Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Windows Analysis Report NRB-RTGS 28-Sept 2021.jar

Overview

General Information

Sample Name:NRB-RTGS 28-Sept 2021.jar
Analysis ID:492006
MD5:ccfdd7c24c9029f301ee94dbc9441ace
SHA1:99dce2074fd2cca2ede69a3b08cf33a574a4a976
SHA256:3ecc6468de96ac9ae350154c117610dd3062f968be547d6b67b3f126fee512e9
Tags:jarSTRRAT
Infos:

Most interesting Screenshot:

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Yara detected AllatoriJARObfuscator
Queries the volume information (name, serial number etc) of a device
Uses cacls to modify the permissions of files
Uses code obfuscation techniques (call, push, ret)
Sample execution stops while process was sleeping (likely an evasion)
JA3 SSL client fingerprint seen in connection with other malware
Creates a process in suspended mode (likely to inject code)
IP address seen in connection with other malware
Java Jar is obfuscated using Allatori

Classification

Process Tree

  • System is w10x64
  • cmd.exe (PID: 4536 cmdline: C:\Windows\system32\cmd.exe /c ''C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe' -javaagent:'C:\Users\user\AppData\Local\Temp\jartracer.jar' -jar 'C:\Users\user\Desktop\NRB-RTGS 28-Sept 2021.jar'' >> C:\cmdlinestart.log 2>&1 MD5: F3BDBE3BB6F734E357235F4D5898582D)
    • conhost.exe (PID: 4660 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • java.exe (PID: 4348 cmdline: 'C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe' -javaagent:'C:\Users\user\AppData\Local\Temp\jartracer.jar' -jar 'C:\Users\user\Desktop\NRB-RTGS 28-Sept 2021.jar' MD5: 28733BA8C383E865338638DF5196E6FE)
      • icacls.exe (PID: 6780 cmdline: C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant 'everyone':(OI)(CI)M MD5: FF0D1D4317A44C951240FAE75075D501)
        • conhost.exe (PID: 6532 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

Dropped Files

SourceRuleDescriptionAuthorStrings
C:\cmdlinestart.logJoeSecurity_Allatori_JAR_ObfuscatorYara detected Allatori_JAR_ObfuscatorJoe Security

    Sigma Overview

    No Sigma rule has matched

    Jbx Signature Overview

    Click to jump to signature section

    Show All Signature Results

    AV Detection:

