function: | 3_2_0043838C | |
Source: | Code function: | 3_2_00406414 | |
Source: | Code function: | 3_2_0045E7A4 | |
Source: | Code function: | 3_2_004698D4 | |
Source: | Code function: | 7_3_0304FB68 | |
Source: | Code function: | 7_3_0304FB68 |
Source: | Process token adjusted: | Jump to behavior |
Source: | Process token adjusted: | Jump to behavior |
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Classification label: |
Source: | Code function: | 3_2_004253A8 |
Source: | Code function: | 3_2_0040A74E |
Source: | Code function: | 3_2_00470968 |
Source: | Code function: | 3_2_0041C268 |
Source: | Code function: | 3_2_004705D0 |
Source: | File created: | Jump to behavior |
Source: | Mutant created: |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Static PE information: |
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior |
Source: | File read: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Window detected: |
Source: | Code function: | 3_2_0042EB3C |
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_00403144 | |
Source: | Code function: | 0_2_00403B7C | |
Source: | Code function: | 3_2_004186DD | |
Source: | Code function: | 3_2_0040420C | |
Source: | Code function: | 3_2_0042E214 | |
Source: | Code function: | 3_2_00422297 | |
Source: | Code function: | 3_2_0044A27C | |
Source: | Code function: | 3_2_00430340 | |
Source: | Code function: | 3_2_0041640A | |
Source: | Code function: | 3_2_0041640A | |
Source: | Code function: | 3_2_004324EC | |
Source: | Code function: | 3_2_0045E4D8 | |
Source: | Code function: | 3_2_0044A520 | |
Source: | Code function: | 3_2_0042C60D | |
Source: | Code function: | 3_2_00430658 | |
Source: | Code function: | 3_2_0040875E | |
Source: | Code function: | 3_2_0045E7A9 | |
Source: | Code function: | 3_2_00410890 | |
Source: | Code function: | 3_2_0044A83C | |
Source: | Code function: | 3_2_00418939 | |
Source: | Code function: | 3_2_00418A59 | |
Source: | Code function: | 3_2_00418A9D | |
Source: | Code function: | 3_2_00420BF7 | |
Source: | Code function: | 3_2_00430CCE | |
Source: | Code function: | 3_2_00462F2C | |
Source: | Code function: | 3_2_00416D99 | |
Source: | Code function: | 3_2_0047EEE0 | |
Source: | Code function: | 3_2_00420E8F | |
Source: | Code function: | 3_2_00438F6F | |
Source: | Code function: | 3_2_00467128 | |
Source: | Code function: | 3_2_0042B340 |
Source: | Code function: | 3_2_004727B4 |
Source: | File created: | Jump to dropped file |
Boot Survival: |
---|
Drops PE files to the startup folder | Show sources |
Source: | File created: | Jump to dropped file |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Code function: | 3_2_004705D0 |
Source: | Code function: | 3_2_0045843C | |
Source: | Code function: | 3_2_0043B134 | |
Source: | Code function: | 3_2_004571F8 | |
Source: | Code function: | 3_2_0043B1B0 | |
Source: | Code function: | 3_2_00457B00 | |
Source: | Code function: | 3_2_0042DCA8 |
Source: | Code function: | 3_2_0042EB3C |
Source: | Registry key monitored for changes: | Jump to behavior |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | File opened / queried: | Jump to behavior |
Source: | Code function: | 3_2_00444454 |
Source: | Code function: | 3_2_00470758 |
Source: | Window / User API: | Jump to behavior |
Source: | Thread sleep time: | Jump to behavior |
Source: | Last function: |
Source: | Code function: | 3_2_0040A490 | |
Source: | Code function: | 3_2_00406B58 | |
Source: | Code function: | 3_2_0047EE4C | |
Source: | Code function: | 3_2_00465348 |
Source: | Code function: | 3_2_0042EB3C |
Source: | Code function: | 3_2_00407BAE |
Source: | Process token adjusted: | Jump to behavior | ||
Source: | Process token adjusted: | Jump to behavior |
HIPS / PFW / Operating System Protection Evasion: |
---|
Contains functionality to inject code into remote processes | Show sources |
Source: | Code function: | 7_3_030CC8DC |
Injects a PE file into a foreign processes | Show sources |
Source: | Memory written: | Jump to behavior |
Source: | Code function: | 3_2_00468550 |
Source: | Code function: | 3_2_0047E068 |
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 3_2_00406D1C | |
Source: | Code function: | 3_2_00406E28 | |
Source: | Code function: | 3_2_0040D33C | |
Source: | Code function: | 3_2_0040D388 |
Source: | Code function: | 3_2_0040BCCC |
Source: | Code function: | 3_2_00470C6C |
Source: | Code function: | 3_2_0040E31C |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Native API1 | Startup Items1 | Startup Items1 | Deobfuscate/Decode Files or Information1 | Input Capture421 | System Time Discovery1 | Remote Services | Archive Collected Data1 | Exfiltration Over Alternative Protocol1 | Ingress Tool Transfer21 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | System Shutdown/Reboot1 |
Default Accounts | Service Execution12 | LSASS Driver1 | LSASS Driver1 | Obfuscated Files or Information2 | LSASS Memory | Account Discovery1 | Remote Desktop Protocol | Screen Capture1 | Exfiltration Over Bluetooth | Encrypted Channel1 | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Application Shimming1 | Application Shimming1 | Software Packing1 | Security Account Manager | System Service Discovery1 | SMB/Windows Admin Shares | Input Capture421 | Automated Exfiltration | Non-Standard Port1 | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Windows Service12 | Windows Service12 | Masquerading1 | NTDS | File and Directory Discovery2 | Distributed Component Object Model | Clipboard Data2 | Scheduled Transfer | Non-Application Layer Protocol1 | SIM Card Swap | Carrier Billing Fraud | |
Cloud Accounts | Cron | Registry Run Keys / Startup Folder12 | Process Injection212 | Virtualization/Sandbox Evasion2 | LSA Secrets | System Information Discovery14 | SSH | Keylogging | Data Transfer Size Limits | Application Layer Protocol111 | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
Replication Through Removable Media | Launchd | Rc.common | Registry Run Keys / Startup Folder12 | Process Injection212 | Cached Domain Credentials | Query Registry1 | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
External Remote Services | Scheduled Task | Startup Items | Startup Items | Compile After Delivery | DCSync | Security Software Discovery13 | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact | |
Drive-by Compromise | Command and Scripting Interpreter | Scheduled Task/Job | Scheduled Task/Job | Indicator Removal from Tools | Proc Filesystem | Virtualization/Sandbox Evasion2 | Shared Webroot | Credential API Hooking | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Application Layer Protocol | Downgrade to Insecure Protocols | Generate Fraudulent Advertising Revenue | |
Exploit Public-Facing Application | PowerShell | At (Linux) | At (Linux) | Masquerading | /etc/passwd and /etc/shadow | Process Discovery1 | Software Deployment Tools | Data Staged | Exfiltration Over Asymmetric Encrypted Non-C2 Protocol | Web Protocols | Rogue Cellular Base Station | Data Destruction | |
Supply Chain Compromise | AppleScript | At (Windows) | At (Windows) | Invalid Code Signature | Network Sniffing | Application Window Discovery11 | Taint Shared Content | Local Data Staging | Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol | File Transfer Protocols | Data Encrypted for Impact | ||
Compromise Software Dependencies and Development Tools | Windows Command Shell | Cron | Cron | Right-to-Left Override | Input Capture | System Owner/User Discovery1 | Replication Through Removable Media | Remote Data Staging | Exfiltration Over Physical Medium | Mail Protocols | Service Stop | ||
Compromise Software Supply Chain | Unix Shell | Launchd | Launchd | Rename System Utilities | Keylogging | Remote System Discovery1 | Component Object Model and Distributed COM | Screen Capture | Exfiltration over USB | DNS | Inhibit System Recovery |
Behavior Graph |
---|
Screenshots |
---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira | TR/Dropper.Gen | ||
100% | Joe Sandbox ML |
Dropped Files |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira | TR/Dropper.Gen | ||
100% | Joe Sandbox ML | |||
48% | ReversingLabs | Win32.Backdoor.DarkComet |
Unpacked PE Files |
---|
Source | Detection | Scanner | Label | Link | Download |
---|---|---|---|---|---|
100% | Avira | TR/Dropper.Gen | Download File | ||
100% | Avira | TR/Dropper.Gen | Download File | ||
100% | Avira | TR/Dropper.Gen | Download File | ||
100% | Avira | TR/Dropper.Gen | Download File | ||
100% | Avira | TR/Dropper.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Dropper.Gen | Download File | ||
100% | Avira | TR/Dropper.Gen | Download File | ||
100% | Avira | BDS/Backdoor.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Dropper.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File |
Domains |
---|
No Antivirus matches |
---|
URLs |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Domains and IPs |
---|
Contacted Domains |
---|
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
martinboss.ddns.net | 79.134.225.30 | true | true | unknown |
URLs from Memory and Binaries |
---|
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown |
Contacted IPs |
---|
General Information |
---|
Joe Sandbox Version: | 31.0.0 Emerald |
Analysis ID: | 356448 |
Start date: | 23.02.2021 |
Start time: | 08:06:50 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 8m 29s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | Payment Confirmation.exe |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Number of analysed new started processes analysed: | 25 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal100.rans.troj.adwa.spyw.evad.winEXE@8/1@84/2 |
EGA Information: | Failed |
HDC Information: |
|
HCA Information: | Failed |
Cookbook Comments: |
|
Warnings: | Show All
|
Simulations |
---|
Behavior and APIs |
---|
Time | Type | Description |
---|---|---|
08:07:43 | API Interceptor | |
08:07:43 | Autostart |
Joe Sandbox View / Context |
---|
IPs |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
79.134.225.30 | Get hash | malicious | Browse | ||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse |
Domains |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
martinboss.ddns.net | Get hash | malicious | Browse |
|
ASN |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
FINK-TELECOM-SERVICESCH | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
JA3 Fingerprints |
---|
No context |
---|
Dropped Files |
---|
No context |
---|
Created / dropped Files |
---|
Process: | C:\Users\user\Desktop\Payment Confirmation.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 909312 |
Entropy (8bit): | 5.739183525709254 |
Encrypted: | false |
SSDEEP: | 12288:c1N7GYtRi6Hczy4QufM4zr9H7NH8rxRYAjjUIPg:c7wzyxuU4zZbNM1jUIPg |
MD5: | 800B9D7F3A47C5A18DA78CB6A54F90BE |
SHA1: | 67C825CA6D8F430FDFC4CBCA78C442600DB7CCF0 |
SHA-256: | E6EDF54375A14314AA44DB9FE8CDD48368338E7ED873F25BA2A6A5FF4381D233 |
SHA-512: | 3F36217FC2E0AFD41D16EA8E35628B00BD8E094194B892E551BA2B39FFFAF16E67ECE937ADE136FE03286FEF59718A76FC83081A7CB1DD2F8A7EFA811A992E87 |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
|
Static File Info |
---|
General | |
---|---|
File type: | |
Entropy (8bit): | 5.739183525709254 |
TrID: |
|
File name: | Payment Confirmation.exe |
File size: | 909312 |
MD5: | 800b9d7f3a47c5a18da78cb6a54f90be |
SHA1: | 67c825ca6d8f430fdfc4cbca78c442600db7ccf0 |
SHA256: | e6edf54375a14314aa44db9fe8cdd48368338e7ed873f25ba2a6a5ff4381d233 |
SHA512: | 3f36217fc2e0afd41d16ea8e35628b00bd8e094194b892e551ba2b39fffaf16e67ece937ade136fe03286fef59718a76fc83081a7cb1dd2f8a7efa811a992e87 |
SSDEEP: | 12288:c1N7GYtRi6Hczy4QufM4zr9H7NH8rxRYAjjUIPg:c7wzyxuU4zZbNM1jUIPg |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................z.......................Rich............................PE..L...Y.._.....................@......X,............@ |
File Icon |
---|
Icon Hash: | 20047c7c70f0e004 |
Static PE Info |
---|
General | |
---|---|
Entrypoint: | 0x402c58 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED |
DLL Characteristics: | |
Time Stamp: | 0x5FD9DF59 [Wed Dec 16 10:20:09 2020 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | d9b63245519b223a1f7026d72643602b |
Entrypoint Preview |
---|
Instruction |
---|
push 00406B94h |
call 00007F8D9C9835F5h |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
xor byte ptr [eax], al |
add byte ptr [eax], al |
cmp byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
js 00007F8D9C98362Eh |
aam 53h |
clc |
jp 00007F8D9C9835CEh |
dec esi |
mov ebx, 97158BF6h |
int1 |
not dword ptr [ebp+00h] |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [ecx], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [esi+41h], cl |
push ebx |
dec eax |
inc esi |
push esp |
push eax |
add byte ptr [eax], al |
add byte ptr [eax], al |
add bh, bh |
int3 |
xor dword ptr [eax], eax |
pop es |
fadd st(0), st(2) |
xor eax, 139DB88Eh |
inc edx |
test al, 0Eh |
inc edx |
or esp, ecx |
stosd |
enter BAC4h, F3h |
jl 00007F8D9C9835EAh |
sub byte ptr [ecx+47B444AEh], ah |
inc ecx |
jc 00007F8D9C9835C4h |
wait |
into |
cmp cl, byte ptr [edi-53h] |
xor ebx, dword ptr [ecx-48EE309Ah] |
or al, 00h |
stosb |
add byte ptr [eax-2Dh], ah |
xchg eax, ebx |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
pop ss |
cmp eax, 00720000h |
add byte ptr [eax], al |
add byte ptr [eax], cl |
add byte ptr [esi+72h], ah |
insd |
inc ecx |
bound ebp, dword ptr [edi+75h] |
je 00007F8D9C983602h |
or eax, 41001A01h |
bound ebp, dword ptr [edi+75h] |
je 00007F8D9C983622h |
dec esi |
inc ecx |
push ebx |
dec eax |
and byte ptr [esi+72h], al |
add byte ptr [eax], al |
Data Directories |
---|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x38844 | 0x28 | .text |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x3c000 | 0xa2ea8 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x238 | 0x20 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x1000 | 0x254 | .text |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Sections |
---|
Name | Virtual Address | Virtual Size | Raw Size | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x38254 | 0x39000 | False | 0.297581722862 | data | 5.76638922611 | IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ |
.data | 0x3a000 | 0x1ff0 | 0x1000 | False | 0.00634765625 | data | 0.0 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ |
.rsrc | 0x3c000 | 0xa2ea8 | 0xa3000 | False | 0.369846086561 | data | 5.12810599289 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
Resources |
---|
Name | RVA | Size | Type | Language | Country |
---|---|---|---|---|---|
BSDK | 0x3c1dc | 0xa24cc | data | ||
BSDK | 0xde6a8 | 0x29 | ASCII text, with CRLF line terminators | ||
RT_ICON | 0xde6d4 | 0x130 | data | ||
RT_ICON | 0xde804 | 0x2e8 | data | ||
RT_ICON | 0xdeaec | 0x128 | GLS_BINARY_LSB_FIRST | ||
RT_GROUP_ICON | 0xdec14 | 0x30 | data | ||
RT_VERSION | 0xdec44 | 0x264 | data | English | United States |
Imports |
---|
DLL | Import |
---|---|
MSVBVM60.DLL | __vbaVarSub, __vbaStrI2, _CIcos, _adj_fptan, __vbaVarMove, __vbaStrI4, __vbaAryMove, __vbaFreeVar, __vbaStrVarMove, __vbaLenBstr, __vbaLateIdCall, __vbaEnd, __vbaFreeVarList, _adj_fdiv_m64, __vbaPut4, __vbaRaiseEvent, __vbaNextEachVar, __vbaFreeObjList, _adj_fprem1, __vbaRecAnsiToUni, __vbaStrCat, __vbaLsetFixstr, __vbaRecDestruct, __vbaSetSystemError, __vbaHresultCheckObj, __vbaLenVar, _adj_fdiv_m32, __vbaAryVar, __vbaAryDestruct, __vbaVarForInit, __vbaExitProc, __vbaObjSet, __vbaOnError, _adj_fdiv_m16i, __vbaObjSetAddref, _adj_fdivr_m16i, __vbaStrFixstr, __vbaBoolVarNull, _CIsin, __vbaVarCmpGt, __vbaChkstk, __vbaFileClose, EVENT_SINK_AddRef, __vbaGenerateBoundsError, __vbaStrCmp, __vbaPutOwner3, __vbaAryConstruct2, __vbaVarTstEq, __vbaI2I4, __vbaObjVar, DllFunctionCall, __vbaVarLateMemSt, __vbaCastObjVar, __vbaRedimPreserve, _adj_fpatan, __vbaLateIdCallLd, __vbaRedim, __vbaRecUniToAnsi, EVENT_SINK_Release, __vbaUI1I2, _CIsqrt, __vbaObjIs, __vbaVarAnd, EVENT_SINK_QueryInterface, __vbaUI1I4, __vbaExceptHandler, __vbaStrToUnicode, _adj_fprem, _adj_fdivr_m64, __vbaFPException, __vbaInStrVar, __vbaUbound, __vbaGetOwner3, __vbaStrVarVal, __vbaVarCat, __vbaI2Var, _CIlog, __vbaErrorOverflow, __vbaFileOpen, __vbaR8Str, __vbaVar2Vec, __vbaNew2, __vbaInStr, _adj_fdiv_m32i, _adj_fdivr_m32i, __vbaStrCopy, __vbaFreeStrList, _adj_fdivr_m32, _adj_fdiv_r, __vbaVarSetVar, __vbaI4Var, __vbaVarCmpEq, __vbaAryLock, __vbaLateMemCall, __vbaVarAdd, __vbaVarDup, __vbaStrToAnsi, __vbaFpI4, __vbaVarCopy, __vbaVarLateMemCallLd, __vbaRecDestructAnsi, _CIatan, __vbaUI1Str, __vbaAryCopy, __vbaCastObj, __vbaStrMove, __vbaR8IntI4, __vbaForEachVar, _allmul, __vbaLateIdSt, _CItan, __vbaAryUnlock, __vbaVarForNext, _CIexp, __vbaFreeObj, __vbaFreeStr |
