Windows
Analysis Report
MARIAM HONAINE'S CV.exe
Overview
General Information
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- MARIAM HONAINE'S CV.exe (PID: 7152 cmdline:
"C:\Users\ user\Deskt op\MARIAM HONAINE'S CV.exe" MD5: 06981BA465EB7ECA5E8DA7572511E3D1) - MARIAM HONAINE'S CV.exe (PID: 6348 cmdline:
C:\Users\u ser\Deskto p\MARIAM H ONAINE'S C V.exe MD5: 06981BA465EB7ECA5E8DA7572511E3D1)
- cleanup
{"Version": "1.2.2.0", "Mutex": "fe56abb4-cb76-44f1-89b4-7bb11730", "Group": "Default", "Domain1": "deranano2.ddns.net", "Port": 1187, "KeyboardLogging": "Enable", "RunOnStartup": "Disable", "RequestElevation": "Disable", "BypassUAC": "Disable", "ClearZoneIdentifier": "Enable", "ClearAccessControl": "Disable", "SetCriticalProcess": "Disable", "PreventSystemSleep": "Enable", "ActivateAwayMode": "Disable", "EnableDebugMode": "Disable", "RunDelay": 0, "ConnectDelay": 4000, "RestartDelay": 5000, "TimeoutInterval": 5000, "KeepAliveTimeout": 30000, "MutexTimeout": 5000, "LanTimeout": 2500, "WanTimeout": 8000, "BufferSize": "ffff0000", "MaxPacketSize": "0000a000", "GCThreshold": "0000a000", "UseCustomDNS": "Enable", "PrimaryDNSServer": "8.8.8.8", "BackupDNSServer": "8.8.4.4"}
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
Nanocore_RAT_Gen_2 | Detetcs the Nanocore RAT | Florian Roth |
| |
JoeSecurity_Nanocore | Yara detected Nanocore RAT | Joe Security | ||
NanoCore | unknown | Kevin Breen <kevin@techanarchy.net> |
| |
JoeSecurity_AntiVM_3 | Yara detected AntiVM_3 | Joe Security | ||
Nanocore_RAT_Gen_2 | Detetcs the Nanocore RAT | Florian Roth |
| |
Click to see the 22 entries |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
Nanocore_RAT_Gen_2 | Detetcs the Nanocore RAT | Florian Roth |
| |
Nanocore_RAT_Feb18_1 | Detects Nanocore RAT | Florian Roth |
| |
JoeSecurity_Nanocore | Yara detected Nanocore RAT | Joe Security | ||
MALWARE_Win_NanoCore | Detects NanoCore | ditekSHen |
| |
NanoCore | unknown | Kevin Breen <kevin@techanarchy.net> |
| |
Click to see the 45 entries |
AV Detection |
---|
Source: | Author: Joe Security: |
E-Banking Fraud |
---|
Source: | Author: Joe Security: |
Stealing of Sensitive Information |
---|
Source: | Author: Joe Security: |
Remote Access Functionality |
---|
Source: | Author: Joe Security: |
Timestamp: | 212.193.30.204192.168.2.61187497802810290 05/12/22-11:46:21.496806 |
SID: | 2810290 |
Source Port: | 1187 |
Destination Port: | 49780 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.6212.193.30.2044979611872816718 05/12/22-11:46:47.263188 |
SID: | 2816718 |
Source Port: | 49796 |
Destination Port: | 1187 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.6212.193.30.2044980011872816766 05/12/22-11:46:58.472336 |
SID: | 2816766 |
Source Port: | 49800 |
Destination Port: | 1187 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.6212.193.30.2044980311872816766 05/12/22-11:47:06.947797 |
SID: | 2816766 |
Source Port: | 49803 |
Destination Port: | 1187 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.6212.193.30.2044978711872816766 05/12/22-11:46:33.942053 |
SID: | 2816766 |
Source Port: | 49787 |
Destination Port: | 1187 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.6212.193.30.2044978511872816766 05/12/22-11:46:28.745560 |
SID: | 2816766 |
Source Port: | 49785 |
Destination Port: | 1187 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.6212.193.30.2044979311872816766 05/12/22-11:46:41.057650 |
SID: | 2816766 |
Source Port: | 49793 |
Destination Port: | 1187 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.6212.193.30.2044980411872816766 05/12/22-11:47:13.058709 |
SID: | 2816766 |
Source Port: | 49804 |
Destination Port: | 1187 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 212.193.30.204192.168.2.61187497982841753 05/12/22-11:46:52.450159 |
SID: | 2841753 |
Source Port: | 1187 |
Destination Port: | 49798 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.6212.193.30.2044977011872816766 05/12/22-11:46:01.257200 |
SID: | 2816766 |
Source Port: | 49770 |
Destination Port: | 1187 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 212.193.30.204192.168.2.61187497772841753 05/12/22-11:46:15.045473 |
SID: | 2841753 |
Source Port: | 1187 |
Destination Port: | 49777 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.6212.193.30.2044980611872816766 05/12/22-11:47:22.408127 |
SID: | 2816766 |
Source Port: | 49806 |
Destination Port: | 1187 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.6212.193.30.2044977511872816766 05/12/22-11:46:10.024463 |
SID: | 2816766 |
Source Port: | 49775 |
Destination Port: | 1187 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.6212.193.30.2044978011872816766 05/12/22-11:46:21.037112 |
SID: | 2816766 |
Source Port: | 49780 |
Destination Port: | 1187 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.6212.193.30.2044979611872816766 05/12/22-11:46:47.263188 |
SID: | 2816766 |
Source Port: | 49796 |
Destination Port: | 1187 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.6212.193.30.2044984911872816766 05/12/22-11:47:34.356352 |
SID: | 2816766 |
Source Port: | 49849 |
Destination Port: | 1187 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 212.193.30.204192.168.2.61187498612841753 05/12/22-11:47:44.554133 |
SID: | 2841753 |
Source Port: | 1187 |
Destination Port: | 49861 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.6212.193.30.2044982011872816766 05/12/22-11:47:28.336048 |
SID: | 2816766 |
Source Port: | 49820 |
Destination Port: | 1187 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
AV Detection |