    barindex
    Multi AV Scanner detection for submitted fileShow sources
    Source: NRB-RTGS 28-Sept 2021.jarReversingLabs: Detection: 22%
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeFile opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49744 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49742 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49741 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49743 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49746 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49745 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49747 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49748 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49749 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49750 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49751 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49752 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49753 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49754 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49755 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49756 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49757 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49758 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49759 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49760 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49761 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49762 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49763 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49764 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49765 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49767 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49766 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49768 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49769 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49770 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49771 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49772 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49774 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49773 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49776 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49775 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49778 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49777 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49779 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49780 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49781 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49782 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49783 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49784 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49786 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49785 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49788 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49787 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49789 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49790 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49791 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49793 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49792 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49794 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49795 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49796 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49797 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49798 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49799 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49800 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49801 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49802 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49803 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49804 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49805 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49806 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49807 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49808 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49809 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49810 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49811 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49812 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49813 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49814 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49815 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49816 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49817 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49818 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49819 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49820 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49821 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49822 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49823 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49824 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49825 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49826 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49827 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49828 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49829 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49830 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49832 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49831 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49833 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49834 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49835 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49836 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49837 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49838 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49839 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49840 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49841 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49842 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49843 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49845 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49844 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49846 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49847 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49848 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49849 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49850 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49851 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49852 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49853 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49854 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49855 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49856 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49857 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49858 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49859 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49860 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49861 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49862 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49863 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49865 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49864 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49867 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49866 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49868 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49869 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49870 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49871 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49872 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49873 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49875 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49874 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49876 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49877 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49878 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49879 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49880 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49881 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49882 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49883 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49884 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49885 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49886 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49887 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49889 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49888 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49890 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49891 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49892 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49893 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49894 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49895 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49896 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49897 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49898 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49899 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49900 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49901 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49902 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49904 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49903 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49905 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49906 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49907 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49908 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49909 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49910 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49912 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49911 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49913 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49914 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49915 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49916 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49918 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49917 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49919 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49920 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49922 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49921 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49923 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49924 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49925 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49926 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49927 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49928 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49929 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49930 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49931 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49932 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49934 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49933 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49935 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49937 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49936 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49938 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49939 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49940 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49941 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49943 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49942 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49944 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49946 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49947 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49945 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49948 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49949 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49952 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49951 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49950 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49953 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49955 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49954 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49956 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49957 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49958 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49960 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49959 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49961 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49962 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49963 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49964 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49965 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49967 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49966 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49968 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49969 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49970 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49971 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49972 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49973 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49974 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49975 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49976 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49977 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49978 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49979 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49980 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49981 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49982 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49983 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49984 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49985 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49986 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49987 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49988 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49989 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49990 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49991 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49992 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49993 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49994 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49995 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49996 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49997 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49998 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49999 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50000 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50001 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50002 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50003 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50004 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50005 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50006 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50007 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50008 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50009 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50010 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50011 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50013 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50014 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50012 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50015 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50016 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50017 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50018 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50019 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50020 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50021 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50022 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50023 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50024 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50025 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50026 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50027 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50028 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50030 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50029 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50031 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50032 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50033 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50034 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50035 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50036 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50037 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50038 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50039 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50040 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50041 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50042 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50043 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50044 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50045 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50046 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50047 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50049 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50048 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50050 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50051 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50052 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50054 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50053 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50055 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50056 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50057 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50058 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50059 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50060 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50061 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50062 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50063 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50064 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50065 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50066 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50067 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50068 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50069 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50070 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50071 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50072 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50073 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50074 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50075 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50076 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50077 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50078 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50079 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50080 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50081 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50082 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50083 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50084 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50085 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50086 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50087 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50088 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50089 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50090 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50091 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50092 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50093 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50094 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50095 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50096 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50097 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50098 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50099 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50100 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50102 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50101 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50103 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50104 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50105 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50106 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50107 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50108 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50109 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50110 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50112 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50111 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50113 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50114 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50115 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50116 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50117 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50118 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50119 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50120 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50121 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50122 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50124 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50123 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50125 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50126 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50127 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50128 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50129 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50130 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50131 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50132 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50133 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50134 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50135 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50136 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50137 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50138 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50139 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50140 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50141 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50142 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50143 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50144 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50145 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50146 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50147 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50148 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50149 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50150 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50151 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50152 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50153 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50154 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50155 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50156 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50157 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50158 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50159 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50160 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50161 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50163 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50162 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50164 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50165 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50166 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50167 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50168 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50169 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50170 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50171 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50172 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50173 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50174 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50175 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50176 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50177 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50178 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50179 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50180 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50181 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50182 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50183 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50184 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50185 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50186 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50187 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50188 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50189 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50190 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50191 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50192 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50194 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50193 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50195 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50196 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50197 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50198 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50199 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50200 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50201 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50202 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50203 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50204 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50205 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50206 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50207 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50208 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50209 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50210 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50211 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50212 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50213 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50214 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50215 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50216 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50217 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50218 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50219 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50220 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50221 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50222 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50223 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50224 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50225 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50226 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50227 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50228 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50229 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50230 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50231 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50232 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50233 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50234 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50235 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50236 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50237 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50238 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50239 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50240 version: TLS 1.2
    Source: Joe Sandbox ViewJA3 fingerprint: d2935c58fe676744fecc8614ee5356c7
    Source: Joe Sandbox ViewIP Address: 199.232.192.209 199.232.192.209
    Source: Joe Sandbox ViewIP Address: 140.82.121.4 140.82.121.4
    Source: unknownNetwork traffic detected: HTTP traffic on port 57084 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50693 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52633 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50211 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50452 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52874 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51548 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50440 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52862 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51777 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54802 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53717 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51524 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53730 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52645 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50464 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57096 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52404 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51319 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50439 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53729 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52608 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54814 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51789 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53958 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51320 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50235 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52416 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53934 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51512 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51753 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53754 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50656 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50247 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51561 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54609 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57047 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52898 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55923 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53946 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51765 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52886 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52825 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55911 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51103 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50259 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51307 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51500 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51573 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57035 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52621 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56180 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53742 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52428 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50644 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54863 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52516
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53848
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52517
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53847
    Source: unknownNetwork traffic detected: HTTP traffic on port 51115 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53846
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52515
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53845
    Source: unknownNetwork traffic detected: HTTP traffic on port 56803 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52518
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52519
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53849
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53840
    Source: unknownNetwork traffic detected: HTTP traffic on port 50632 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52512
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53844
    Source: unknownNetwork traffic detected: HTTP traffic on port 50873 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52513
    Source: unknownNetwork traffic detected: HTTP traffic on port 53537 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53843
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53842
    Source: unknownNetwork traffic detected: HTTP traffic on port 53778 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52510
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52511
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53841
    Source: unknownNetwork traffic detected: HTTP traffic on port 57023 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57264 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52527
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53859
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52528
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53858
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53857
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52526
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53856
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52529
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53851
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52520
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53850
    Source: unknownNetwork traffic detected: HTTP traffic on port 52453 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51957 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52523
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53855
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52524
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53854
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52521
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53853
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52522
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53852
    Source: unknownNetwork traffic detected: HTTP traffic on port 53910 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52200 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50885 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51207
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52538
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51208
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52539
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53869
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51205
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52536
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53868
    Source: unknownNetwork traffic detected: HTTP traffic on port 57011 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51206
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52537
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53867
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51209
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52530
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53862
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51200
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52531
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53861
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53860
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51203
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53866
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51204
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52535
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53865
    Source: unknownNetwork traffic detected: HTTP traffic on port 54851 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56192 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51201
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52532
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53864
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51202
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52533
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53863
    Source: unknownNetwork traffic detected: HTTP traffic on port 57252 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53766 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50861 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50620 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53525 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51218
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52549
    Source: unknownNetwork traffic detected: HTTP traffic on port 53922 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51219
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51216
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52547
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53879
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51217
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52548
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53878
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51210
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52541
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53873
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51211
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52542
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53872
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53871
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52540
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53870
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53877
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51214
    Source: unknownNetwork traffic detected: HTTP traffic on port 50897 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51215
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53876
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52543
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51212
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53875
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51213
    Source: unknownNetwork traffic detected: HTTP traffic on port 52212 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52544
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53874
    Source: unknownNetwork traffic detected: HTTP traffic on port 56827 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53791 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53880
    Source: unknownNetwork traffic detected: HTTP traffic on port 57288 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52837 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52441 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51945 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51127 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53804
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53803
    Source: unknownNetwork traffic detected: HTTP traffic on port 51140 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53802
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53801
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53808
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53807
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53806
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53805
    Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51933 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53800
    Source: unknownNetwork traffic detected: HTTP traffic on port 52477 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54838 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55299 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53809
    Source: unknownNetwork traffic detected: HTTP traffic on port 50607 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53815
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53814
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53813
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53812
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53819
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53818
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53817
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53816
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53811
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53810
    Source: unknownNetwork traffic detected: HTTP traffic on port 51139 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52849 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53501 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50476 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53826
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53825
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53824
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53823
    Source: unknownNetwork traffic detected: HTTP traffic on port 51790 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53829
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53828
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53827
    Source: unknownNetwork traffic detected: HTTP traffic on port 55287 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53822
    Source: unknownNetwork traffic detected: HTTP traffic on port 50619 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53821
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53820
    Source: unknownNetwork traffic detected: HTTP traffic on port 50223 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51921 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54826 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52505
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53837
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52506
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53836
    Source: unknownNetwork traffic detected: HTTP traffic on port 54430 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53835
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52503
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52504
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53834
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52509
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52507
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53839
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52508
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53838
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52501
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53833
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52502
    Source: unknownNetwork traffic detected: HTTP traffic on port 53513 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53832
    Source: unknownNetwork traffic detected: HTTP traffic on port 50488 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53831
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52500
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53830
    Source: unknownNetwork traffic detected: HTTP traffic on port 53909 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55755 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52850 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51536 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51144
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52475
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51145
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52476
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51142
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52473
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51143
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52474
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51148