Version Infos |
---|
Description | Data |
---|---|
Translation | 0x0409 0x04b0 |
InternalName | 1 |
FileVersion | 1.00 |
CompanyName | TECHNOHUB TECHNOLOGIES |
Comments | NASH FTP VERSION 1.0.0 |
ProductName | NASH FREE FTP |
ProductVersion | 1.00 |
OriginalFilename | 1.exe |
Possible Origin |
---|
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | United States |
Network Behavior |
---|
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Feb 23, 2021 08:07:45.274120092 CET | 49722 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:45.351197004 CET | 508 | 49722 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:45.955323935 CET | 49722 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:46.032562971 CET | 508 | 49722 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:46.646625996 CET | 49722 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:46.725698948 CET | 508 | 49722 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:46.829035044 CET | 49725 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:46.908900023 CET | 508 | 49725 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:47.517852068 CET | 49725 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:47.600960016 CET | 508 | 49725 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:48.253881931 CET | 49725 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:48.333935022 CET | 508 | 49725 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:48.493331909 CET | 49726 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:48.572839022 CET | 508 | 49726 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:49.127384901 CET | 49726 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:49.204401016 CET | 508 | 49726 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:49.830650091 CET | 49726 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:49.907689095 CET | 508 | 49726 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:50.043519974 CET | 49728 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:50.120651960 CET | 508 | 49728 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:50.644663095 CET | 49728 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:50.722227097 CET | 508 | 49728 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:51.252656937 CET | 49728 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:51.329705954 CET | 508 | 49728 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:51.433896065 CET | 49730 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:51.511483908 CET | 508 | 49730 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:52.018292904 CET | 49730 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:52.095400095 CET | 508 | 49730 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:52.627715111 CET | 49730 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:52.704982996 CET | 508 | 49730 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:52.840053082 CET | 49731 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:52.922589064 CET | 508 | 49731 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:53.424676895 CET | 49731 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:53.504687071 CET | 508 | 49731 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:54.018486977 CET | 49731 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:54.098535061 CET | 508 | 49731 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:54.207840919 CET | 49732 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:54.285154104 CET | 508 | 49732 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:54.799772978 CET | 49732 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:54.878434896 CET | 508 | 49732 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:55.396162033 CET | 49732 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:55.474953890 CET | 508 | 49732 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:55.574055910 CET | 49733 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:55.655462027 CET | 508 | 49733 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:56.159270048 CET | 49733 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:56.239308119 CET | 508 | 49733 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:56.878067970 CET | 49733 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:56.958292007 CET | 508 | 49733 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:57.140614986 CET | 49734 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:57.217694044 CET | 508 | 49734 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:57.878218889 CET | 49734 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:57.955197096 CET | 508 | 49734 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:58.487585068 CET | 49734 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:58.566756964 CET | 508 | 49734 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:58.668698072 CET | 49735 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:58.745752096 CET | 508 | 49735 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:59.378397942 CET | 49735 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:07:59.455717087 CET | 508 | 49735 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:07:59.956434965 CET | 49735 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:00.034888029 CET | 508 | 49735 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:00.121334076 CET | 49736 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:00.200638056 CET | 508 | 49736 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:00.711935043 CET | 49736 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:00.789062977 CET | 508 | 49736 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:01.301961899 CET | 49736 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:01.379132032 CET | 508 | 49736 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:01.481987953 CET | 49737 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:01.562107086 CET | 508 | 49737 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:02.066109896 CET | 49737 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:02.146181107 CET | 508 | 49737 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:02.659811974 CET | 49737 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:02.742487907 CET | 508 | 49737 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:02.826824903 CET | 49738 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:02.903831005 CET | 508 | 49738 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:03.409893990 CET | 49738 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:03.487040997 CET | 508 | 49738 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:03.988044024 CET | 49738 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:04.073004007 CET | 508 | 49738 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:04.153270006 CET | 49739 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:04.235135078 CET | 508 | 49739 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:04.738221884 CET | 49739 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:04.820008993 CET | 508 | 49739 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:05.332009077 CET | 49739 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:05.413285971 CET | 508 | 49739 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:05.500704050 CET | 49740 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:05.582556009 CET | 508 | 49740 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:06.097687960 CET | 49740 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:06.178369045 CET | 508 | 49740 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:06.691385031 CET | 49740 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:06.771500111 CET | 508 | 49740 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:06.859509945 CET | 49741 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:06.936503887 CET | 508 | 49741 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:07.441503048 CET | 49741 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:07.521667004 CET | 508 | 49741 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:08.035310030 CET | 49741 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:08.112411022 CET | 508 | 49741 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:08.203289986 CET | 49742 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:08.281152010 CET | 508 | 49742 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:08.785429001 CET | 49742 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:08.862402916 CET | 508 | 49742 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:09.363457918 CET | 49742 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:09.443592072 CET | 508 | 49742 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:09.531965971 CET | 49745 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:09.609060049 CET | 508 | 49745 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:10.113583088 CET | 49745 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:10.192940950 CET | 508 | 49745 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:10.707427979 CET | 49745 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:10.786756992 CET | 508 | 49745 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:10.989372969 CET | 49746 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:11.071832895 CET | 508 | 49746 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:11.582463980 CET | 49746 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:11.662383080 CET | 508 | 49746 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:12.176215887 CET | 49746 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:12.257694006 CET | 508 | 49746 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:12.412966967 CET | 49747 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:12.490155935 CET | 508 | 49747 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:13.004734039 CET | 49747 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:13.081825972 CET | 508 | 49747 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:13.587300062 CET | 49747 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:13.664367914 CET | 508 | 49747 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:14.190176964 CET | 49748 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:14.268868923 CET | 508 | 49748 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:14.910872936 CET | 49748 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:14.987950087 CET | 508 | 49748 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:15.614006042 CET | 49748 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:15.691080093 CET | 508 | 49748 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:15.781155109 CET | 49749 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:15.858274937 CET | 508 | 49749 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:16.410922050 CET | 49749 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:16.487921000 CET | 508 | 49749 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:17.114204884 CET | 49749 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:17.192873955 CET | 508 | 49749 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:17.317912102 CET | 49750 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:17.397819042 CET | 508 | 49750 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:17.911118031 CET | 49750 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:17.995850086 CET | 508 | 49750 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:18.504888058 CET | 49750 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:18.584727049 CET | 508 | 49750 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:18.696980000 CET | 49751 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:18.776240110 CET | 508 | 49751 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:19.286283016 CET | 49751 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:19.363540888 CET | 508 | 49751 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:19.864459038 CET | 49751 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:19.941647053 CET | 508 | 49751 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:20.022129059 CET | 49752 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:20.099100113 CET | 508 | 49752 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:20.614439964 CET | 49752 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:20.692812920 CET | 508 | 49752 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:21.208249092 CET | 49752 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:21.285228968 CET | 508 | 49752 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:21.414438963 CET | 49753 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:21.492515087 CET | 508 | 49753 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:22.005217075 CET | 49753 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:22.082256079 CET | 508 | 49753 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:22.599054098 CET | 49753 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:22.677364111 CET | 508 | 49753 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:22.770724058 CET | 49754 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:22.847870111 CET | 508 | 49754 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:23.349140882 CET | 49754 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:23.426162004 CET | 508 | 49754 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:23.927270889 CET | 49754 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:24.004328012 CET | 508 | 49754 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:24.119077921 CET | 49755 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:24.196026087 CET | 508 | 49755 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:24.708488941 CET | 49755 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:24.785478115 CET | 508 | 49755 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:25.286710024 CET | 49755 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:25.364916086 CET | 508 | 49755 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:25.464919090 CET | 49756 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:25.541893005 CET | 508 | 49756 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:26.052419901 CET | 49756 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:26.129347086 CET | 508 | 49756 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:26.630565882 CET | 49756 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:26.707592964 CET | 508 | 49756 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:26.782711983 CET | 49757 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:26.859755993 CET | 508 | 49757 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:27.443144083 CET | 49757 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:27.520759106 CET | 508 | 49757 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:28.099062920 CET | 49757 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:28.177254915 CET | 508 | 49757 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:28.299675941 CET | 49762 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:28.376641035 CET | 508 | 49762 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:29.021400928 CET | 49762 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:29.098634005 