---|
Source: | Malware Configuration Extractor: |
Source: | ReversingLabs: |
Source: | Avira URL Cloud: |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Joe Sandbox ML: |
Source: | Avira: | ||
Source: | Avira: | ||
Source: | Avira: | ||
Source: | Avira: | ||
Source: | Avira: | ||
Source: | Avira: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary string: |
Networking |
---|
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | URLs: | ||
Source: | URLs: |
Source: | DNS query: |
Source: | ASN Name: |
Source: | IP Address: |
Source: | TCP traffic: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | DNS traffic detected: |
E-Banking Fraud |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Static PE information: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Code function: | 0_2_0189E660 | |
Source: | Code function: | 0_2_0189C67C | |
Source: | Code function: | 0_2_0189E670 | |
Source: | Code function: | 0_2_00EB2208 | |
Source: | Code function: | 4_2_004D2208 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | ReversingLabs: |
Source: | File read: | Jump to behavior |
Source: | Static PE information: |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Classification label: |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Mutant created: |
Source: | File opened: | Jump to behavior |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary string: |
Source: | Code function: | 0_2_00EB9E10 | |
Source: | Code function: | 4_2_004D9E10 |
Source: | Static PE information: |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | File opened: | Jump to behavior |
Source: | Registry key monitored for changes: | Jump to behavior |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | Process information queried: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Process token adjusted: | Jump to behavior |
Source: | Memory allocated: | Jump to behavior |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | Memory written: | Jump to behavior |
Source: | Process created: | Jump to behavior |
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality |
---|
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | 1 Windows Management Instrumentation | Path Interception | 111 Process Injection | 1 Masquerading | OS Credential Dumping | 1 Query Registry | Remote Services | 1 Archive Collected Data | Exfiltration Over Other Network Medium | 1 Encrypted Channel | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Disable or Modify Tools | LSASS Memory | 111 Security Software Discovery | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | 1 Non-Standard Port | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | 21 Virtualization/Sandbox Evasion | Security Account Manager | 1 Process Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | 1 Remote Access Software | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | 111 Process Injection | NTDS | 21 Virtualization/Sandbox Evasion | Distributed Component Object Model | Input Capture | Scheduled Transfer | 1 Non-Application Layer Protocol | SIM Card Swap | Carrier Billing Fraud | |
Cloud Accounts | Cron | Network Logon Script | Network Logon Script | 1 Hidden Files and Directories | LSA Secrets | 1 Application Window Discovery | SSH | Keylogging | Data Transfer Size Limits | 21 Application Layer Protocol | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
Replication Through Removable Media | Launchd | Rc.common | Rc.common | 2 Obfuscated Files or Information | Cached Domain Credentials | 12 System Information Discovery | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
External Remote Services | Scheduled Task | Startup Items | Startup Items | 3 Software Packing | DCSync | Network Sniffing | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
27% | ReversingLabs | ByteCode-MSIL.Backdoor.NanoBot | ||
100% | Joe Sandbox ML |
Source | Detection | Scanner | Label | Link | Download |
---|---|---|---|---|---|
100% | Avira | TR/Dropper.MSIL.Gen7 | Download File | ||
100% | Avira | TR/Dropper.MSIL.Gen7 | Download File | ||
100% | Avira | TR/Dropper.MSIL.Gen7 | Download File | ||
100% | Avira | TR/Dropper.MSIL.Gen7 | Download File | ||
100% | Avira | TR/Dropper.MSIL.Gen7 | Download File | ||
100% | Avira | TR/Dropper.MSIL.Gen7 | Download File |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
4% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
100% | Avira URL Cloud | malware | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
deranano2.ddns.net | 212.193.30.204 | true | true |
| unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| low | |
true |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| low | ||
false |
| low | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| low | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
212.193.30.204 | deranano2.ddns.net | Russian Federation | 57844 | SPD-NETTR | true |
Joe Sandbox Version: | 34.0.0 Boulder Opal |
Analysis ID: | 625073 |
Start date and time: 12/05/202211:44:20 | 2022-05-12 11:44:20 +02:00 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 10m 45s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | MARIAM HONAINE'S CV.exe |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Number of analysed new started processes analysed: | 21 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal100.troj.evad.winEXE@3/5@16/1 |
EGA Information: |
|
HDC Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Behavior information exceeds normal sizes, reducing to normal. Report will have missing behavior information.
- Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, BackgroundTransferHost.exe, WMIADAP.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe, wuapihost.exe
- Excluded IPs from analysis (whitelisted): 23.211.6.115, 23.211.4.86
- Excluded domains from analysis (whitelisted): www.bing.com, client.wns.windows.com, fs.microsoft.com, store-images.s-microsoft.com-c.edgekey.net, e1723.g.akamaiedge.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, arc.msn.com, ris.api.iris.microsoft.com, e12564.dspb.akamaiedge.net, login.live.com, store-images.s-microsoft.com, sls.update.microsoft.com, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net
- Execution Graph export aborted for target MARIAM HONAINE'S CV.exe, PID 6348 because there are no executed function
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtAllocateVirtualMemory calls found.
- Report size getting too big, too many NtOpenKeyEx calls found.
Time | Type | Description |
---|---|---|
11:45:48 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
212.193.30.204 | Get hash | malicious | Browse | ||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
deranano2.ddns.net | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
SPD-NETTR | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MARIAM HONAINE'S CV.exe.log
Download File
Process: | C:\Users\user\Desktop\MARIAM HONAINE'S CV.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1308 |
Entropy (8bit): | 5.345811588615766 |
Encrypted: | false |
SSDEEP: | 24:MLUE4K5E4Ks2E1qE4x84qXKDE4KhK3VZ9pKhPKIE4oKFKHKoZAE4Kzr7FE4FsXE8:MIHK5HKXE1qHxviYHKhQnoPtHoxHhAHJ |
MD5: | EA78C102145ED608EF0E407B978AF339 |
SHA1: | 66C9179ED9675B9271A97AB1FC878077E09AB731 |
SHA-256: | 8BF01E0C445BD07C0B4EDC7199B7E17DAF1CA55CA52D4A6EAC4EF211C2B1A73E |
SHA-512: | 8C04139A1FC3C3BDACB680EC443615A43EB18E73B5A0CFCA644CB4A5E71746B275B3E238DD1A5A205405313E457BB75F9BBB93277C67AFA5D78DCFA30E5DA02B |
Malicious: | true |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Users\user\Desktop\MARIAM HONAINE'S CV.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 232 |
Entropy (8bit): | 7.024371743172393 |
Encrypted: | false |
SSDEEP: | 6:X4LDAnybgCFcpJSQwP4d7ZrqJgTFwoaw+9XU4:X4LEnybgCFCtvd7ZrCgpwoaw+Z9 |
MD5: | 32D0AAE13696FF7F8AF33B2D22451028 |
SHA1: | EF80C4E0DB2AE8EF288027C9D3518E6950B583A4 |
SHA-256: | 5347661365E7AD2C1ACC27AB0D150FFA097D9246BB3626FCA06989E976E8DD29 |
SHA-512: | 1D77FC13512C0DBC4EFD7A66ACB502481E4EFA0FB73D0C7D0942448A72B9B05BA1EA78DDF0BE966363C2E3122E0B631DB7630D044D08C1E1D32B9FB025C356A5 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Users\user\Desktop\MARIAM HONAINE'S CV.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8 |
Entropy (8bit): | 3.0 |
Encrypted: | false |
SSDEEP: | 3:t:t |
MD5: | 3E862D2A00D474869A25EF6DD9304AA4 |
SHA1: | 61EA60F35779039D0235025023E7D4B3B9BD13B3 |
SHA-256: | 6EABE5037060667B9AD712153E7B9D8DEF2F805986390C7C46DF2ACD6F7E9959 |
SHA-512: | BF3888E89AF9D7DFA9C22F93D8DCB993ED048422DE13EE5431B68B748840975C0365DC437BA0B6B41B2794E25A0ED05A9AA9161F65B5412F32F05C5A474E6D45 |
Malicious: | true |
Reputation: | low |
Preview: |
Process: | C:\Users\user\Desktop\MARIAM HONAINE'S CV.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 40 |
Entropy (8bit): | 5.153055907333276 |
Encrypted: | false |
SSDEEP: | 3:9bzY6oRDT6P2bfVn1:RzWDT621 |
MD5: | 4E5E92E2369688041CC82EF9650EDED2 |
SHA1: | 15E44F2F3194EE232B44E9684163B6F66472C862 |
SHA-256: | F8098A6290118F2944B9E7C842BD014377D45844379F863B00D54515A8A64B48 |
SHA-512: | 1B368018907A3BC30421FDA2C935B39DC9073B9B1248881E70AD48EDB6CAA256070C1A90B97B0F64BBE61E316DBB8D5B2EC8DBABCD0B0B2999AB50B933671ECB |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Users\user\Desktop\MARIAM HONAINE'S CV.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 327432 |
Entropy (8bit): | 7.99938831605763 |
Encrypted: | true |
SSDEEP: | 6144:oX44S90aTiB66x3Pl6nGV4bfD6wXPIZ9iBj0UeprGm2d7Tm:LkjYGsfGUc9iB4UeprKdnm |
MD5: | 7E8F4A764B981D5B82D1CC49D341E9C6 |
SHA1: | D9F0685A028FB219E1A6286AEFB7D6FCFC778B85 |
SHA-256: | 0BD3AAC12623520C4E2031C8B96B4A154702F36F97F643158E91E987D317B480 |
SHA-512: | 880E46504FCFB4B15B86B9D8087BA88E6C4950E433616EBB637799F42B081ABF6F07508943ECB1F786B2A89E751F5AE62D750BDCFFDDF535D600CF66EC44E926 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
File type: | |
Entropy (8bit): | 7.763627203007017 |
TrID: |
|
File name: | MARIAM HONAINE'S CV.exe |
File size: | 573440 |
MD5: | 06981ba465eb7eca5e8da7572511e3d1 |
SHA1: | 75e5740ef54f5c7b4df89589423ad3fea84dbac2 |
SHA256: | dd810d37c396be1e34d2fe8b76c5ff30c17b6bb64afcc1c682182fb6934a3f60 |
SHA512: | 78a0e8efd80677fb4d6626d2fb9f3f9ed93f7bb623c216f4f8ea597a87d09f6ff64893f8c902db2b85f90eec2347d5dfbe9cb128aec1610e563ff6e68c5fd2b6 |
SSDEEP: | 12288:EcRhTV0MEfIFgiLcyvXbfxg/P3reRgCkie:EcRliMeu3gyvLf233reR6i |
TLSH: | BCC4231811A8533BE4AE1BF9DDA281DD27B0EE366D40CB1F8CD175EA46B7B44885270F |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....X|b..............0..`...@.......`... ........@.. ... ....................... ........@................................ |
Icon Hash: | 00828e8e8686b000 |
Entrypoint: | 0x4860da |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | 32BIT_MACHINE, EXECUTABLE_IMAGE |
DLL Characteristics: | NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT |
Time Stamp: | 0x627C58F8 [Thu May 12 00:46:48 2022 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | v4.0.30319 |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | f34d5f2d4577ed6d9ceec516c1f5a744 |
Instruction |
---|
jmp dword ptr [00402000h] |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x86088 | 0x4f | .text |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x88000 | 0x604 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x8a000 | 0xc | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x85f50 | 0x1c | .text |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x2000 | 0x8 | .text |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x2008 | 0x48 | .text |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|
.text | 0x2000 | 0x840e0 | 0x86000 | False | 0.944028028801 | data | 7.91719358368 | IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ |
.rsrc | 0x88000 | 0x604 | 0x2000 | False | 0.0850830078125 | data | 1.10826852804 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0x8a000 | 0xc | 0x2000 | False | 0.0050048828125 | data | 0.00881485270734 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country |
---|---|---|---|---|---|
RT_VERSION | 0x88090 | 0x374 | data | ||
RT_MANIFEST | 0x88414 | 0x1ea | XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators |
DLL | Import |
---|---|
mscoree.dll | _CorExeMain |
Description | Data |
---|---|
Translation | 0x0000 0x04b0 |
LegalCopyright | Copyright 2013 |
Assembly Version | 0.0.1.0 |
InternalName | RemotingMethodCachedD.exe |
FileVersion | 0.0.1.0 |
CompanyName | |
LegalTrademarks | |
Comments | |
ProductName | PagedOptionsDialog |
ProductVersion | 0.0.1.0 |
FileDescription | PagedOptionsDialog |
OriginalFilename | RemotingMethodCachedD.exe |
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
212.193.30.204192.168.2.61187497802810290 05/12/22-11:46:21.496806 | TCP | 2810290 | ETPRO TROJAN NanoCore RAT Keepalive Response 1 | 1187 | 49780 | 212.193.30.204 | 192.168.2.6 |
192.168.2.6212.193.30.2044979611872816718 05/12/22-11:46:47.263188 | TCP | 2816718 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
192.168.2.6212.193.30.2044980011872816766 05/12/22-11:46:58.472336 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
192.168.2.6212.193.30.2044980311872816766 05/12/22-11:47:06.947797 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49803 | 1187 | 192.168.2.6 | 212.193.30.204 |
192.168.2.6212.193.30.2044978711872816766 05/12/22-11:46:33.942053 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
192.168.2.6212.193.30.2044978511872816766 05/12/22-11:46:28.745560 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
192.168.2.6212.193.30.2044979311872816766 05/12/22-11:46:41.057650 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49793 | 1187 | 192.168.2.6 | 212.193.30.204 |
192.168.2.6212.193.30.2044980411872816766 05/12/22-11:47:13.058709 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49804 | 1187 | 192.168.2.6 | 212.193.30.204 |
212.193.30.204192.168.2.61187497982841753 05/12/22-11:46:52.450159 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 1187 | 49798 | 212.193.30.204 | 192.168.2.6 |
192.168.2.6212.193.30.2044977011872816766 05/12/22-11:46:01.257200 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
212.193.30.204192.168.2.61187497772841753 05/12/22-11:46:15.045473 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 1187 | 49777 | 212.193.30.204 | 192.168.2.6 |
192.168.2.6212.193.30.2044980611872816766 05/12/22-11:47:22.408127 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
192.168.2.6212.193.30.2044977511872816766 05/12/22-11:46:10.024463 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
192.168.2.6212.193.30.2044978011872816766 05/12/22-11:46:21.037112 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
192.168.2.6212.193.30.2044979611872816766 05/12/22-11:46:47.263188 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
192.168.2.6212.193.30.2044984911872816766 05/12/22-11:47:34.356352 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49849 | 1187 | 192.168.2.6 | 212.193.30.204 |
212.193.30.204192.168.2.61187498612841753 05/12/22-11:47:44.554133 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 1187 | 49861 | 212.193.30.204 | 192.168.2.6 |