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52479
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51149
    Source: unknownNetwork traffic detected: HTTP traffic on port 57215 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52477
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51146
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51147
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52478
    Source: unknownNetwork traffic detected: HTTP traffic on port 54201 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56623 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51176 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51151
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52482
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51152
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52483
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52480
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51150
    Source: unknownNetwork traffic detected: HTTP traffic on port 53598 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53357 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51164 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53116 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54178 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57203 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53345 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51155
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52486
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51156
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52487
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51153
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52484
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51154
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52485
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51159
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51157
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52488
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51158
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52489
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52490
    Source: unknownNetwork traffic detected: HTTP traffic on port 54442 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51162
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52493
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51163
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52494
    Source: unknownNetwork traffic detected: HTTP traffic on port 57456 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51160
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52491
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52492
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51161
    Source: unknownNetwork traffic detected: HTTP traffic on port 50812 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50080 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57227 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56635 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51166
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51167
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52498
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51164
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52495
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52496
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51165
    Source: unknownNetwork traffic detected: HTTP traffic on port 53369 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51152 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51168
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52499
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51169
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51170
    Source: unknownNetwork traffic detected: HTTP traffic on port 54191 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51173
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51174
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51171
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51172
    Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50824 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57444 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51177
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51178
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51175
    Source: unknownNetwork traffic detected: HTTP traffic on port 53104 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51176
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51179
    Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51180
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51181
    Source: unknownNetwork traffic detected: HTTP traffic on port 54225 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51184
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51185
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51182
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51183
    Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53562 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54454 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51108
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52439
    Source: unknownNetwork traffic detected: HTTP traffic on port 56576 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51109
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51106
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52437
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53769
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51107
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52438
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53768
    Source: unknownNetwork traffic detected: HTTP traffic on port 55984 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54395 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51100
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52431
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53763
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51101
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52432
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53762
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53761
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52430
    Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53760
    Source: unknownNetwork traffic detected: HTTP traffic on port 57420 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51104
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52435
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53767
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52436
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51105
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53766
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51102
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52433
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53765
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51103
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52434
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53764
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53770
    Source: unknownNetwork traffic detected: HTTP traffic on port 50848 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51119
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51117
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52448
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53779
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52449
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51118
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51111
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52442
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53774
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51112
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53773
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53772
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51110
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52441
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53771
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51115
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52446
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53778
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51116
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52447
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53777
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51113
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52444
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53776
    Source: unknownNetwork traffic detected: HTTP traffic on port 54466 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51114
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52445
    Source: unknownNetwork traffic detected: HTTP traffic on port 53550 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53775
    Source: unknownNetwork traffic detected: HTTP traffic on port 56564 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51704 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53781
    Source: unknownNetwork traffic detected: HTTP traffic on port 55996 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53780
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52450
    Source: unknownNetwork traffic detected: HTTP traffic on port 54142 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50067 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57240 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54213 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51128
    Source: unknownNetwork traffic detected: HTTP traffic on port 51188 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52459
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51129
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51122
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52453
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53785
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51123
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52454
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53784
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51120
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52451
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53783
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51121
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52452
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53782
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53789
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51126
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51127
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53788
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51124
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52455
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53787
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51125
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52456
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53786
    Source: unknownNetwork traffic detected: HTTP traffic on port 56840 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50836 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54008 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52460
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53792
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51130
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52461
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53791
    Source: unknownNetwork traffic detected: HTTP traffic on port 57432 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53790
    Source: unknownNetwork traffic detected: HTTP traffic on port 53286 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56311 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54130 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54478 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51139
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51133
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52464
    Source: unknownNetwork traffic detected: HTTP traffic on port 52694 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53796
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51134
    Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53795
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51131
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52462
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53794
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51132
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52463
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53793
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51137
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52468
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51138
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52469
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53799
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51135
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52466
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53798
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51136
    Source: java.exe, 00000003.00000003.315984025.0000000015C54000.00000004.00000001.sdmpString found in binary or memory: http://null.oracle.com/
    Source: cmdlinestart.log.3.drString found in binary or memory: http://www.allatori.com
    Source: java.exe, 00000003.00000003.316124236.0000000015D87000.00000004.00000001.sdmpString found in binary or memory: http://www.certplus.com/CRL/class2.crl0
    Source: cmdlinestart.log.3.drString found in binary or memory: https://github.com/kristian/system-hook/releases/download/3.5/system-hook-3.5.jar
    Source: cmdlinestart.log.3.drString found in binary or memory: https://repo1.maven.org/maven2/net/java/dev/jna/jna-platform/5.5.0/jna-platform-5.5.0.jar
    Source: cmdlinestart.log.3.drString found in binary or memory: https://repo1.maven.org/maven2/net/java/dev/jna/jna/5.5.0/jna-5.5.0.jar
    Source: cmdlinestart.log.3.drString found in binary or memory: https://repo1.maven.org/maven2/org/xerial/sqlite-jdbc/3.14.2.1/sqlite-jdbc-3.14.2.1.jar
    Source: unknownDNS traffic detected: queries for: repo1.maven.org
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49744 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49742 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49741 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49743 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49746 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49745 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49747 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49748 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49749 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49750 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49751 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49752 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49753 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49754 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49755 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49756 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49757 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49758 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49759 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49760 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49761 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49762 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49763 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49764 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49765 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49767 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49766 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49768 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49769 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49770 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49771 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49772 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49774 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49773 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49776 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49775 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49778 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49777 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49779 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49780 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49781 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49782 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49783 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49784 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49786 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49785 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49788 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49787 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49789 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49790 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49791 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49793 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49792 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49794 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49795 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49796 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49797 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49798 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49799 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49800 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49801 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49802 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49803 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49804 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49805 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49806 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49807 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49808 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49809 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49810 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49811 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49812 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49813 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49814 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49815 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49816 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49817 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49818 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49819 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49820 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49821 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49822 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49823 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49824 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49825 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49826 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49827 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49828 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49829 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49830 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49832 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49831 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49833 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49834 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49835 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49836 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49837 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49838 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49839 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49840 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49841 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49842 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49843 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49845 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49844 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49846 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49847 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49848 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49849 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49850 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49851 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49852 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49853 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49854 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49855 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49856 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49857 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49858 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49859 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49860 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49861 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49862 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49863 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49865 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49864 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49867 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49866 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49868 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49869 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49870 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49871 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49872 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49873 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49875 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49874 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49876 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49877 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49878 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49879 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49880 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49881 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49882 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49883 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49884 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49885 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49886 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49887 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49889 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49888 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49890 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49891 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49892 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49893 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49894 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49895 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49896 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49897 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49898 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49899 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49900 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49901 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49902 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49904 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49903 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49905 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49906 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49907 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49908 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49909 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49910 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49912 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49911 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49913 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49914 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49915 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49916 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49918 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49917 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49919 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49920 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49922 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49921 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49923 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49924 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49925 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49926 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49927 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49928 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49929 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49930 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49931 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49932 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49934 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49933 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49935 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49937 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49936 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49938 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49939 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49940 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49941 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49943 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49942 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49944 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49946 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49947 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49945 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49948 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49949 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49952 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49951 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49950 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49953 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49955 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49954 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49956 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49957 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49958 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49960 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49959 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49961 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49962 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49963 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49964 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49965 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49967 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49966 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49968 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49969 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49970 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49971 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49972 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49973 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49974 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49975 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49976 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49977 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49978 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49979 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49980 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49981 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49982 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49983 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49984 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49985 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49986 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49987 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49988 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49989 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49990 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49991 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49992 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49993 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49994 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49995 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49996 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49997 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:49998 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:49999 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50000 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50001 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50002 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50003 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50004 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50005 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50006 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50007 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50008 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50009 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50010 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50011 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50013 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50014 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50012 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50015 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50016 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50017 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50018 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50019 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50020 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50021 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50022 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50023 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50024 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50025 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50026 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50027 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50028 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50030 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50029 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50031 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50032 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50033 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50034 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50035 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50036 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50037 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50038 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50039 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50040 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50041 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50042 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50043 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50044 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50045 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50046 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50047 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50049 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50048 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50050 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50051 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50052 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50054 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50053 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50055 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50056 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50057 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50058 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50059 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50060 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50061 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50062 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50063 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50064 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50065 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50066 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50067 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50068 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50069 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50070 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50071 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50072 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50073 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50074 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50075 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50076 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50077 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50078 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50079 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50080 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50081 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50082 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50083 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50084 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50085 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50086 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50087 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50088 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50089 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50090 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50091 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50092 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50093 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50094 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50095 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50096 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50097 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50098 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50099 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50100 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50102 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50101 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50103 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50104 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50105 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50106 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50107 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50108 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50109 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50110 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50112 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50111 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50113 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50114 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50115 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50116 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50117 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50118 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50119 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50120 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50121 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50122 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50124 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50123 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50125 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50126 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50127 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50128 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50129 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50130 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50131 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50132 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50133 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50134 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50135 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50136 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50137 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50138 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50139 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50140 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50141 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50142 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50143 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50144 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50145 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50146 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50147 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50148 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50149 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50150 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50151 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50152 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50153 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50154 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50155 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50156 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50157 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50158 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50159 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50160 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50161 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50163 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50162 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50164 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50165 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50166 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50167 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50168 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50169 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50170 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50171 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50172 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50173 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50174 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50175 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50176 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50177 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50178 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50179 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50180 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50181 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50182 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50183 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50184 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50185 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50186 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50187 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50188 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50189 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50190 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50191 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50192 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50194 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50193 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50195 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50196 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50197 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50198 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50199 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50200 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50201 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50202 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50203 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50204 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50205 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50206 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50207 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50208 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50209 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50210 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50211 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50212 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50213 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50214 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50215 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50216 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50217 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50218 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50219 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50220 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50221 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50222 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50223 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50224 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50225 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50226 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50227 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50228 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50229 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50230 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50231 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50232 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50233 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50234 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50235 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50236 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50237 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50238 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.3:50239 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 199.232.192.209:443 -> 192.168.2.3:50240 version: TLS 1.2
    Source: NRB-RTGS 28-Sept 2021.jarReversingLabs: Detection: 22%
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
    Source: unknownProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ''C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe' -javaagent:'C:\Users\user\AppData\Local\Temp\jartracer.jar' -jar 'C:\Users\user\Desktop\NRB-RTGS 28-Sept 2021.jar'' >> C:\cmdlinestart.log 2>&1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe 'C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe' -javaagent:'C:\Users\user\AppData\Local\Temp\jartracer.jar' -jar 'C:\Users\user\Desktop\NRB-RTGS 28-Sept 2021.jar'
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant 'everyone':(OI)(CI)M
    Source: C:\Windows\SysWOW64\icacls.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe 'C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe' -javaagent:'C:\Users\user\AppData\Local\Temp\jartracer.jar' -jar 'C:\Users\user\Desktop\NRB-RTGS 28-Sept 2021.jar'
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant 'everyone':(OI)(CI)M
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6532:120:WilError_01
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4660:120:WilError_01
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeFile created: C:\Users\user\5055lock.fileJump to behavior
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeFile created: C:\Users\user\AppData\Local\Temp\hsperfdata_userJump to behavior
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeSection loaded: C:\Program Files (x86)\Java\jre1.8.0_211\bin\client\jvm.dll
    Source: java.exeString found in binary or memory: sun/launcher/
    Source: classification engineClassification label: mal52.evad.winJAR@7/3@12/2
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeFile opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