CET | 508 | 49762 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:29.630798101 CET | 49762 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:29.708208084 CET | 508 | 49762 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:29.818013906 CET | 49766 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:29.897442102 CET | 508 | 49766 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:30.443370104 CET | 49766 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:30.520235062 CET | 508 | 49766 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:31.146536112 CET | 49766 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:31.226686954 CET | 508 | 49766 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:31.372144938 CET | 49770 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:31.449217081 CET | 508 | 49770 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:32.076795101 CET | 49770 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:32.153805017 CET | 508 | 49770 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:32.834237099 CET | 49770 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:32.912776947 CET | 508 | 49770 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:33.547681093 CET | 49772 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:33.627549887 CET | 508 | 49772 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:34.146801949 CET | 49772 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:34.226646900 CET | 508 | 49772 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:34.834410906 CET | 49772 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:34.914318085 CET | 508 | 49772 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:35.002758980 CET | 49774 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:35.081810951 CET | 508 | 49774 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:35.631350040 CET | 49774 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:35.709877014 CET | 508 | 49774 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:36.334511042 CET | 49774 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:36.411623001 CET | 508 | 49774 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:36.571856022 CET | 49776 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:36.650401115 CET | 508 | 49776 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:37.334578991 CET | 49776 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:37.413011074 CET | 508 | 49776 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:37.944096088 CET | 49776 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:38.023912907 CET | 508 | 49776 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:38.096724033 CET | 49777 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:38.176626921 CET | 508 | 49777 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:38.834707022 CET | 49777 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:38.917145014 CET | 508 | 49777 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:39.497180939 CET | 49777 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:39.578044891 CET | 508 | 49777 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:39.688698053 CET | 49783 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:39.766776085 CET | 508 | 49783 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:40.335742950 CET | 49783 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:40.413183928 CET | 508 | 49783 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:40.945620060 CET | 49783 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:41.022679090 CET | 508 | 49783 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:41.123258114 CET | 49784 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:41.200233936 CET | 508 | 49784 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:41.834920883 CET | 49784 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:41.911978006 CET | 508 | 49784 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:42.522550106 CET | 49784 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:42.599740028 CET | 508 | 49784 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:42.762316942 CET | 49785 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:42.839783907 CET | 508 | 49785 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:43.523128986 CET | 49785 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:43.600195885 CET | 508 | 49785 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:44.132044077 CET | 49785 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:44.211049080 CET | 508 | 49785 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:44.329405069 CET | 49786 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:44.406589031 CET | 508 | 49786 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:44.913357973 CET | 49786 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:44.990377903 CET | 508 | 49786 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:45.491538048 CET | 49786 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:45.569487095 CET | 508 | 49786 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:45.742553949 CET | 49787 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:45.819724083 CET | 508 | 49787 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:46.319720030 CET | 49787 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:46.396723032 CET | 508 | 49787 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:46.897897005 CET | 49787 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:46.980058908 CET | 508 | 49787 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:47.089741945 CET | 49788 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:47.171617031 CET | 508 | 49788 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:47.679533005 CET | 49788 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:47.759785891 CET | 508 | 49788 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:48.272973061 CET | 49788 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:48.352727890 CET | 508 | 49788 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:48.473064899 CET | 49789 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:48.551294088 CET | 508 | 49789 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:49.054301977 CET | 49789 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:49.131284952 CET | 508 | 49789 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:49.632572889 CET | 49789 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:49.709721088 CET | 508 | 49789 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:49.830108881 CET | 49790 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:49.910109997 CET | 508 | 49790 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:50.414009094 CET | 49790 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:50.493889093 CET | 508 | 49790 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:51.007627964 CET | 49790 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:51.087610960 CET | 508 | 49790 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:51.201401949 CET | 49791 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:51.278328896 CET | 508 | 49791 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:51.788923979 CET | 49791 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:51.865767002 CET | 508 | 49791 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:52.368186951 CET | 49791 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:52.446903944 CET | 508 | 49791 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:52.559719086 CET | 49792 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:52.639678001 CET | 508 | 49792 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:53.148535013 CET | 49792 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:53.230510950 CET | 508 | 49792 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:53.742394924 CET | 49792 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:53.822963953 CET | 508 | 49792 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:53.931027889 CET | 49793 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:54.008235931 CET | 508 | 49793 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:54.523530006 CET | 49793 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:54.600477934 CET | 508 | 49793 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:55.101699114 CET | 49793 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:55.178730965 CET | 508 | 49793 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:55.288188934 CET | 49794 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:55.365223885 CET | 508 | 49794 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:55.867696047 CET | 49794 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:55.944942951 CET | 508 | 49794 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:56.445656061 CET | 49794 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:56.527854919 CET | 508 | 49794 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:56.656234026 CET | 49795 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:56.736983061 CET | 508 | 49795 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:57.242551088 CET | 49795 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:57.319730043 CET | 508 | 49795 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:57.820643902 CET | 49795 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:57.898017883 CET | 508 | 49795 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:57.996618986 CET | 49796 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:58.074079037 CET | 508 | 49796 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:58.586429119 CET | 49796 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:58.663467884 CET | 508 | 49796 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:59.164582968 CET | 49796 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:59.242866039 CET | 508 | 49796 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:59.349824905 CET | 49797 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:08:59.426889896 CET | 508 | 49797 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:08:59.930274010 CET | 49797 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:00.007462978 CET | 508 | 49797 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:00.508394957 CET | 49797 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:00.588992119 CET | 508 | 49797 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:00.700676918 CET | 49798 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:00.777810097 CET | 508 | 49798 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:01.289700985 CET | 49798 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:01.367105961 CET | 508 | 49798 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:01.867969036 CET | 49798 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:01.947508097 CET | 508 | 49798 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:02.061944008 CET | 49799 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:02.142077923 CET | 508 | 49799 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:02.649312019 CET | 49799 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:02.726351023 CET | 508 | 49799 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:03.227495909 CET | 49799 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:03.306479931 CET | 508 | 49799 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:03.422394991 CET | 49800 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:03.501173019 CET | 508 | 49800 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:04.008672953 CET | 49800 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:04.085720062 CET | 508 | 49800 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:04.586931944 CET | 49800 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:04.665299892 CET | 508 | 49800 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:04.772349119 CET | 49801 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:04.849349976 CET | 508 | 49801 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:05.352627039 CET | 49801 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:05.429714918 CET | 508 | 49801 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:05.930795908 CET | 49801 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:06.010272026 CET | 508 | 49801 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:06.108964920 CET | 49802 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:06.190207958 CET | 508 | 49802 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:06.696449995 CET | 49802 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:06.777658939 CET | 508 | 49802 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:07.290261030 CET | 49802 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:07.371769905 CET | 508 | 49802 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:07.493926048 CET | 49803 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:07.573946953 CET | 508 | 49803 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:08.087276936 CET | 49803 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:14.087816000 CET | 49803 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:14.167768002 CET | 508 | 49803 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:14.277708054 CET | 49807 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:14.357623100 CET | 508 | 49807 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:14.868940115 CET | 49807 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:14.948877096 CET | 508 | 49807 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:15.462752104 CET | 49807 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:15.544230938 CET | 508 | 49807 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:15.647962093 CET | 49808 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:15.726901054 CET | 508 | 49808 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:16.228787899 CET | 49808 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:16.305753946 CET | 508 | 49808 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:16.806647062 CET | 49808 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:16.885562897 CET | 508 | 49808 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:17.061016083 CET | 49809 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:17.142483950 CET | 508 | 49809 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:17.650445938 CET | 49809 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:17.733282089 CET | 508 | 49809 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:18.244282007 CET | 49809 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:18.324146986 CET | 508 | 49809 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:18.423697948 CET | 49811 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:18.503735065 CET | 508 | 49811 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:19.009929895 CET | 49811 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:19.092279911 CET | 508 | 49811 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:19.603750944 CET | 49811 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:19.686216116 CET | 508 | 49811 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:19.909529924 CET | 49812 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:19.986639977 CET | 508 | 49812 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:20.494523048 CET | 49812 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:20.572433949 CET | 508 | 49812 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:21.072721958 CET | 49812 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:21.149868011 CET | 508 | 49812 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:21.271348000 CET | 49813 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:21.351326942 CET | 508 | 49813 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:21.853931904 CET | 49813 