192.168.2.6212.193.30.2044982011872816766 05/12/22-11:47:28.336048 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49820 | 1187 | 192.168.2.6 | 212.193.30.204 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
May 12, 2022 11:45:59.768074036 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:45:59.798646927 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:45:59.798880100 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:45:59.902026892 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:45:59.962167978 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.085453987 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.121727943 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.150132895 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.244966984 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.330940962 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.428030968 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.518336058 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.554204941 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.554248095 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.554275036 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.554300070 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.554425001 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.588407040 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.588443995 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.588468075 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.588520050 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.588542938 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.588563919 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.588573933 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.588587046 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.588608980 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.588609934 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.588614941 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.590961933 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.616678953 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.616727114 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.616754055 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.616781950 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.616811991 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.616811991 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.616839886 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.616851091 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.616871119 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.616902113 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.616928101 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.616940022 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.616956949 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.616960049 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.616985083 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.617003918 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.617013931 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.618964911 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.622205019 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.622251034 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.622344017 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.622381926 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.622409105 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.622450113 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.645078897 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645124912 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645157099 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645190001 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645225048 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645229101 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.645262957 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645287037 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.645299911 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645334005 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645366907 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645401955 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645406961 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.645436049 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645471096 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645478010 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.645505905 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645539045 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.645556927 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645601034 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645651102 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645679951 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.645695925 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645723104 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.645744085 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645792007 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645826101 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.645829916 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.645889997 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.653934002 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.653995037 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.654032946 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.654072046 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.654071093 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.654117107 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.654149055 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.654158115 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.654198885 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.654249907 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.654256105 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.654290915 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.654298067 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.654329062 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.654372931 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.654424906 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.654426098 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.654476881 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.675461054 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675498009 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675522089 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675545931 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675570965 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675594091 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675618887 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675642014 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675664902 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675689936 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675713062 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675735950 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675759077 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675782919 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675798893 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.675808907 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675832987 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675849915 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.675857067 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.675860882 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675863981 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.675869942 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.675874949 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.675879002 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.675885916 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675910950 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675935030 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675957918 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.675964117 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.675977945 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.675983906 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676012039 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676037073 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676060915 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676081896 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676103115 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676126003 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676148891 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676172972 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676196098 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676219940 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676243067 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676274061 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676299095 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676321030 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.676404953 