    Data Obfuscation:

    barindex
    Yara detected AllatoriJARObfuscatorShow sources
    Source: Yara matchFile source: C:\cmdlinestart.log, type: DROPPED
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeCode function: 3_3_155EA356 push ss; ret
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeCode function: 3_3_155F2479 push dword ptr [esi]; ret
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeCode function: 3_3_155EA179 push cs; retf
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeCode function: 3_3_155F1E64 push eax; ret
    Source: Java tracingExecutes: java.io.Writer.write(java.lang.String) on Obfuscation by Allatori Obfuscator v7.3 DEMO ## ## http://www.allatori.com
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant 'everyone':(OI)(CI)M
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeMemory protected: page read and write | page guard
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe 'C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe' -javaagent:'C:\Users\user\AppData\Local\Temp\jartracer.jar' -jar 'C:\Users\user\Desktop\NRB-RTGS 28-Sept 2021.jar'
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant 'everyone':(OI)(CI)M
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeQueries volume information: C:\Users\user\5055lock.file VolumeInformation
    Source: C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

    Mitre Att&ck Matrix

    Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
    Valid AccountsCommand and Scripting Interpreter2Services File Permissions Weakness1Services File Permissions Weakness1Masquerading1OS Credential DumpingSystem Information Discovery12Remote ServicesData from Local SystemExfiltration Over Other Network MediumEncrypted Channel2Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
    Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsProcess Injection11Services File Permissions Weakness1LSASS MemoryRemote System Discovery1Remote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
    Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Disable or Modify Tools1Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
    Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Process Injection11NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled TransferProtocol ImpersonationSIM Card SwapCarrier Billing Fraud
    Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptObfuscated Files or Information2LSA SecretsRemote System DiscoverySSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 492006 Sample: NRB-RTGS 28-Sept 2021.jar Startdate: 28/09/2021 Architecture: WINDOWS Score: 52 23 sonatype.map.fastly.net 2->23 25 repo1.maven.org 2->25 27 github.com 2->27 35 Multi AV Scanner detection for submitted file 2->35 37 Yara detected AllatoriJARObfuscator 2->37 9 cmd.exe 2 2->9         started        signatures3 process4 process5 11 java.exe 24 9->11         started        15 conhost.exe 9->15         started        dnsIp6 29 github.com 140.82.121.4, 443, 49744, 49748 GITHUBUS United States 11->29 31 sonatype.map.fastly.net 199.232.192.209, 443, 49741, 49742 FASTLYUS United States 11->31 33 repo1.maven.org 11->33 21 C:\cmdlinestart.log, ASCII 11->21 dropped 17 icacls.exe 11->17         started        file7 process8 process9 19 conhost.exe 17->19         started       

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.

    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    NRB-RTGS 28-Sept 2021.jar22%ReversingLabsByteCode-JAVA.Downloader.BanLoad

    Dropped Files

    No Antivirus matches

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    http://www.certplus.com/CRL/class2.crl00%URL Reputationsafe
    http://www.allatori.com0%URL Reputationsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    sonatype.map.fastly.net
    		199.232.192.209
    		truefalse
      		unknown
      github.com
      		140.82.121.4
      		truefalse
        		high
        repo1.maven.org
        		unknown
        		unknownfalse
          		high

          URLs from Memory and Binaries

          NameSourceMaliciousAntivirus DetectionReputation
          http://null.oracle.com/java.exe, 00000003.00000003.315984025.0000000015C54000.00000004.00000001.sdmpfalse
            		high
            https://repo1.maven.org/maven2/net/java/dev/jna/jna-platform/5.5.0/jna-platform-5.5.0.jarcmdlinestart.log.3.drfalse
              		high
              https://repo1.maven.org/maven2/net/java/dev/jna/jna/5.5.0/jna-5.5.0.jarcmdlinestart.log.3.drfalse
                		high
                http://www.certplus.com/CRL/class2.crl0java.exe, 00000003.00000003.316124236.0000000015D87000.00000004.00000001.sdmpfalse
                • URL Reputation: safe
                		unknown
                http://www.allatori.comcmdlinestart.log.3.drfalse
                • URL Reputation: safe
                		unknown
                https://repo1.maven.org/maven2/org/xerial/sqlite-jdbc/3.14.2.1/sqlite-jdbc-3.14.2.1.jarcmdlinestart.log.3.drfalse
                  		high
                  https://github.com/kristian/system-hook/releases/download/3.5/system-hook-3.5.jarcmdlinestart.log.3.drfalse
                    		high

                    Contacted IPs

                    • No. of IPs < 25%
                    • 25% < No. of IPs < 50%
                    • 50% < No. of IPs < 75%
                    • 75% < No. of IPs

                    Public

                    IPDomainCountryFlagASNASN NameMalicious
                    199.232.192.209
                    		sonatype.map.fastly.netUnited States
                    		54113FASTLYUSfalse
                    140.82.121.4
                    		github.comUnited States
                    		36459GITHUBUSfalse