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:21.933793068 CET | 508 | 49813 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:22.437118053 CET | 49813 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:22.516963959 CET | 508 | 49813 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:22.675734997 CET | 49814 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:22.755568981 CET | 508 | 49814 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:23.275631905 CET | 49814 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:23.356395960 CET | 508 | 49814 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:23.875538111 CET | 49814 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:23.955610991 CET | 508 | 49814 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:24.093245029 CET | 49815 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:24.170104980 CET | 508 | 49815 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:24.685578108 CET | 49815 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:24.765957117 CET | 508 | 49815 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:25.285676956 CET | 49815 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:25.364150047 CET | 508 | 49815 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:25.454278946 CET | 49816 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:25.531640053 CET | 508 | 49816 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:26.045768023 CET | 49816 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:26.122694969 CET | 508 | 49816 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:26.631836891 CET | 49816 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:26.710129976 CET | 508 | 49816 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:26.811881065 CET | 49817 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:26.890177011 CET | 508 | 49817 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:27.403458118 CET | 49817 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:27.480460882 CET | 508 | 49817 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:27.989614964 CET | 49817 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:28.066659927 CET | 508 | 49817 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:28.207887888 CET | 49818 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:28.287650108 CET | 508 | 49818 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:28.792376041 CET | 49818 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:28.869350910 CET | 508 | 49818 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:29.383728981 CET | 49818 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:29.460793972 CET | 508 | 49818 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:29.564323902 CET | 49819 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:29.641544104 CET | 508 | 49819 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:30.149415970 CET | 49819 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:30.228147984 CET | 508 | 49819 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:30.743083000 CET | 49819 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:30.820676088 CET | 508 | 49819 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:30.918595076 CET | 49820 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:30.995506048 CET | 508 | 49820 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:31.508738041 CET | 49820 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:31.585546017 CET | 508 | 49820 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:32.087064028 CET | 49820 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:32.164006948 CET | 508 | 49820 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:32.257910013 CET | 49821 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:32.337867975 CET | 508 | 49821 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:32.852684975 CET | 49821 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:32.934971094 CET | 508 | 49821 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:33.446527004 CET | 49821 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:33.528079987 CET | 508 | 49821 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:33.625092030 CET | 49822 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:33.703769922 CET | 508 | 49822 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:34.212127924 CET | 49822 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:34.289165974 CET | 508 | 49822 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:34.790271044 CET | 49822 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:34.867388964 CET | 508 | 49822 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:34.987551928 CET | 49823 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:35.067296982 CET | 508 | 49823 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:35.571631908 CET | 49823 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:35.650314093 CET | 508 | 49823 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:36.165431976 CET | 49823 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:36.244755030 CET | 508 | 49823 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:36.403419018 CET | 49824 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:36.485196114 CET | 508 | 49824 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:36.993571043 CET | 49824 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:37.073369980 CET | 508 | 49824 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:37.587408066 CET | 49824 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:37.668190002 CET | 508 | 49824 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:37.760994911 CET | 49825 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:37.837980032 CET | 508 | 49825 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:38.337518930 CET | 49825 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:38.416527987 CET | 508 | 49825 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:38.931351900 CET | 49825 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:39.008454084 CET | 508 | 49825 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:39.125267029 CET | 49826 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:39.204468966 CET | 508 | 49826 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:39.712639093 CET | 49826 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:39.790977001 CET | 508 | 49826 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:40.290724039 CET | 49826 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:40.367810011 CET | 508 | 49826 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:40.465307951 CET | 49827 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:40.542538881 CET | 508 | 49827 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:41.056555986 CET | 49827 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:41.135416985 CET | 508 | 49827 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:41.650317907 CET | 49827 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:41.727329969 CET | 508 | 49827 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:41.820857048 CET | 49828 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:41.901108980 CET | 508 | 49828 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:42.415956020 CET | 49828 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:42.498136044 CET | 508 | 49828 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:43.009685040 CET | 49828 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:43.090732098 CET | 508 | 49828 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:43.195502043 CET | 49829 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:43.275455952 CET | 508 | 49829 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:43.775403976 CET | 49829 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:43.856786966 CET | 508 | 49829 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:44.369229078 CET | 49829 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:44.450671911 CET | 508 | 49829 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:44.512371063 CET | 49830 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:44.589785099 CET | 508 | 49830 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:45.103656054 CET | 49830 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:45.182770967 CET | 508 | 49830 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:45.697706938 CET | 49830 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:45.774882078 CET | 508 | 49830 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:45.827044010 CET | 49831 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:45.907706976 CET | 508 | 49831 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:46.416229010 CET | 49831 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:46.497078896 CET | 508 | 49831 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:47.010019064 CET | 49831 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:47.091133118 CET | 508 | 49831 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:47.149887085 CET | 49832 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:47.226855040 CET | 508 | 49832 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:47.731481075 CET | 49832 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:47.811305046 CET | 508 | 49832 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:48.322654009 CET | 49832 | 508 | 192.168.2.6 | 79.134.225.30 |
Feb 23, 2021 08:09:48.401463032 CET | 508 | 49832 | 79.134.225.30 | 192.168.2.6 |
Feb 23, 2021 08:09:48.463124037 CET | 49833 | 508 | 192.168.2.6 | 79.134.225.30 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Feb 23, 2021 08:07:31.546785116 CET | 55074 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:31.546822071 CET | 53 | 49283 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:31.569567919 CET | 53 | 58377 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:31.595554113 CET | 53 | 55074 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:32.532334089 CET | 54513 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:32.581161022 CET | 53 | 54513 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:33.356961012 CET | 62044 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:33.406233072 CET | 53 | 62044 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:34.305083036 CET | 63791 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:34.356946945 CET | 53 | 63791 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:34.987416029 CET | 64267 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:35.047049046 CET | 53 | 64267 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:35.247118950 CET | 49448 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:35.299757004 CET | 53 | 49448 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:36.451236010 CET | 60342 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:36.514520884 CET | 53 | 60342 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:37.377928019 CET | 61346 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:37.430246115 CET | 53 | 61346 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:38.374042988 CET | 51774 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:38.422550917 CET | 53 | 51774 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:39.172760010 CET | 56023 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:39.221329927 CET | 53 | 56023 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:39.998399973 CET | 58384 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:40.052440882 CET | 53 | 58384 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:41.539827108 CET | 60261 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:41.591310978 CET | 53 | 60261 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:42.617219925 CET | 56061 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:42.674478054 CET | 53 | 56061 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:43.793068886 CET | 58336 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:43.844515085 CET | 53 | 58336 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:44.619919062 CET | 53781 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:44.669038057 CET | 53 | 53781 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:45.206157923 CET | 54064 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:45.266907930 CET | 53 | 54064 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:45.539908886 CET | 52811 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:45.597114086 CET | 53 | 52811 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:46.536823034 CET | 55299 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:46.589545965 CET | 53 | 55299 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:46.766422033 CET | 63745 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:46.827474117 CET | 53 | 63745 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:48.432107925 CET | 50055 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:48.491969109 CET | 53 | 50055 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:49.686492920 CET | 61374 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:49.738003969 CET | 53 | 61374 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:49.969152927 CET | 50339 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:50.028769016 CET | 53 | 50339 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:50.607882023 CET | 63307 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:50.656481981 CET | 53 | 63307 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:51.367156982 CET | 49694 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:51.431777954 CET | 53 | 49694 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:52.781282902 CET | 54982 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:52.838727951 CET | 53 | 54982 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:54.145982027 CET | 50010 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:54.205889940 CET | 53 | 50010 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:55.510709047 CET | 63718 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:55.571289062 CET | 53 | 63718 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:57.053105116 CET | 62116 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:57.111020088 CET | 53 | 62116 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:07:58.610317945 CET | 63816 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:07:58.667474031 CET | 53 | 63816 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:00.063472986 CET | 55014 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:00.120590925 CET | 53 | 55014 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:01.420938015 CET | 62208 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:01.480880976 CET | 53 | 62208 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:02.774080038 CET | 57574 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:02.825578928 CET | 53 | 57574 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:04.102524996 CET | 51818 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:04.152319908 CET | 53 | 51818 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:05.439734936 CET | 56628 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:05.499820948 CET | 53 | 56628 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:06.808162928 CET | 60778 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:06.858426094 CET | 53 | 60778 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:08.144113064 CET | 53799 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:08.202327967 CET | 53 | 53799 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:08.285270929 CET | 54683 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:08.336926937 CET | 53 | 54683 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:09.473737955 CET | 59329 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:09.530750990 CET | 53 | 59329 