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.676414967 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.676420927 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.676430941 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.676434994 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.676440001 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.676444054 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.676449060 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.683758020 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.683794975 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.683819056 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.683841944 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.683867931 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.683868885 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.683896065 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.683923006 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.683927059 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.683949947 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.683969975 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.683973074 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.683995962 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.684020996 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.684043884 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.684045076 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.684111118 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.712825060 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.712912083 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.712941885 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.712980032 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.712985039 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713015079 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713027000 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713042974 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713071108 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713099957 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713119984 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713125944 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713149071 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713155985 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713184118 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713211060 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713232994 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713241100 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713248968 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713268995 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713296890 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713326931 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713337898 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713363886 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713363886 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713408947 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713445902 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713478088 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713490963 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713505983 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713514090 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713532925 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713561058 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713587999 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713607073 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713614941 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713634014 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713641882 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713670015 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713697910 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713712931 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713725090 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713732958 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713752985 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713779926 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713808060 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713823080 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713833094 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713845968 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713864088 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713903904 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713934898 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713953972 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713963985 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.713969946 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.713990927 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.714019060 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.714049101 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.714051962 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.714076042 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.714101076 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.714103937 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.714132071 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.714152098 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.714159012 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.714190006 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.714215994 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.714242935 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.714245081 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.714251041 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.714282990 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.714498997 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.742202044 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742238045 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742261887 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742280960 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742304087 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742328882 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742345095 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.742353916 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742379904 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742404938 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742428064 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.742434025 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742459059 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742469072 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.742486000 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742501020 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.742515087 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742542028 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742553949 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.742577076 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742602110 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742624998 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742645025 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.742647886 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742667913 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742681026 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.742692947 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742697001 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.742717981 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742743015 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742743969 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.742768049 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742789984 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.742793083 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742819071 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742845058 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742845058 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.742873907 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742897987 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742918015 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.742923021 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742945910 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.742950916 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742979050 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.742994070 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.743005037 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743031025 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743057966 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743072033 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.743083000 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743109941 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743113995 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.743136883 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743165016 