                    General Information

                    Joe Sandbox Version:33.0.0 White Diamond
                    Analysis ID:492006
                    Start date:28.09.2021
                    Start time:09:09:00
                    Joe Sandbox Product:CloudBasic
                    Overall analysis duration:0h 10m 32s
                    Hypervisor based Inspection enabled:false
                    Report type:light
                    Sample file name:NRB-RTGS 28-Sept 2021.jar
                    Cookbook file name:defaultwindowsfilecookbook.jbs
                    Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                    Number of analysed new started processes analysed:22
                    Number of new started drivers analysed:0
                    Number of existing processes analysed:0
                    Number of existing drivers analysed:0
                    Number of injected processes analysed:0
                    Technologies:
                    • HCA enabled
                    • EGA enabled
                    • HDC enabled
                    • GSI enabled (Java)
                    • AMSI enabled
                    Analysis Mode:default
                    Analysis stop reason:Timeout
                    Detection:MAL
                    Classification:mal52.evad.winJAR@7/3@12/2
                    EGA Information:Failed
                    HDC Information:Failed
                    HCA Information:
                    • Successful, ratio: 100%
                    • Number of executed functions: 0
                    • Number of non-executed functions: 0
                    Cookbook Comments:
                    • Adjust boot time
                    • Enable AMSI
                    • Found application associated with file extension: .jar
                    Warnings:
                    Show All
                    • Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, BackgroundTransferHost.exe, WMIADAP.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe, wuapihost.exe
                    • TCP Packets have been reduced to 100
                    • Excluded IPs from analysis (whitelisted): 23.211.6.115, 20.82.209.104, 8.248.145.254, 67.27.158.126, 67.26.83.254, 8.248.113.254, 8.253.204.121, 20.199.120.182, 20.54.110.249, 40.112.88.60, 80.67.82.235, 80.67.82.211, 20.199.120.85, 20.82.210.154
                    • Excluded domains from analysis (whitelisted): fg.download.windowsupdate.com.c.footprint.net, client.wns.windows.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, wu-shim.trafficmanager.net, neu-displaycatalogrp.frontdoor.bigcatalog.commerce.microsoft.com, ris-prod.trafficmanager.net, asf-ris-prod-neu.northeurope.cloudapp.azure.com, store-images.s-microsoft.com-c.edgekey.net, ctldl.windowsupdate.com, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, a1449.dscg2.akamai.net, arc.msn.com, iris-de-ppe-azsc-neu.northeurope.cloudapp.azure.com, ris.api.iris.microsoft.com, e12564.dspb.akamaiedge.net, wns.notify.trafficmanager.net, consumer-displaycatalogrp-aks2aks-europe.md.mp.microsoft.com.akadns.net, store-images.s-microsoft.com, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net
                    • Not all processes where analyzed, report is missing behavior information
                    • Report size exceeded maximum capacity and may have missing behavior information.
                    • Report size exceeded maximum capacity and may have missing network information.
                    • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                    • Report size getting too big, too many NtDeviceIoControlFile calls found.
                    • Report size getting too big, too many NtQueryValueKey calls found.
                    • Report size getting too big, too many NtSetInformationFile calls found.

                    Simulations

                    Behavior and APIs

                    No simulations

                    Joe Sandbox View / Context

                    IPs

                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                    199.232.192.209INQUIRY________535262623.jpg.jarGet hashmaliciousBrowse
                      Quotation sheet.jarGet hashmaliciousBrowse
                        RFQ_40ft Container.jarGet hashmaliciousBrowse
                          INQUIRY________535262623.jpg.jarGet hashmaliciousBrowse
                            Quotation sheet.jarGet hashmaliciousBrowse
                              RFQ_40ft Container.jarGet hashmaliciousBrowse
                                Quotation.jarGet hashmaliciousBrowse
                                  02_extracted.jarGet hashmaliciousBrowse
                                    02_extracted.jarGet hashmaliciousBrowse
                                      dhl paket.jarGet hashmaliciousBrowse
                                        dhl paket.jarGet hashmaliciousBrowse
                                          RQF 10020213.jarGet hashmaliciousBrowse
                                            Quotation.jarGet hashmaliciousBrowse
                                              Quotation Sheet.jarGet hashmaliciousBrowse
                                                Quotation Sheet.jarGet hashmaliciousBrowse
                                                  SWIFT_DETAILS.jarGet hashmaliciousBrowse
                                                    Quotation Sheet.jarGet hashmaliciousBrowse
                                                      Quotation Sheet.jarGet hashmaliciousBrowse
                                                        USpstracKER.jarGet hashmaliciousBrowse
                                                          USpstracKER.jarGet hashmaliciousBrowse
                                                            140.82.121.4INQUIRY________535262623.jpg.jarGet hashmaliciousBrowse
                                                              Quotation sheet.jarGet hashmaliciousBrowse
                                                                RFQ_40ft Container.jarGet hashmaliciousBrowse
                                                                  INQUIRY________535262623.jpg.jarGet hashmaliciousBrowse
                                                                    Quotation sheet.jarGet hashmaliciousBrowse
                                                                      RFQ_40ft Container.jarGet hashmaliciousBrowse
                                                                        Quotation.jarGet hashmaliciousBrowse
                                                                          02_extracted.jarGet hashmaliciousBrowse
                                                                            02_extracted.jarGet hashmaliciousBrowse
                                                                              dhl paket.jarGet hashmaliciousBrowse
                                                                                dhl paket.jarGet hashmaliciousBrowse
                                                                                  AW QUOTE 21505 HQ1-Scan-068703_PDF.exeGet hashmaliciousBrowse
                                                                                    DHL QA-Tracker.docGet hashmaliciousBrowse
                                                                                      Quotation.jarGet hashmaliciousBrowse
                                                                                        Quotation Sheet.jarGet hashmaliciousBrowse
                                                                                          Quotation Sheet.jarGet hashmaliciousBrowse
                                                                                            SWIFT_DETAILS.jarGet hashmaliciousBrowse
                                                                                              Quotation Sheet.jarGet hashmaliciousBrowse
                                                                                                Quotation Sheet.jarGet hashmaliciousBrowse
                                                                                                  WDDzCTWnXh.exeGet hashmaliciousBrowse

                                                                                                    Domains

                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                    github.comINQUIRY________535262623.jpg.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    Quotation sheet.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    RFQ_40ft Container.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    INQUIRY________535262623.jpg.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    Quotation sheet.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    RFQ_40ft Container.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    Quotation.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    02_extracted.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    02_extracted.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    dhl paket.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    dhl paket.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    jfTy8Hld20.exeGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    yxHYlyS6ec.exeGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    CxarNMwOrM.exeGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    AsvL372I1U.exeGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    RQF 10020213.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    AW QUOTE 21505 HQ1-Scan-068703_PDF.exeGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    DHL QA-Tracker.docGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    Quotation.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    sonatype.map.fastly.netINQUIRY________535262623.jpg.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    Quotation sheet.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    RFQ_40ft Container.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    INQUIRY________535262623.jpg.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    Quotation sheet.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    RFQ_40ft Container.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    Quotation.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    02_extracted.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    02_extracted.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    dhl paket.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    dhl paket.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    RQF 10020213.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    Quotation.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    Quotation Sheet.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    Quotation Sheet.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    SWIFT_DETAILS.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    Quotation Sheet.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    Quotation Sheet.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    USpstracKER.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    USpstracKER.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209