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:10.930634975 CET | 64021 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:10.987613916 CET | 53 | 64021 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:12.319010019 CET | 56129 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:12.376049042 CET | 53 | 56129 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:14.125897884 CET | 58177 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:14.188676119 CET | 53 | 58177 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:15.721072912 CET | 50700 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:15.780385971 CET | 53 | 50700 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:17.264655113 CET | 54069 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:17.316565990 CET | 53 | 54069 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:18.647496939 CET | 61178 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:18.696165085 CET | 53 | 61178 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:19.964416027 CET | 57017 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:20.020870924 CET | 53 | 57017 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:21.351953030 CET | 56327 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:21.412421942 CET | 53 | 56327 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:22.707381964 CET | 50243 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:22.767571926 CET | 53 | 50243 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:24.057987928 CET | 62055 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:24.118077993 CET | 53 | 62055 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:25.395737886 CET | 61249 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:25.454222918 CET | 53 | 61249 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:26.731435061 CET | 65252 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:26.781805992 CET | 53 | 65252 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:26.800857067 CET | 64367 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:26.863466024 CET | 53 | 64367 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:27.491439104 CET | 55066 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:27.581167936 CET | 53 | 55066 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:27.945303917 CET | 60211 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:27.995989084 CET | 53 | 60211 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:28.170456886 CET | 56570 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:28.233465910 CET | 53 | 56570 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:28.241755009 CET | 58454 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:28.298862934 CET | 53 | 58454 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:28.806243896 CET | 55180 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:28.863424063 CET | 53 | 55180 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:29.268851042 CET | 58721 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:29.358316898 CET | 53 | 58721 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:29.447592974 CET | 57691 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:29.521596909 CET | 53 | 57691 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:29.757359028 CET | 52943 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:29.803540945 CET | 59489 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:29.816936970 CET | 53 | 52943 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:29.865108013 CET | 53 | 59489 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:30.362148046 CET | 64022 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:30.420394897 CET | 53 | 64022 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:31.150052071 CET | 60023 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:31.200783014 CET | 53 | 60023 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:31.305212975 CET | 57193 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:31.365034103 CET | 53 | 57193 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:32.359426022 CET | 50248 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:32.410923958 CET | 53 | 50248 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:33.486183882 CET | 64413 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:33.546222925 CET | 53 | 64413 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:34.813810110 CET | 60429 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:34.865504026 CET | 53 | 60429 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:34.949865103 CET | 60345 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:35.001399040 CET | 53 | 60345 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:35.441658974 CET | 58730 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:35.500091076 CET | 53 | 58730 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:36.518665075 CET | 53830 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:36.570158005 CET | 53 | 53830 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:38.047070026 CET | 57226 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:38.095921993 CET | 53 | 57226 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:38.622483969 CET | 57880 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:38.680929899 CET | 53 | 57880 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:39.627697945 CET | 60850 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:39.687787056 CET | 53 | 60850 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:41.073613882 CET | 53187 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:41.122194052 CET | 53 | 53187 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:42.702431917 CET | 55830 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:42.761286020 CET | 53 | 55830 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:44.271133900 CET | 55145 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:44.328437090 CET | 53 | 55145 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:45.681833029 CET | 64091 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:45.741550922 CET | 53 | 64091 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:47.037139893 CET | 55728 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:47.088871002 CET | 53 | 55728 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:48.411649942 CET | 55694 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:48.471918106 CET | 53 | 55694 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:49.770519972 CET | 53926 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:49.829307079 CET | 53 | 53926 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:51.140413046 CET | 65531 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:51.200211048 CET | 53 | 65531 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:52.501919985 CET | 65437 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:52.559010029 CET | 53 | 65437 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:53.880294085 CET | 54590 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:53.929353952 CET | 53 | 54590 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:55.225248098 CET | 51318 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:55.287211895 CET | 53 | 51318 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:56.594271898 CET | 60888 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:56.655138016 CET | 53 | 60888 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:57.936106920 CET | 58474 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:57.995523930 CET | 53 | 58474 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:08:59.288147926 CET | 64575 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:08:59.348825932 CET | 53 | 64575 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:00.650860071 CET | 59092 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:00.699660063 CET | 53 | 59092 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:01.998353958 CET | 57483 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:02.060837984 CET | 53 | 57483 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:03.361493111 CET | 53830 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:03.421380997 CET | 53 | 53830 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:04.711440086 CET | 49809 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:04.770749092 CET | 53 | 49809 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:06.059376955 CET | 52814 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:06.107952118 CET | 53 | 52814 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:07.439800024 CET | 51069 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:07.491424084 CET | 53 | 51069 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:11.888250113 CET | 56526 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:11.949131966 CET | 53 | 56526 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:14.215146065 CET | 50512 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:14.274820089 CET | 53 | 50512 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:15.589412928 CET | 51679 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:15.646821022 CET | 53 | 51679 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:16.988843918 CET | 56071 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:17.040496111 CET | 53 | 56071 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:17.342309952 CET | 58950 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:17.393151045 CET | 53 | 58950 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:18.359960079 CET | 57035 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:18.422797918 CET | 53 | 57035 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:19.847336054 CET | 54122 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:19.907733917 CET | 53 | 54122 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:21.211339951 CET | 56759 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:21.270256996 CET | 53 | 56759 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:22.623347044 CET | 59220 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:22.674866915 CET | 53 | 59220 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:24.028367043 CET | 62211 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:24.088788033 CET | 53 | 62211 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:25.404438972 CET | 62033 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:25.453197002 CET | 53 | 62033 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:26.753979921 CET | 61244 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:26.810834885 CET | 53 | 61244 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:28.154974937 CET | 53696 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:28.206527948 CET | 53 | 53696 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:29.502564907 CET | 50733 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:29.562889099 CET | 53 | 50733 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:30.856758118 CET | 55770 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:30.915587902 CET | 53 | 55770 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:32.198609114 CET | 54525 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:32.256922007 CET | 53 | 54525 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:33.567120075 CET | 61760 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:33.624037027 CET | 53 | 61760 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:34.927153111 CET | 63822 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:34.986808062 CET | 53 | 63822 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:36.342387915 CET | 50957 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:36.401557922 CET | 53 | 50957 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:37.706017017 CET | 59666 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:37.760108948 CET | 53 | 59666 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:39.064377069 CET | 52223 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:39.123634100 CET | 53 | 52223 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:40.407258034 CET | 60136 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:40.464591026 CET | 53 | 60136 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:41.762677908 CET | 55649 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:41.819736004 CET | 53 | 55649 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:43.145524979 CET | 51524 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:43.194669008 CET | 53 | 51524 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:44.451947927 CET | 59141 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:44.511965990 CET | 53 | 59141 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:45.776679039 CET | 49682 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:45.826669931 CET | 53 | 49682 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:47.092387915 CET | 49709 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:47.149457932 CET | 53 | 49709 | 8.8.8.8 | 192.168.2.6 |
Feb 23, 2021 08:09:48.404412031 CET | 59384 | 53 | 192.168.2.6 | 8.8.8.8 |
Feb 23, 2021 08:09:48.462491989 CET | 53 | 59384 | 8.8.8.8 | 192.168.2.6 |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Feb 23, 2021 08:07:45.206157923 CET | 192.168.2.6 | 8.8.8.8 | 0xd9b2 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:07:46.766422033 CET | 192.168.2.6 | 8.8.8.8 | 0x4cfc | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:07:48.432107925 CET | 192.168.2.6 | 8.8.8.8 | 0x7b0b | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:07:49.969152927 CET | 192.168.2.6 | 8.8.8.8 | 0x2dc4 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:07:51.367156982 CET | 192.168.2.6 | 8.8.8.8 | 0x4881 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:07:52.781282902 CET | 192.168.2.6 | 8.8.8.8 | 0x1d0e | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:07:54.145982027 CET | 192.168.2.6 | 8.8.8.8 | 0x44f3 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:07:55.510709047 CET | 192.168.2.6 | 8.8.8.8 | 0x5e4c | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:07:57.053105116 CET | 192.168.2.6 | 8.8.8.8 | 0xb8bd | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:07:58.610317945 CET | 192.168.2.6 | 8.8.8.8 | 0xda71 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:00.063472986 CET | 192.168.2.6 | 8.8.8.8 | 0x1e15 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:01.420938015 CET | 192.168.2.6 | 8.8.8.8 | 0x6514 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:02.774080038 CET | 192.168.2.6 | 8.8.8.8 | 0x7f53 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:04.102524996 CET | 192.168.2.6 | 8.8.8.8 | 0xa722 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:05.439734936 CET | 192.168.2.6 | 8.8.8.8 | 0x3ff4 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:06.808162928 CET | 192.168.2.6 | 8.8.8.8 | 0x30ca | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:08.144113064 CET | 192.168.2.6 | 8.8.8.8 | 0x337b | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:09.473737955 CET | 192.168.2.6 | 8.8.8.8 | 0x982e | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:10.930634975 CET | 192.168.2.6 | 8.8.8.8 | 0xc475 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:12.319010019 CET | 192.168.2.6 | 8.8.8.8 | 0xcbf7 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:14.125897884 CET | 192.168.2.6 | 8.8.8.8 | 0xe579 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:15.721072912 CET | 192.168.2.6 | 8.8.8.8 | 0x4ad8 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:17.264655113 CET | 192.168.2.6 | 8.8.8.8 | 0xdd90 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:18.647496939 CET | 192.168.2.6 | 8.8.8.8 | 0x9949 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:19.964416027 CET | 192.168.2.6 | 8.8.8.8 | 0x4fb6 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:21.351953030 CET | 192.168.2.6 | 8.8.8.8 | 0xe93 