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743177891 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.743191957 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743210077 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.743218899 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743246078 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743271112 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743297100 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743303061 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.743323088 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743349075 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.743350029 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743362904 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.743377924 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743403912 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743429899 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.743432999 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.743482113 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.771584988 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.771640062 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.771681070 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.771719933 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.771730900 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.771759033 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.771765947 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.771801949 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.771841049 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.771888971 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.771892071 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.771936893 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.771945953 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.771980047 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772020102 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.772021055 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772059917 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772098064 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772138119 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772176027 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772214890 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772254944 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772293091 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772332907 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772368908 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772406101 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772437096 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.772444010 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772497892 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.772507906 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.772511959 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772514105 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.772520065 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.772551060 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772589922 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772628069 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772653103 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.772666931 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772667885 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.772707939 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772746086 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772784948 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772806883 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.772824049 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772826910 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.772861958 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772903919 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772913933 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.772945881 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.772994041 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773046970 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.773049116 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773087978 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773103952 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.773137093 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773196936 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773251057 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773267031 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.773292065 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773324966 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.773333073 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773375034 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773416996 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773430109 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.773457050 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773464918 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.773499012 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773539066 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773577929 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773606062 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.773617983 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773628950 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.773680925 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773703098 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773720026 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773745060 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.773745060 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773777008 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.773786068 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773825884 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773865938 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773878098 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.773925066 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.773926973 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.773968935 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.774008036 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.774045944 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.774079084 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.774086952 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.774101019 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.774128914 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.774166107 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.774197102 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:00.774205923 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:00.774249077 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:01.257200003 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:01.345732927 CEST | 1187 | 49770 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:02.341123104 CEST | 49770 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:07.867021084 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:07.894823074 CEST | 1187 | 49775 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:07.894923925 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:07.895597935 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:07.971409082 CEST | 1187 | 49775 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:07.976809978 CEST | 1187 | 49775 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:08.022856951 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:08.177949905 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:08.206099033 CEST | 1187 | 49775 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:08.319782019 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:08.502417088 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:08.556912899 CEST | 1187 | 49775 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:08.746344090 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:08.798440933 CEST | 1187 | 49775 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:08.844719887 CEST | 1187 | 49775 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:08.971318007 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:08.999320030 CEST | 1187 | 49775 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:09.175729990 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:09.206295013 CEST | 1187 | 49775 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:09.206403017 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:09.234622955 CEST | 1187 | 49775 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:09.319839001 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:09.437588930 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:09.508908033 CEST | 1187 | 49775 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:09.553752899 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:09.627630949 CEST | 1187 | 49775 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:10.024462938 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:10.095374107 CEST | 1187 | 49775 