                                                                                                    ASN

                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                    FASTLYUSINQUIRY________535262623.jpg.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    Quotation sheet.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    RFQ_40ft Container.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    INQUIRY________535262623.jpg.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    Quotation sheet.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    RFQ_40ft Container.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    Quotation.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    02_extracted.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    02_extracted.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    cs.exeGet hashmaliciousBrowse
                                                                                                    • 151.101.1.194
                                                                                                    Exodus.exeGet hashmaliciousBrowse
                                                                                                    • 185.199.108.133
                                                                                                    dhl paket.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    dhl paket.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    cs.exeGet hashmaliciousBrowse
                                                                                                    • 151.101.1.194
                                                                                                    U6lZQUtrU5Get hashmaliciousBrowse
                                                                                                    • 151.101.128.95
                                                                                                    tms.dllGet hashmaliciousBrowse
                                                                                                    • 151.101.1.44
                                                                                                    qGGMaafxQt.dllGet hashmaliciousBrowse
                                                                                                    • 151.101.1.44
                                                                                                    svQOxJeiVE.dllGet hashmaliciousBrowse
                                                                                                    • 151.101.1.44
                                                                                                    u8KMSM5Yd4.dllGet hashmaliciousBrowse
                                                                                                    • 151.101.1.44
                                                                                                    e2ngtxnWAP.dllGet hashmaliciousBrowse
                                                                                                    • 151.101.1.44
                                                                                                    GITHUBUSINQUIRY________535262623.jpg.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    Quotation sheet.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    RFQ_40ft Container.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    INQUIRY________535262623.jpg.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    Quotation sheet.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    RFQ_40ft Container.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    Quotation.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    02_extracted.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    02_extracted.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    dhl paket.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    dhl paket.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    CxarNMwOrM.exeGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    ZamCfP5Dev.exeGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    AsvL372I1U.exeGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    RQF 10020213.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.3
                                                                                                    AW QUOTE 21505 HQ1-Scan-068703_PDF.exeGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    DHL QA-Tracker.docGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    Quotation.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    Quotation Sheet.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4
                                                                                                    Quotation Sheet.jarGet hashmaliciousBrowse
                                                                                                    • 140.82.121.4

                                                                                                    JA3 Fingerprints

                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                    d2935c58fe676744fecc8614ee5356c7INQUIRY________535262623.jpg.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    Quotation sheet.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    RFQ_40ft Container.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    INQUIRY________535262623.jpg.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    Quotation sheet.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    RFQ_40ft Container.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    02_extracted.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    02_extracted.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    dhl paket.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    dhl paket.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    Quotation Sheet.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    Quotation Sheet.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    Quotation Sheet.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    Quotation Sheet.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    USpstracKER.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    USpstracKER.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    Invoice.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    payment slip.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    Invoice.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4
                                                                                                    payment slip.jarGet hashmaliciousBrowse
                                                                                                    • 199.232.192.209
                                                                                                    • 140.82.121.4

                                                                                                    Dropped Files

                                                                                                    No context

                                                                                                    Created / dropped Files

                                                                                                    C:\ProgramData\Oracle\Java\.oracle_jre_usage\cce3fe3b0d8d83e2.timestamp
                                                                                                    Process:C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):57
                                                                                                    Entropy (8bit):4.896327242493616
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:oFj4I5vpN6yUavp:oJ5X6yD
                                                                                                    MD5:A8A8C94C8D63B16960938AC6C0072DB5
                                                                                                    SHA1:EB93EB3812E0054D767D78B4818BF1035065AE07
                                                                                                    SHA-256:2506CFA73F44D2AEB618C5A2FBF8D81734D9B59BC1F26C2E469DF0FBE9E00124
                                                                                                    SHA-512:07E9C7D8A1E0A76EF7A5FBD486896BADD0DD875E6001136678C5E509ACDF00B23DB14D88CD5CC5404BE5EBD62A6E8DB4CCD8295BA8724A31CA031DCE9FAFBEC7
                                                                                                    Malicious:false
                                                                                                    Reputation:low
                                                                                                    Preview: C:\Program Files (x86)\Java\jre1.8.0_211..1632845399591..
                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\83aa4cc77f591dfc2374580bbd95f6ba_d06ed635-68f6-4e9a-955c-4899f5f57b9a
                                                                                                    Process:C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe
                                                                                                    File Type:data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):45
                                                                                                    Entropy (8bit):0.9111711733157262
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:/lwlt7n:WNn
                                                                                                    MD5:C8366AE350E7019AEFC9D1E6E6A498C6
                                                                                                    SHA1:5731D8A3E6568A5F2DFBBC87E3DB9637DF280B61
                                                                                                    SHA-256:11E6ACA8E682C046C83B721EEB5C72C5EF03CB5936C60DF6F4993511DDC61238
                                                                                                    SHA-512:33C980D5A638BFC791DE291EBF4B6D263B384247AB27F261A54025108F2F85374B579A026E545F81395736DD40FA4696F2163CA17640DD47F1C42BC9971B18CD
                                                                                                    Malicious:false
                                                                                                    Reputation:high, very likely benign file
                                                                                                    Preview: ........................................J2SE.
                                                                                                    C:\cmdlinestart.log
                                                                                                    Process:C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe
                                                                                                    File Type:ASCII text, with CRLF, LF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):441941
                                                                                                    Entropy (8bit):5.040398967499683
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:uMn3OOOOeeBeeR7mm0eeeee7mmvGGGrRBReeeOOOOO3OGGGGOOemOv3OOzeeeQeY:5G
                                                                                                    MD5:831332E72E8498EB18A6BD8338D3A99B
                                                                                                    SHA1:AF0ABAC4F8487276A286A78FA386DC8DBB153356
                                                                                                    SHA-256:58892D06E4C149B894736C14BDE3FD5F5CC1B8B5A9177611FE7E265064C57B24
                                                                                                    SHA-512:7C380E3183C04172DB5380C55A1DEC6920949CA791517967235AACA7A82DDBA3CE2A1AE1441612189713950A25C8F4B29D23B84A8B704E608F96F6320715FC01
                                                                                                    Malicious:true
                                                                                                    Yara Hits:
                                                                                                    • Rule: JoeSecurity_Allatori_JAR_Obfuscator, Description: Yara detected Allatori_JAR_Obfuscator, Source: C:\cmdlinestart.log, Author: Joe Security
                                                                                                    Reputation:low
                                                                                                    Preview: .################################################.# #.# ## # # ## ### ### ## ### #.# # # # # # # # # # # # # #.# ### # # ### # # # ## # #.# # # ### ### # # # ### # # ### #.# #.# Obfuscation by Allatori Obfuscator v7.3 DEMO #.# #.# http://www.allatori.com #.# #.################################################...returned false..C:\Users\user\lib\jna-5.5.0.jar..EXCEPTION: https://repo1.maven.org/maven2/net/java/dev/jna/jna-platform/5.5.0/jna-platform-5.5.0.jar..EXCEPTION: https://repo1.maven.org/maven2/net/java/dev/jna/jna/5.5.0/jna-5.5.0.jar..EXCEPTION: https://github.com/kristian/system-hook/releases/download/3.5/system-hook-3.5.jar..EXCEPTION: https://repo1.maven.org/maven2/org/xerial/sqlite-jdbc/3.14.2.1/sqlit