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:22.707381964 CET | 192.168.2.6 | 8.8.8.8 | 0x419a | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:24.057987928 CET | 192.168.2.6 | 8.8.8.8 | 0xdb1a | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:25.395737886 CET | 192.168.2.6 | 8.8.8.8 | 0xe2f3 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:26.731435061 CET | 192.168.2.6 | 8.8.8.8 | 0x578e | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:28.241755009 CET | 192.168.2.6 | 8.8.8.8 | 0x9933 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:29.757359028 CET | 192.168.2.6 | 8.8.8.8 | 0xb6c4 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:31.305212975 CET | 192.168.2.6 | 8.8.8.8 | 0xb961 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:33.486183882 CET | 192.168.2.6 | 8.8.8.8 | 0x49df | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:34.949865103 CET | 192.168.2.6 | 8.8.8.8 | 0xf99a | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:36.518665075 CET | 192.168.2.6 | 8.8.8.8 | 0x6d0b | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:38.047070026 CET | 192.168.2.6 | 8.8.8.8 | 0x6c72 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:39.627697945 CET | 192.168.2.6 | 8.8.8.8 | 0x2355 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:41.073613882 CET | 192.168.2.6 | 8.8.8.8 | 0xfb39 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:42.702431917 CET | 192.168.2.6 | 8.8.8.8 | 0xf8e6 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:44.271133900 CET | 192.168.2.6 | 8.8.8.8 | 0x4b22 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:45.681833029 CET | 192.168.2.6 | 8.8.8.8 | 0xf653 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:47.037139893 CET | 192.168.2.6 | 8.8.8.8 | 0xc499 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:48.411649942 CET | 192.168.2.6 | 8.8.8.8 | 0x70af | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:49.770519972 CET | 192.168.2.6 | 8.8.8.8 | 0x5a34 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:51.140413046 CET | 192.168.2.6 | 8.8.8.8 | 0xb366 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:52.501919985 CET | 192.168.2.6 | 8.8.8.8 | 0x81af | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:53.880294085 CET | 192.168.2.6 | 8.8.8.8 | 0x712b | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:55.225248098 CET | 192.168.2.6 | 8.8.8.8 | 0x38c9 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:56.594271898 CET | 192.168.2.6 | 8.8.8.8 | 0x622d | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:57.936106920 CET | 192.168.2.6 | 8.8.8.8 | 0xb17e | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:08:59.288147926 CET | 192.168.2.6 | 8.8.8.8 | 0x3e14 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:00.650860071 CET | 192.168.2.6 | 8.8.8.8 | 0x6718 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:01.998353958 CET | 192.168.2.6 | 8.8.8.8 | 0x967b | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:03.361493111 CET | 192.168.2.6 | 8.8.8.8 | 0xc85c | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:04.711440086 CET | 192.168.2.6 | 8.8.8.8 | 0xbc83 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:06.059376955 CET | 192.168.2.6 | 8.8.8.8 | 0xa3bf | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:07.439800024 CET | 192.168.2.6 | 8.8.8.8 | 0xf7c8 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:14.215146065 CET | 192.168.2.6 | 8.8.8.8 | 0xd9b8 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:15.589412928 CET | 192.168.2.6 | 8.8.8.8 | 0x1a8d | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:16.988843918 CET | 192.168.2.6 | 8.8.8.8 | 0x92d1 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:18.359960079 CET | 192.168.2.6 | 8.8.8.8 | 0xeef5 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:19.847336054 CET | 192.168.2.6 | 8.8.8.8 | 0x3ba0 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:21.211339951 CET | 192.168.2.6 | 8.8.8.8 | 0xf3d8 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:22.623347044 CET | 192.168.2.6 | 8.8.8.8 | 0x91 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:24.028367043 CET | 192.168.2.6 | 8.8.8.8 | 0x80fe | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:25.404438972 CET | 192.168.2.6 | 8.8.8.8 | 0x5d60 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:26.753979921 CET | 192.168.2.6 | 8.8.8.8 | 0x34fe | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:28.154974937 CET | 192.168.2.6 | 8.8.8.8 | 0x6d93 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:29.502564907 CET | 192.168.2.6 | 8.8.8.8 | 0xf992 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:30.856758118 CET | 192.168.2.6 | 8.8.8.8 | 0xa178 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:32.198609114 CET | 192.168.2.6 | 8.8.8.8 | 0x7019 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:33.567120075 CET | 192.168.2.6 | 8.8.8.8 | 0xa690 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:34.927153111 CET | 192.168.2.6 | 8.8.8.8 | 0xf1b9 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:36.342387915 CET | 192.168.2.6 | 8.8.8.8 | 0x69a | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:37.706017017 CET | 192.168.2.6 | 8.8.8.8 | 0x11da | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:39.064377069 CET | 192.168.2.6 | 8.8.8.8 | 0xeaa5 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:40.407258034 CET | 192.168.2.6 | 8.8.8.8 | 0x65a3 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:41.762677908 CET | 192.168.2.6 | 8.8.8.8 | 0xf859 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:43.145524979 CET | 192.168.2.6 | 8.8.8.8 | 0xea50 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:44.451947927 CET | 192.168.2.6 | 8.8.8.8 | 0x70ab | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:45.776679039 CET | 192.168.2.6 | 8.8.8.8 | 0x6010 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:47.092387915 CET | 192.168.2.6 | 8.8.8.8 | 0x1c90 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 23, 2021 08:09:48.404412031 CET | 192.168.2.6 | 8.8.8.8 | 0x1b03 | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Feb 23, 2021 08:07:45.266907930 CET | 8.8.8.8 | 192.168.2.6 | 0xd9b2 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:07:46.827474117 CET | 8.8.8.8 | 192.168.2.6 | 0x4cfc | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:07:48.491969109 CET | 8.8.8.8 | 192.168.2.6 | 0x7b0b | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:07:50.028769016 CET | 8.8.8.8 | 192.168.2.6 | 0x2dc4 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:07:51.431777954 CET | 8.8.8.8 | 192.168.2.6 | 0x4881 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:07:52.838727951 CET | 8.8.8.8 | 192.168.2.6 | 0x1d0e | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:07:54.205889940 CET | 8.8.8.8 | 192.168.2.6 | 0x44f3 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:07:55.571289062 CET | 8.8.8.8 | 192.168.2.6 | 0x5e4c | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:07:57.111020088 CET | 8.8.8.8 | 192.168.2.6 | 0xb8bd | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:07:58.667474031 CET | 8.8.8.8 | 192.168.2.6 | 0xda71 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:00.120590925 CET | 8.8.8.8 | 192.168.2.6 | 0x1e15 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:01.480880976 CET | 8.8.8.8 | 192.168.2.6 | 0x6514 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:02.825578928 CET | 8.8.8.8 | 192.168.2.6 | 0x7f53 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:04.152319908 CET | 8.8.8.8 | 192.168.2.6 | 0xa722 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:05.499820948 CET | 8.8.8.8 | 192.168.2.6 | 0x3ff4 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:06.858426094 CET | 8.8.8.8 | 192.168.2.6 | 0x30ca | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:08.202327967 CET | 8.8.8.8 | 192.168.2.6 | 0x337b | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:09.530750990 CET | 8.8.8.8 | 192.168.2.6 | 0x982e | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:10.987613916 CET | 8.8.8.8 | 192.168.2.6 | 0xc475 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:12.376049042 CET | 8.8.8.8 | 192.168.2.6 | 0xcbf7 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:14.188676119 CET | 8.8.8.8 | 192.168.2.6 | 0xe579 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:15.780385971 CET | 8.8.8.8 | 192.168.2.6 | 0x4ad8 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:17.316565990 CET | 8.8.8.8 | 192.168.2.6 | 0xdd90 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:18.696165085 CET | 8.8.8.8 | 192.168.2.6 | 0x9949 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:20.020870924 CET | 8.8.8.8 | 192.168.2.6 | 0x4fb6 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:21.412421942 CET | 8.8.8.8 | 192.168.2.6 | 0xe93 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:22.767571926 CET | 8.8.8.8 | 192.168.2.6 | 0x419a | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:24.118077993 CET | 8.8.8.8 | 192.168.2.6 | 0xdb1a | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:25.454222918 CET | 8.8.8.8 | 192.168.2.6 | 0xe2f3 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:26.781805992 CET | 8.8.8.8 | 192.168.2.6 | 0x578e | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:28.298862934 CET | 8.8.8.8 | 192.168.2.6 | 0x9933 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:29.816936970 CET | 8.8.8.8 | 192.168.2.6 | 0xb6c4 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:31.365034103 CET | 8.8.8.8 | 192.168.2.6 | 0xb961 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:33.546222925 CET | 8.8.8.8 | 192.168.2.6 | 0x49df | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:35.001399040 CET | 8.8.8.8 | 192.168.2.6 | 0xf99a | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:36.570158005 CET | 8.8.8.8 | 192.168.2.6 | 0x6d0b | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:38.095921993 CET | 8.8.8.8 | 192.168.2.6 | 0x6c72 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:39.687787056 CET | 8.8.8.8 | 192.168.2.6 | 0x2355 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:41.122194052 CET | 8.8.8.8 | 192.168.2.6 | 0xfb39 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:42.761286020 CET | 8.8.8.8 | 192.168.2.6 | 0xf8e6 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:44.328437090 CET | 8.8.8.8 | 192.168.2.6 | 0x4b22 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:45.741550922 CET | 8.8.8.8 | 192.168.2.6 | 0xf653 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:47.088871002 CET | 8.8.8.8 | 192.168.2.6 | 0xc499 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:48.471918106 CET | 8.8.8.8 | 192.168.2.6 | 0x70af | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:49.829307079 CET | 8.8.8.8 | 192.168.2.6 | 0x5a34 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:51.200211048 CET | 8.8.8.8 | 192.168.2.6 | 0xb366 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:52.559010029 CET | 8.8.8.8 | 192.168.2.6 | 0x81af | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:53.929353952 CET | 8.8.8.8 | 192.168.2.6 | 0x712b | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:55.287211895 CET | 8.8.8.8 | 192.168.2.6 | 0x38c9 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:56.655138016 CET | 8.8.8.8 | 192.168.2.6 | 0x622d | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:57.995523930 CET | 8.8.8.8 | 192.168.2.6 | 0xb17e | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:08:59.348825932 CET | 8.8.8.8 | 192.168.2.6 | 0x3e14 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:00.699660063 CET | 8.8.8.8 | 192.168.2.6 | 0x6718 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:02.060837984 CET | 8.8.8.8 | 192.168.2.6 | 0x967b | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:03.421380997 CET | 8.8.8.8 | 192.168.2.6 | 0xc85c | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:04.770749092 CET | 8.8.8.8 | 192.168.2.6 | 0xbc83 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:06.107952118 CET | 8.8.8.8 | 192.168.2.6 | 0xa3bf | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:07.491424084 CET | 8.8.8.8 | 192.168.2.6 | 0xf7c8 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:14.274820089 CET | 8.8.8.8 | 192.168.2.6 | 0xd9b8 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:15.646821022 CET | 8.8.8.8 | 192.168.2.6 | 0x1a8d | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:17.040496111 CET | 8.8.8.8 | 192.168.2.6 | 0x92d1 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:18.422797918 CET | 8.8.8.8 | 192.168.2.6 | 0xeef5 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:19.907733917 CET | 8.8.8.8 | 192.168.2.6 | 0x3ba0 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:21.270256996 CET | 8.8.8.8 | 192.168.2.6 | 0xf3d8 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:22.674866915 CET | 8.8.8.8 | 192.168.2.6 | 0x91 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:24.088788033 CET | 8.8.8.8 | 192.168.2.6 | 0x80fe | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:25.453197002 CET | 8.8.8.8 | 192.168.2.6 | 0x5d60 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:26.810834885 CET | 8.8.8.8 | 192.168.2.6 | 0x34fe | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:28.206527948 CET | 8.8.8.8 | 192.168.2.6 | 0x6d93 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:29.562889099 CET | 8.8.8.8 | 192.168.2.6 | 0xf992 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:30.915587902 CET | 8.8.8.8 | 192.168.2.6 | 0xa178 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:32.256922007 CET | 8.8.8.8 | 192.168.2.6 | 0x7019 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:33.624037027 CET | 8.8.8.8 | 192.168.2.6 | 0xa690 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:34.986808062 CET | 8.8.8.8 | 192.168.2.6 | 0xf1b9 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:36.401557922 CET | 8.8.8.8 | 192.168.2.6 | 0x69a | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:37.760108948 CET | 8.8.8.8 | 192.168.2.6 | 0x11da | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:39.123634100 CET | 8.8.8.8 | 192.168.2.6 | 0xeaa5 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:40.464591026 CET | 8.8.8.8 | 192.168.2.6 | 0x65a3 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:41.819736004 CET | 8.8.8.8 | 192.168.2.6 | 0xf859 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:43.194669008 CET | 8.8.8.8 | 192.168.2.6 | 0xea50 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:44.511965990 CET | 8.8.8.8 | 192.168.2.6 | 0x70ab | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:45.826669931 CET | 8.8.8.8 | 192.168.2.6 | 0x6010 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:47.149457932 CET | 8.8.8.8 | 192.168.2.6 | 0x1c90 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) | ||
Feb 23, 2021 08:09:48.462491989 CET | 8.8.8.8 | 192.168.2.6 | 0x1b03 | No error (0) | 79.134.225.30 | A (IP address) | IN (0x0001) |
Code Manipulations |
---|
Statistics |
---|
CPU Usage |
---|
Click to jump to process
Memory Usage |
---|
Click to jump to process
High Level Behavior Distribution |
---|
back
Click to dive into process behavior distribution
Behavior |
---|
Click to jump to process
System Behavior |
---|
General |
---|
Start time: | 08:07:38 |
Start date: | 23/02/2021 |
Path: | C:\Users\user\Desktop\Payment Confirmation.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 909312 bytes |
MD5 hash: | 800B9D7F3A47C5A18DA78CB6A54F90BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | Visual Basic |
Reputation: | low |
General |
---|
Start time: | 08:07:40 |
Start date: | 23/02/2021 |
Path: | C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cvcvsdf.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 909312 bytes |
MD5 hash: | 800B9D7F3A47C5A18DA78CB6A54F90BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | Visual Basic |
Antivirus matches: |
|
Reputation: | low |
General |
---|
Start time: | 08:07:42 |
Start date: | 23/02/2021 |
Path: | C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cvcvsdf.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 909312 bytes |