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:10.298875093 CEST | 1187 | 49775 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:10.523081064 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:10.894282103 CEST | 49775 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:14.965682030 CEST | 49777 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:14.993748903 CEST | 1187 | 49777 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:14.993904114 CEST | 49777 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:14.994551897 CEST | 49777 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:15.045473099 CEST | 1187 | 49777 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:15.085930109 CEST | 49777 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:15.113941908 CEST | 1187 | 49777 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:15.114274025 CEST | 49777 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:15.144560099 CEST | 1187 | 49777 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:15.195287943 CEST | 49777 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:15.356573105 CEST | 49777 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:15.491264105 CEST | 1187 | 49777 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:15.915149927 CEST | 49777 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:20.035981894 CEST | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:20.067976952 CEST | 1187 | 49780 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:20.068211079 CEST | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:20.084749937 CEST | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:20.166256905 CEST | 1187 | 49780 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:20.187918901 CEST | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:20.221307039 CEST | 1187 | 49780 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:20.273852110 CEST | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:20.865891933 CEST | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:21.036978006 CEST | 1187 | 49780 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:21.037111998 CEST | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:21.151973009 CEST | 1187 | 49780 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:21.432070017 CEST | 1187 | 49780 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:21.433653116 CEST | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:21.496805906 CEST | 1187 | 49780 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:21.539603949 CEST | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:21.567612886 CEST | 1187 | 49780 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:21.573749065 CEST | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:21.602242947 CEST | 1187 | 49780 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:21.602349997 CEST | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:21.736814976 CEST | 1187 | 49780 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:21.808237076 CEST | 1187 | 49780 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:21.834114075 CEST | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:21.905291080 CEST | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:21.931885958 CEST | 1187 | 49780 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:21.932004929 CEST | 49780 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:27.290303946 CEST | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:27.318289995 CEST | 1187 | 49785 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:27.318450928 CEST | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:27.319035053 CEST | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:27.485913038 CEST | 1187 | 49785 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:27.528341055 CEST | 1187 | 49785 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:27.529304028 CEST | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:27.561399937 CEST | 1187 | 49785 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:27.633868933 CEST | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:27.744501114 CEST | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:27.879760981 CEST | 1187 | 49785 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:27.879867077 CEST | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:27.996149063 CEST | 1187 | 49785 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:28.211174965 CEST | 1187 | 49785 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:28.218539000 CEST | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:28.246999025 CEST | 1187 | 49785 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:28.260416031 CEST | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:28.352545023 CEST | 1187 | 49785 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:28.352734089 CEST | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:28.401932955 CEST | 1187 | 49785 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:28.524812937 CEST | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:28.593601942 CEST | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:28.673466921 CEST | 1187 | 49785 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:28.745559931 CEST | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:28.986284971 CEST | 1187 | 49785 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:29.752311945 CEST | 49785 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:33.820872068 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:33.852252007 CEST | 1187 | 49787 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:33.852384090 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:33.852953911 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:33.941852093 CEST | 1187 | 49787 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:33.942053080 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:33.973814964 CEST | 1187 | 49787 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:33.974186897 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:34.005451918 CEST | 1187 | 49787 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:34.056381941 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:34.301974058 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:34.532824039 CEST | 1187 | 49787 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:34.609417915 CEST | 1187 | 49787 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:34.656435966 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:34.684695959 CEST | 1187 | 49787 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:34.759531975 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:34.783505917 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:34.791982889 CEST | 1187 | 49787 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:34.939193964 CEST | 1187 | 49787 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:34.939518929 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:34.972559929 CEST | 1187 | 49787 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:35.011384010 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:35.039524078 CEST | 1187 | 49787 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:35.261909008 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:35.475333929 CEST | 1187 | 49787 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:35.666356087 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:36.085747957 CEST | 49787 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:40.141922951 CEST | 49793 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:40.170483112 CEST | 1187 | 49793 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:40.170794964 CEST | 49793 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:40.171308994 CEST | 49793 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:40.439228058 CEST | 1187 | 49793 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:40.542104959 CEST | 1187 | 49793 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:40.542469978 CEST | 49793 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:40.642525911 CEST | 1187 | 49793 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:40.663285971 CEST | 1187 | 49793 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:40.713118076 CEST | 49793 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:41.057650089 CEST | 49793 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:41.142258883 CEST | 1187 | 49793 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:41.812802076 CEST | 49793 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:41.938970089 CEST | 1187 | 49793 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:42.087050915 CEST | 49793 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:46.348225117 CEST | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:46.377532005 CEST | 1187 | 49796 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:46.377712011 CEST | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:46.378315926 CEST | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:46.456180096 CEST | 1187 | 49796 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:46.456490040 CEST | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:46.485940933 CEST | 1187 | 49796 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:46.588676929 CEST | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:46.894017935 CEST | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:46.986819029 