                                                                                                    Static File Info

                                                                                                    General

                                                                                                    File type:Zip archive data, at least v2.0 to extract
                                                                                                    Entropy (8bit):7.9272410126162995
                                                                                                    TrID:
                                                                                                    • Java Archive (13504/1) 62.80%
                                                                                                    • ZIP compressed archive (8000/1) 37.20%
                                                                                                    File name:NRB-RTGS 28-Sept 2021.jar
                                                                                                    File size:106220
                                                                                                    MD5:ccfdd7c24c9029f301ee94dbc9441ace
                                                                                                    SHA1:99dce2074fd2cca2ede69a3b08cf33a574a4a976
                                                                                                    SHA256:3ecc6468de96ac9ae350154c117610dd3062f968be547d6b67b3f126fee512e9
                                                                                                    SHA512:3ca8410aca55b1acb92e1c5316fffb01815b7b69b850c1637cc4b04f43a83f2cf52c21c0785c4af30ce9655782c1d285d82055bb120e41d103f0758bf37fe258
                                                                                                    SSDEEP:3072:Q+0dMqzH4I51/j6SJtXr3JN0GMAxoKQ9YDQ:QFesH4i1BJVr5QACKD0
                                                                                                    File Content Preview:PK........,.;S................META-INF/MANIFEST.MF].=O.0..wK..7.`..VT.J....!.z....c......e.C...G.....;Q...Rv1..d..!."...@PY.7Rq.%.BV..-l.r....\...O..4...._r......s....N:.{.ry^B.:...eh.;}..\h.C...Z............2{,..&...............Hu.......w./-.....{..h-Y..

                                                                                                    File Icon

                                                                                                    Icon Hash:d28c8e8ea2868ad6

                                                                                                    Network Behavior

                                                                                                    Network Port Distribution

                                                                                                    TCP Packets

                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                    Sep 28, 2021 09:10:03.960180998 CEST49741443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:03.960242987 CEST44349741199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:03.960335016 CEST49741443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:03.961761951 CEST49742443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:03.961822033 CEST44349742199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:03.962019920 CEST49742443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:03.964262009 CEST49743443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:03.964293003 CEST44349743199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:03.964380026 CEST49743443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:03.965518951 CEST49744443192.168.2.3140.82.121.4
                                                                                                    Sep 28, 2021 09:10:03.965559006 CEST44349744140.82.121.4192.168.2.3
                                                                                                    Sep 28, 2021 09:10:03.965621948 CEST49744443192.168.2.3140.82.121.4
                                                                                                    Sep 28, 2021 09:10:04.078886986 CEST49742443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.078906059 CEST44349742199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.078934908 CEST49741443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.078958035 CEST44349741199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.078962088 CEST49743443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.078985929 CEST44349743199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.079058886 CEST49744443192.168.2.3140.82.121.4
                                                                                                    Sep 28, 2021 09:10:04.079072952 CEST44349744140.82.121.4192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.120291948 CEST44349744140.82.121.4192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.120409966 CEST49744443192.168.2.3140.82.121.4
                                                                                                    Sep 28, 2021 09:10:04.135236025 CEST44349742199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.135813951 CEST49742443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.137268066 CEST44349741199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.137352943 CEST49741443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.138871908 CEST44349743199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.138962030 CEST49743443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.238754988 CEST49743443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.238779068 CEST44349743199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.238913059 CEST49744443192.168.2.3140.82.121.4
                                                                                                    Sep 28, 2021 09:10:04.238936901 CEST44349744140.82.121.4192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.238954067 CEST49742443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.238971949 CEST44349742199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.239104986 CEST49741443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.239126921 CEST44349741199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.239185095 CEST44349743199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.239219904 CEST44349742199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.239238024 CEST49743443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.239263058 CEST49742443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.239267111 CEST44349744140.82.121.4192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.239312887 CEST49744443192.168.2.3140.82.121.4
                                                                                                    Sep 28, 2021 09:10:04.239444971 CEST44349741199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.239487886 CEST49741443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.240452051 CEST49742443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.240466118 CEST44349742199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.240477085 CEST49744443192.168.2.3140.82.121.4
                                                                                                    Sep 28, 2021 09:10:04.240494013 CEST44349744140.82.121.4192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.240523100 CEST49743443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.240535021 CEST44349743199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.240876913 CEST49741443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.240885973 CEST44349741199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.248681068 CEST49745443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.248708963 CEST44349745199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.248775005 CEST49745443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.254139900 CEST49745443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.254158020 CEST44349745199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.255028963 CEST49746443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.255057096 CEST44349746199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.255124092 CEST49746443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.256567955 CEST49746443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.256578922 CEST44349746199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.268042088 CEST49747443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.268079042 CEST44349747199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.268146992 CEST49747443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.269355059 CEST49748443192.168.2.3140.82.121.4
                                                                                                    Sep 28, 2021 09:10:04.269387960 CEST44349748140.82.121.4192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.269459009 CEST49748443192.168.2.3140.82.121.4
                                                                                                    Sep 28, 2021 09:10:04.270390987 CEST49747443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.270405054 CEST44349747199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.270930052 CEST49748443192.168.2.3140.82.121.4
                                                                                                    Sep 28, 2021 09:10:04.270941973 CEST44349748140.82.121.4192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.292658091 CEST44349746199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.292746067 CEST49746443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.293159962 CEST44349745199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.293243885 CEST49745443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.295012951 CEST49745443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.295020103 CEST44349745199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.295137882 CEST49745443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.295341015 CEST44349745199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.295392036 CEST49745443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.296943903 CEST49746443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.297039032 CEST49746443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.297096014 CEST44349746199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.297149897 CEST49746443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.303415060 CEST49749443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.303443909 CEST44349749199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.303498983 CEST49749443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.304521084 CEST49750443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.304552078 CEST44349750199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.304723978 CEST44349747199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.304765940 CEST49750443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.304867983 CEST49747443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.306164980 CEST49750443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.306174994 CEST44349750199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.306288004 CEST49749443192.168.2.3199.232.192.209
                                                                                                    Sep 28, 2021 09:10:04.306305885 CEST44349749199.232.192.209192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.306978941 CEST44349748140.82.121.4192.168.2.3
                                                                                                    Sep 28, 2021 09:10:04.307074070 CEST49748443192.168.2.3140.82.121.4
                                                                                                    Sep 28, 2021 09:10:04.307513952 CEST49747443192.168.2.3199.232.192.209

                                                                                                    DNS Queries

                                                                                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                                                                    Sep 28, 2021 09:10:03.930704117 CEST192.168.2.38.8.8.80x2c9cStandard query (0)repo1.maven.orgA (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:10:03.931329012 CEST192.168.2.38.8.8.80x3013Standard query (0)github.comA (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:10:34.116592884 CEST192.168.2.38.8.8.80x46Standard query (0)repo1.maven.orgA (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:10:34.117388964 CEST192.168.2.38.8.8.80xfacfStandard query (0)github.comA (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:11:04.432183027 CEST192.168.2.38.8.8.80xe712Standard query (0)github.comA (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:11:04.432224989 CEST192.168.2.38.8.8.80xf904Standard query (0)repo1.maven.orgA (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:11:34.707647085 CEST192.168.2.38.8.8.80x84c5Standard query (0)repo1.maven.orgA (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:11:34.992959976 CEST192.168.2.38.8.8.80x6e0dStandard query (0)github.comA (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:12:04.783384085 CEST192.168.2.38.8.8.80x783eStandard query (0)repo1.maven.orgA (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:12:05.089884043 CEST192.168.2.38.8.8.80x3893Standard query (0)github.comA (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:12:34.830089092 CEST192.168.2.38.8.8.80x3d24Standard query (0)repo1.maven.orgA (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:12:35.189574957 CEST192.168.2.38.8.8.80xedeeStandard query (0)github.comA (IP address)IN (0x0001)