MD5 hash: | 800B9D7F3A47C5A18DA78CB6A54F90BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | Borland Delphi |
Yara matches: |
|
Reputation: | low |
General |
---|
Start time: | 08:07:52 |
Start date: | 23/02/2021 |
Path: | C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cvcvsdf.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 909312 bytes |
MD5 hash: | 800B9D7F3A47C5A18DA78CB6A54F90BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | Visual Basic |
Reputation: | low |
General |
---|
Start time: | 08:07:56 |
Start date: | 23/02/2021 |
Path: | C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cvcvsdf.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 909312 bytes |
MD5 hash: | 800B9D7F3A47C5A18DA78CB6A54F90BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | Borland Delphi |
Yara matches: |
|
Reputation: | low |
Disassembly |
---|
Code Analysis |
---|
Analysis Process: Payment Confirmation.exe PID: 7012 Parent PID: 5880 Payment Confirmation.exeCOMMON
Executed Functions |
---|
Function 00418980, Relevance: 398.8, APIs: 214, Strings: 13, Instructions: 1594COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041C970, Relevance: 18.1, APIs: 12, Instructions: 99COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00417FC0, Relevance: 10.6, APIs: 7, Instructions: 79COMMON
C-Code - Quality: 17% |
|
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402C58, Relevance: 1.6, APIs: 1, Instructions: 121COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Non-executed Functions |
---|
Function 0041BC60, Relevance: 153.2, APIs: 86, Strings: 1, Instructions: 960COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041AA50, Relevance: 155.9, APIs: 10, Strings: 79, Instructions: 118COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00411170, Relevance: 30.2, APIs: 20, Instructions: 207COMMON
C-Code - Quality: 19% |
|
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00415D10, Relevance: 27.2, APIs: 18, Instructions: 152COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00418110, Relevance: 21.2, APIs: 14, Instructions: 178COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004123E0, Relevance: 18.1, APIs: 12, Instructions: 137COMMON
C-Code - Quality: 20% |
|
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004125C0, Relevance: 18.1, APIs: 12, Instructions: 110COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406FD7, Relevance: 18.1, APIs: 12, Instructions: 100COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041AB80, Relevance: 15.1, APIs: 10, Instructions: 117COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00416610, Relevance: 13.6, APIs: 9, Instructions: 108COMMON
C-Code - Quality: 19% |
|
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041ACB0, Relevance: 12.1, APIs: 8, Instructions: 102COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004140B0, Relevance: 12.1, APIs: 8, Instructions: 86COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00409FE6, Relevance: 9.1, APIs: 6, Instructions: 93COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00417EF0, Relevance: 6.1, APIs: 4, Instructions: 55COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Executed Functions |
---|
Function 00406D1C, Relevance: 33.4, APIs: 17, Strings: 2, Instructions: 184registrystringlibraryCOMMON
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406E28, Relevance: 15.1, APIs: 10, Instructions: 98stringlibrarythreadCOMMON
C-Code - Quality: 61% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044521C, Relevance: 1.5, APIs: 1, Instructions: 24nativeCOMMON
C-Code - Quality: 37% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0047CEE0, Relevance: 33.4, APIs: 6, Strings: 13, Instructions: 156threadwindowCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00472C68, Relevance: 28.2, APIs: 12, Strings: 4, Instructions: 172networkthreadCOMMON
C-Code - Quality: 75% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 95% |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0045D60C, Relevance: 24.6, APIs: 7, Strings: 7, Instructions: 103registrylibraryloaderCOMMON
C-Code - Quality: 85% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00444A8C, Relevance: 22.9, APIs: 9, Strings: 4, Instructions: 131windowregistryCOMMON
C-Code - Quality: 34% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040EBD4, Relevance: 19.5, APIs: 1, Strings: 10, Instructions: 201threadCOMMON
C-Code - Quality: 72% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00444738, Relevance: 15.9, APIs: 5, Strings: 4, Instructions: 135windowCOMMON
C-Code - Quality: 91% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00443D1C, Relevance: 10.6, APIs: 7, Instructions: 89COMMON
C-Code - Quality: 82% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 85% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00420A78, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 59registryCOMMON
C-Code - Quality: 94% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004B67A0, Relevance: 7.7, APIs: 5, Instructions: 180librarymemoryloaderCOMMON
C-Code - Quality: 51% |
|
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 66% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00472088, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 14sleepthreadCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 66% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040EB10, Relevance: 4.6, APIs: 3, Instructions: 56threadCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 67% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 76% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004209BC, Relevance: 3.1, APIs: 1, Strings: 1, Instructions: 52memoryCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004438EC, Relevance: 3.0, APIs: 2, Instructions: 37COMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 63% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404538, Relevance: 1.5, APIs: 1, Instructions: 46COMMON
C-Code - Quality: 63% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004085D2, Relevance: 1.5, APIs: 1, Instructions: 45COMMON
C-Code - Quality: 82% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004085D4, Relevance: 1.5, APIs: 1, Instructions: 44COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 60% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 82% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406AB8, Relevance: 1.5, APIs: 1, Instructions: 26COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 68% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 68% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004016E8, Relevance: 1.3, APIs: 1, Instructions: 38memoryCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Non-executed Functions |
---|
Function 0042EB3C, Relevance: 168.3, APIs: 48, Strings: 48, Instructions: 266libraryloaderCOMMON
C-Code - Quality: 90% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0047E068, Relevance: 54.8, APIs: 23, Strings: 8, Instructions: 538networkthreadCOMMON
C-Code - Quality: 47% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0047F788, Relevance: 51.0, APIs: 10, Strings: 19, Instructions: 234COMMON
C-Code - Quality: 92% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 72% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406B58, Relevance: 24.6, APIs: 11, Strings: 3, Instructions: 139stringlibraryfileCOMMON
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0045843C, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 64windowCOMMON
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00445A48, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 99nativewindowCOMMON
C-Code - Quality: 51% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 93% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 90% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 94% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004727B4, Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 105filethreadnetworkCOMMON
C-Code - Quality: 57% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00470968, Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 97serviceCOMMON
C-Code - Quality: 48% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 72% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 55% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00457B00, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 83windowCOMMON
C-Code - Quality: 81% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00470C6C, Relevance: 7.6, APIs: 5, Instructions: 70COMMON
C-Code - Quality: 60% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 63% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 93% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 79% |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00445968, Relevance: 6.1, APIs: 4, Instructions: 70nativeCOMMON
C-Code - Quality: 80% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041C268, Relevance: 6.1, APIs: 4, Instructions: 51COMMON
C-Code - Quality: 80% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 67% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 65% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00444454, Relevance: 4.5, APIs: 3, Instructions: 33synchronizationthreadCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00455020, Relevance: 3.1, APIs: 2, Instructions: 97windowCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004571F8, Relevance: 3.1, APIs: 2, Instructions: 64windowCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004253A8, Relevance: 3.0, APIs: 2, Instructions: 46windowCOMMON
C-Code - Quality: 58% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040A490, Relevance: 3.0, APIs: 2, Instructions: 33fileCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00461974, Relevance: 1.6, APIs: 1, Instructions: 62nativeCOMMON
C-Code - Quality: 61% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0047EE4C, Relevance: 1.6, APIs: 1, Instructions: 57fileCOMMON
C-Code - Quality: 56% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040A74E, Relevance: 1.6, APIs: 1, Instructions: 50COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00465348, Relevance: 1.5, APIs: 1, Instructions: 48fileCOMMON
C-Code - Quality: 68% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 58% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004304E8, Relevance: 1.5, APIs: 1, Instructions: 41nativeCOMMON
C-Code - Quality: 53% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040D33C, Relevance: 1.5, APIs: 1, Instructions: 29COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040E31C, Relevance: 1.5, APIs: 1, Instructions: 26COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040D388, Relevance: 1.5, APIs: 1, Instructions: 23COMMON
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040BCCC, Relevance: 1.5, APIs: 1, Instructions: 15timeCOMMON
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 50% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0043B134, Relevance: 1.5, APIs: 1, Instructions: 10windowCOMMON
C-Code - Quality: 58% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040811E, Relevance: .0, Instructions: 2COMMON
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004083D6, Relevance: .0, Instructions: 2COMMON
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00407BAE, Relevance: .0, Instructions: 2COMMON
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00463C98, Relevance: 75.4, APIs: 24, Strings: 19, Instructions: 132libraryloaderCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046397C, Relevance: 59.6, APIs: 17, Strings: 17, Instructions: 99libraryloaderCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0045D214, Relevance: 49.1, APIs: 15, Strings: 13, Instructions: 95libraryloaderCOMMON
C-Code - Quality: 83% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0047D130, Relevance: 42.2, APIs: 18, Strings: 6, Instructions: 227pipefilethreadCOMMON
C-Code - Quality: 89% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 77% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00481FA8, Relevance: 37.0, APIs: 16, Strings: 5, Instructions: 274threadnetworkCOMMON
C-Code - Quality: 50% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 62% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00472978, Relevance: 31.6, APIs: 6, Strings: 12, Instructions: 131windowthreadnetworkCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042991C, Relevance: 30.1, APIs: 14, Strings: 3, Instructions: 351windowCOMMON
C-Code - Quality: 79% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046E754, Relevance: 30.0, APIs: 8, Strings: 9, Instructions: 204networkCOMMON
C-Code - Quality: 28% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0047F184, Relevance: 26.5, APIs: 2, Strings: 13, Instructions: 233threadCOMMON
C-Code - Quality: 36% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00480850, Relevance: 24.6, APIs: 13, Strings: 1, Instructions: 127threadnetworkCOMMON
C-Code - Quality: 54% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 84% |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00471964, Relevance: 21.5, APIs: 2, Strings: 10, Instructions: 459fileCOMMON
C-Code - Quality: 78% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 77% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 64% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00480CA4, Relevance: 21.1, APIs: 7, Strings: 5, Instructions: 111networkCOMMON
C-Code - Quality: 55% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0047DE18, Relevance: 21.1, APIs: 8, Strings: 4, Instructions: 108networkCOMMON
C-Code - Quality: 50% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004804C0, Relevance: 19.6, APIs: 13, Instructions: 124threadnetworksleepCOMMON
C-Code - Quality: 57% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 70% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0043EC90, Relevance: 19.4, APIs: 10, Strings: 1, Instructions: 133windowCOMMON
C-Code - Quality: 97% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004035B8, Relevance: 19.4, APIs: 10, Strings: 1, Instructions: 129fileCOMMON
C-Code - Quality: 70% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040862C, Relevance: 19.3, APIs: 6, Strings: 5, Instructions: 61registryclipboardwindowCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004322D4, Relevance: 18.1, APIs: 12, Instructions: 142COMMON
C-Code - Quality: 59% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00480000, Relevance: 18.1, APIs: 12, Instructions: 120threadnetworksleepCOMMON
C-Code - Quality: 57% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402810, Relevance: 17.8, APIs: 1, Strings: 9, Instructions: 254windowCOMMON
C-Code - Quality: 98% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00481338, Relevance: 17.7, APIs: 4, Strings: 6, Instructions: 193sleepthreadCOMMON
C-Code - Quality: 56% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00466B6C, Relevance: 17.6, APIs: 3, Strings: 7, Instructions: 116windowCOMMON
C-Code - Quality: 60% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 88% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044CCDC, Relevance: 16.6, APIs: 11, Instructions: 91COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00442674, Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 154windowCOMMON
C-Code - Quality: 74% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046ECE4, Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 146fileCOMMON
C-Code - Quality: 71% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 59% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 91% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00455DA4, Relevance: 15.2, APIs: 10, Instructions: 197COMMON
C-Code - Quality: 90% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 59% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 98% |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00454460, Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 134registryCOMMON
C-Code - Quality: 82% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041F724, Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 109threadCOMMON
C-Code - Quality: 67% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0047103C, Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 83libraryloaderCOMMON
C-Code - Quality: 70% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0047D978, Relevance: 14.1, APIs: 5, Strings: 3, Instructions: 79windowCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 79% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040DA3C, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 56filewindowCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00455FFC, Relevance: 13.7, APIs: 9, Instructions: 177COMMON
C-Code - Quality: 66% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044FFC8, Relevance: 13.7, APIs: 9, Instructions: 154COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046420C, Relevance: 13.6, APIs: 9, Instructions: 150COMMON
C-Code - Quality: 81% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 39% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004485C0, Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 170windowCOMMON
C-Code - Quality: 55% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 77% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00446360, Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 138windowCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004439D0, Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 125registryCOMMON
C-Code - Quality: 76% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00427650, Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 122fileCOMMON
C-Code - Quality: 94% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041BC10, Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 105fileCOMMON
C-Code - Quality: 84% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 60% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042DDD8, Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 68stringCOMMON
C-Code - Quality: 67% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004052F0, Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 38filewindowCOMMON
C-Code - Quality: 79% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 91% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 88% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 87% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 65% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401F78, Relevance: 10.9, APIs: 7, Instructions: 407COMMON
C-Code - Quality: 88% |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00433F28, Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 177windowCOMMON
C-Code - Quality: 87% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0043F2EC, Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 174windowCOMMON
C-Code - Quality: 91% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004598F4, Relevance: 10.7, APIs: 7, Instructions: 162COMMON
C-Code - Quality: 72% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 35% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0045F0A0, Relevance: 10.6, APIs: 7, Instructions: 117fileCOMMON
C-Code - Quality: 49% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 87% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 90% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 86% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 71% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00480A44, Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 84threadsleepmemoryCOMMON
C-Code - Quality: 73% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00449360, Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 80libraryloaderCOMMON
C-Code - Quality: 56% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00437594, Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 73libraryloaderCOMMON
C-Code - Quality: 55% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042DEAC, Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 68stringCOMMON
C-Code - Quality: 47% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042DF80, Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 68stringCOMMON
C-Code - Quality: 47% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00428338, Relevance: 10.6, APIs: 7, Instructions: 66COMMON
C-Code - Quality: 75% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 94% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004726F4, Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 55memorythreadCOMMON
C-Code - Quality: 75% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040443C, Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 49registryCOMMON
C-Code - Quality: 63% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004650DC, Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 23libraryloaderCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0043E5F0, Relevance: 9.2, APIs: 6, Instructions: 150COMMON
C-Code - Quality: 88% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00440B38, Relevance: 9.1, APIs: 6, Instructions: 125COMMON
C-Code - Quality: 68% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00425E9C, Relevance: 9.1, APIs: 6, Instructions: 84COMMON
C-Code - Quality: 81% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00426314, Relevance: 9.1, APIs: 6, Instructions: 65windowCOMMON
C-Code - Quality: 67% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00425B48, Relevance: 9.1, APIs: 6, Instructions: 56windowCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004019FC, Relevance: 9.0, APIs: 7, Instructions: 298sleepCOMMON
C-Code - Quality: 67% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00425224, Relevance: 9.0, APIs: 6, Instructions: 43COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042A268, Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 112windowCOMMON
C-Code - Quality: 95% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00446A08, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 98timethreadwindowCOMMON
C-Code - Quality: 75% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004811C0, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 86networkthreadCOMMON
C-Code - Quality: 52% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004801B0, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 85threadsleepCOMMON
C-Code - Quality: 57% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00480688, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 85threadsleepCOMMON
C-Code - Quality: 57% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00444EF0, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 71threadwindowCOMMON
C-Code - Quality: 95% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00431008, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 68clipboardCOMMON
C-Code - Quality: 68% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042E3B4, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 50threadCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 60% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 60% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0043D37C, Relevance: 7.7, APIs: 5, Instructions: 183COMMON
C-Code - Quality: 90% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004344BC, Relevance: 7.7, APIs: 5, Instructions: 168COMMON
C-Code - Quality: 87% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 96% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0045587C, Relevance: 7.6, APIs: 5, Instructions: 126COMMON
C-Code - Quality: 77% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0047E804, Relevance: 7.6, APIs: 1, Strings: 4, Instructions: 121sleepCOMMON
C-Code - Quality: 71% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042E474, Relevance: 7.6, APIs: 5, Instructions: 86windowCOMMON
C-Code - Quality: 91% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004342FC, Relevance: 7.6, APIs: 5, Instructions: 77COMMON
C-Code - Quality: 100% |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 55% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00429694, Relevance: 7.6, APIs: 5, Instructions: 66windowCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 53% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00442E08, Relevance: 7.6, APIs: 5, Instructions: 61COMMON
C-Code - Quality: 88% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00425AB0, Relevance: 7.6, APIs: 5, Instructions: 55windowCOMMON
C-Code - Quality: 70% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040D5C8, Relevance: 7.6, APIs: 5, Instructions: 50threadCOMMON
C-Code - Quality: 64% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00444568, Relevance: 7.5, APIs: 5, Instructions: 25synchronizationthreadCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040D678, Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 148threadCOMMON
C-Code - Quality: 81% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0047DAAC, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 135windowCOMMON
C-Code - Quality: 76% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00480F64, Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 114threadCOMMON
C-Code - Quality: 92% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042C0D8, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 93threadCOMMON
C-Code - Quality: 76% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 70% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 53% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00466FD4, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 72windowCOMMON
C-Code - Quality: 55% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004818EC, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 64registryCOMMON
C-Code - Quality: 58% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00463588, Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 59networkCOMMON
C-Code - Quality: 90% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 41% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00437A24, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 58windowCOMMON
C-Code - Quality: 93% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 76% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004720B8, Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 47threadnetworkCOMMON
C-Code - Quality: 42% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 51% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042F31C, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 36libraryloaderCOMMON
C-Code - Quality: 37% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042F3B8, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 31libraryloaderCOMMON
C-Code - Quality: 37% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0047DFD8, Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 25threadnetworkCOMMON
C-Code - Quality: 83% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040F4B4, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 16libraryloaderCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042E558, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 15libraryloaderCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00453400, Relevance: 6.3, APIs: 4, Instructions: 308COMMON
C-Code - Quality: 91% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044DF38, Relevance: 6.2, APIs: 4, Instructions: 212COMMON
C-Code - Quality: 93% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004114B4, Relevance: 6.1, APIs: 4, Instructions: 115COMMON
C-Code - Quality: 82% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040D8B4, Relevance: 6.1, APIs: 4, Instructions: 102COMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040D8B2, Relevance: 6.1, APIs: 4, Instructions: 101COMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00428180, Relevance: 6.1, APIs: 4, Instructions: 83windowCOMMON
C-Code - Quality: 75% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00468878, Relevance: 6.1, APIs: 4, Instructions: 73fileCOMMON
C-Code - Quality: 49% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004380E8, Relevance: 6.1, APIs: 4, Instructions: 72windowCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 93% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042ABD4, Relevance: 6.1, APIs: 4, Instructions: 58windowCOMMON
C-Code - Quality: 67% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00444D0C, Relevance: 6.1, APIs: 4, Instructions: 56COMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 49% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044FE7C, Relevance: 6.1, APIs: 4, Instructions: 56COMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 86% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040A3B4, Relevance: 6.0, APIs: 4, Instructions: 40timeCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004644BC, Relevance: 6.0, APIs: 4, Instructions: 39COMMON
C-Code - Quality: 60% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044DD80, Relevance: 6.0, APIs: 4, Instructions: 37threadCOMMON
C-Code - Quality: 87% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044CE20, Relevance: 6.0, APIs: 4, Instructions: 35threadCOMMON
C-Code - Quality: 87% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004444F4, Relevance: 6.0, APIs: 4, Instructions: 34threadCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042AD70, Relevance: 6.0, APIs: 4, Instructions: 29COMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0043B50C, Relevance: 6.0, APIs: 4, Instructions: 24threadCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 85% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 86% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0047EF74, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 137fileCOMMON
C-Code - Quality: 51% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 54% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 59% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00447008, Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 107windowCOMMON
C-Code - Quality: 54% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040D3F0, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 106threadCOMMON
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 83% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 63% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040C030, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 79threadCOMMON
C-Code - Quality: 76% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 71% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 59% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00480E6C, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 70networkCOMMON
C-Code - Quality: 62% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 79% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00470164, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 68networkCOMMON
C-Code - Quality: 77% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 79% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 79% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 87% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 64% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 68% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0043139C, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 43clipboardCOMMON
C-Code - Quality: 75% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 68% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00437774, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 32keyboardCOMMON
C-Code - Quality: 61% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Executed Functions |
---|
Function 030CC8DC, Relevance: 13.9, APIs: 9, Instructions: 354injectionthreadprocessCOMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 030CC8DC, Relevance: 13.9, APIs: 9, Instructions: 354injectionthreadprocessCOMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 030CCCF0, Relevance: 1.3, APIs: 1, Instructions: 15memoryCOMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Non-executed Functions |
---|
Executed Functions |
---|
Function 004B67A0, Relevance: 7.7, APIs: 5, Instructions: 180librarymemoryloaderCOMMON
C-Code - Quality: 51% |
|
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Non-executed Functions |
---|