                                                                                                    DNS Answers

                                                                                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                                                                    Sep 28, 2021 09:10:03.950185061 CEST8.8.8.8192.168.2.30x2c9cNo error (0)repo1.maven.orgsonatype.map.fastly.netCNAME (Canonical name)IN (0x0001)
                                                                                                    Sep 28, 2021 09:10:03.950185061 CEST8.8.8.8192.168.2.30x2c9cNo error (0)sonatype.map.fastly.net199.232.192.209A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:10:03.950185061 CEST8.8.8.8192.168.2.30x2c9cNo error (0)sonatype.map.fastly.net199.232.196.209A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:10:03.953293085 CEST8.8.8.8192.168.2.30x3013No error (0)github.com140.82.121.4A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:10:34.137681007 CEST8.8.8.8192.168.2.30x46No error (0)repo1.maven.orgsonatype.map.fastly.netCNAME (Canonical name)IN (0x0001)
                                                                                                    Sep 28, 2021 09:10:34.137681007 CEST8.8.8.8192.168.2.30x46No error (0)sonatype.map.fastly.net199.232.192.209A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:10:34.137681007 CEST8.8.8.8192.168.2.30x46No error (0)sonatype.map.fastly.net199.232.196.209A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:10:34.139309883 CEST8.8.8.8192.168.2.30xfacfNo error (0)github.com140.82.121.4A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:11:04.471071005 CEST8.8.8.8192.168.2.30xe712No error (0)github.com140.82.121.4A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:11:04.471095085 CEST8.8.8.8192.168.2.30xf904No error (0)repo1.maven.orgsonatype.map.fastly.netCNAME (Canonical name)IN (0x0001)
                                                                                                    Sep 28, 2021 09:11:04.471095085 CEST8.8.8.8192.168.2.30xf904No error (0)sonatype.map.fastly.net199.232.192.209A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:11:04.471095085 CEST8.8.8.8192.168.2.30xf904No error (0)sonatype.map.fastly.net199.232.196.209A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:11:34.735385895 CEST8.8.8.8192.168.2.30x84c5No error (0)repo1.maven.orgsonatype.map.fastly.netCNAME (Canonical name)IN (0x0001)
                                                                                                    Sep 28, 2021 09:11:34.735385895 CEST8.8.8.8192.168.2.30x84c5No error (0)sonatype.map.fastly.net199.232.192.209A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:11:34.735385895 CEST8.8.8.8192.168.2.30x84c5No error (0)sonatype.map.fastly.net199.232.196.209A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:11:35.017296076 CEST8.8.8.8192.168.2.30x6e0dNo error (0)github.com140.82.121.4A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:12:04.802145958 CEST8.8.8.8192.168.2.30x783eNo error (0)repo1.maven.orgsonatype.map.fastly.netCNAME (Canonical name)IN (0x0001)
                                                                                                    Sep 28, 2021 09:12:04.802145958 CEST8.8.8.8192.168.2.30x783eNo error (0)sonatype.map.fastly.net199.232.192.209A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:12:04.802145958 CEST8.8.8.8192.168.2.30x783eNo error (0)sonatype.map.fastly.net199.232.196.209A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:12:05.111862898 CEST8.8.8.8192.168.2.30x3893No error (0)github.com140.82.121.3A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:12:34.849394083 CEST8.8.8.8192.168.2.30x3d24No error (0)repo1.maven.orgsonatype.map.fastly.netCNAME (Canonical name)IN (0x0001)
                                                                                                    Sep 28, 2021 09:12:34.849394083 CEST8.8.8.8192.168.2.30x3d24No error (0)sonatype.map.fastly.net199.232.192.209A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:12:34.849394083 CEST8.8.8.8192.168.2.30x3d24No error (0)sonatype.map.fastly.net199.232.196.209A (IP address)IN (0x0001)
                                                                                                    Sep 28, 2021 09:12:35.215615034 CEST8.8.8.8192.168.2.30xedeeNo error (0)github.com140.82.121.4A (IP address)IN (0x0001)

                                                                                                    Code Manipulations

                                                                                                    Statistics

                                                                                                    Behavior

                                                                                                    Click to jump to process

                                                                                                    System Behavior

                                                                                                    Analysis Process: cmd.exe PID: 4536 Parent PID: 1360

                                                                                                    General

                                                                                                    Start time:09:09:56
                                                                                                    Start date:28/09/2021
                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                    Wow64 process (32bit):true
                                                                                                    Commandline:C:\Windows\system32\cmd.exe /c ''C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe' -javaagent:'C:\Users\user\AppData\Local\Temp\jartracer.jar' -jar 'C:\Users\user\Desktop\NRB-RTGS 28-Sept 2021.jar'' >> C:\cmdlinestart.log 2>&1
                                                                                                    Imagebase:0xd80000
                                                                                                    File size:232960 bytes
                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:high

                                                                                                    Analysis Process: conhost.exe PID: 4660 Parent PID: 4536

                                                                                                    General

                                                                                                    Start time:09:09:57
                                                                                                    Start date:28/09/2021
                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                    Imagebase:0x7ff7f20f0000
                                                                                                    File size:625664 bytes
                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:high

                                                                                                    Analysis Process: java.exe PID: 4348 Parent PID: 4536

                                                                                                    General

                                                                                                    Start time:09:09:57
                                                                                                    Start date:28/09/2021
                                                                                                    Path:C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe
                                                                                                    Wow64 process (32bit):true
                                                                                                    Commandline:'C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe' -javaagent:'C:\Users\user\AppData\Local\Temp\jartracer.jar' -jar 'C:\Users\user\Desktop\NRB-RTGS 28-Sept 2021.jar'
                                                                                                    Imagebase:0xd80000
                                                                                                    File size:192376 bytes
                                                                                                    MD5 hash:28733BA8C383E865338638DF5196E6FE
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:Java
                                                                                                    Reputation:high

                                                                                                    Analysis Process: icacls.exe PID: 6780 Parent PID: 4348

                                                                                                    General

                                                                                                    Start time:09:09:59
                                                                                                    Start date:28/09/2021
                                                                                                    Path:C:\Windows\SysWOW64\icacls.exe
                                                                                                    Wow64 process (32bit):true
                                                                                                    Commandline:C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant 'everyone':(OI)(CI)M
                                                                                                    Imagebase:0xed0000
                                                                                                    File size:29696 bytes
                                                                                                    MD5 hash:FF0D1D4317A44C951240FAE75075D501
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:high

                                                                                                    Analysis Process: conhost.exe PID: 6532 Parent PID: 6780

                                                                                                    General

                                                                                                    Start time:09:10:00
                                                                                                    Start date:28/09/2021
                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                    Imagebase:0x7ff7f20f0000
                                                                                                    File size:625664 bytes
                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:high

                                                                                                    Disassembly

                                                                                                    Code Analysis

                                                                                                    Reset < >