CEST | 1187 | 49796 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:47.263187885 CEST | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:47.290983915 CEST | 1187 | 49796 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:47.358980894 CEST | 1187 | 49796 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:47.363104105 CEST | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:47.404398918 CEST | 1187 | 49796 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:47.593451023 CEST | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:47.621350050 CEST | 1187 | 49796 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:47.628742933 CEST | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:47.659750938 CEST | 1187 | 49796 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:47.661161900 CEST | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:47.689557076 CEST | 1187 | 49796 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:47.736707926 CEST | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:47.879904032 CEST | 1187 | 49796 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:48.281213045 CEST | 49796 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:52.375113010 CEST | 49798 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:52.403395891 CEST | 1187 | 49798 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:52.403614044 CEST | 49798 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:52.404194117 CEST | 49798 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:52.450159073 CEST | 1187 | 49798 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:52.495421886 CEST | 49798 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:52.527761936 CEST | 1187 | 49798 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:52.528129101 CEST | 49798 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:52.556826115 CEST | 1187 | 49798 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:52.683034897 CEST | 49798 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:52.755275011 CEST | 49798 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:52.940428972 CEST | 1187 | 49798 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:53.173058987 CEST | 1187 | 49798 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:53.179303885 CEST | 49798 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:53.207170010 CEST | 1187 | 49798 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:53.285435915 CEST | 49798 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:53.324419975 CEST | 49798 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:53.328171015 CEST | 1187 | 49798 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:53.328282118 CEST | 49798 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:57.596251011 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:57.624094963 CEST | 1187 | 49800 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:57.624233961 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:57.624896049 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:57.708782911 CEST | 1187 | 49800 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:57.728780985 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:57.758311987 CEST | 1187 | 49800 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:57.902086020 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:58.067248106 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:58.174597979 CEST | 1187 | 49800 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:58.472336054 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:58.676309109 CEST | 1187 | 49800 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:58.729969025 CEST | 1187 | 49800 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:58.758708954 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:58.790997982 CEST | 1187 | 49800 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:58.902208090 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:59.137906075 CEST | 1187 | 49800 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:59.201214075 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:59.307020903 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:59.413713932 CEST | 1187 | 49800 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:59.419375896 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:59.468759060 CEST | 1187 | 49800 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:59.468988895 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:46:59.497517109 CEST | 1187 | 49800 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:46:59.602122068 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:00.807101965 CEST | 1187 | 49800 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:00.898425102 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:00.940886021 CEST | 49800 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:05.239866972 CEST | 49803 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:05.270555019 CEST | 1187 | 49803 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:05.270720959 CEST | 49803 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:05.271327972 CEST | 49803 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:05.596774101 CEST | 49803 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:05.624591112 CEST | 1187 | 49803 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:05.783411026 CEST | 1187 | 49803 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:05.783862114 CEST | 49803 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:05.815932989 CEST | 1187 | 49803 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:05.897815943 CEST | 49803 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:05.936322927 CEST | 49803 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:06.174154043 CEST | 1187 | 49803 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:06.947797060 CEST | 49803 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:07.079751968 CEST | 1187 | 49803 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:07.174426079 CEST | 49803 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:07.285330057 CEST | 1187 | 49803 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:07.588686943 CEST | 1187 | 49803 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:07.637645006 CEST | 49803 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:07.786091089 CEST | 1187 | 49803 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:07.874365091 CEST | 1187 | 49803 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:07.944873095 CEST | 49803 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:12.018228054 CEST | 49804 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:12.045878887 CEST | 1187 | 49804 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:12.045979023 CEST | 49804 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:12.046572924 CEST | 49804 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:12.135848045 CEST | 1187 | 49804 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:12.170747042 CEST | 49804 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:12.200071096 CEST | 1187 | 49804 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:12.288054943 CEST | 49804 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:12.556235075 CEST | 49804 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:12.674606085 CEST | 1187 | 49804 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:13.058708906 CEST | 49804 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:13.176949978 CEST | 1187 | 49804 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:13.444511890 CEST | 1187 | 49804 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:13.572577953 CEST | 49804 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:13.675555944 CEST | 1187 | 49804 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:13.726368904 CEST | 1187 | 49804 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:13.788064957 CEST | 49804 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:13.820890903 CEST | 1187 | 49804 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:13.836899996 CEST | 49804 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:13.896765947 CEST | 1187 | 49804 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:13.896920919 CEST | 49804 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:13.927423000 CEST | 1187 | 49804 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:14.100584984 CEST | 49804 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:14.162257910 CEST | 49804 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:20.517108917 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:20.545142889 CEST | 1187 | 49806 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:20.545587063 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:20.546036959 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:20.607573032 CEST | 1187 | 49806 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:20.607924938 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:20.648286104 CEST | 1187 | 49806 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:20.694927931 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:20.855422974 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:20.940540075 CEST | 1187 | 49806 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:20.940746069 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:21.153371096 CEST | 1187 | 49806 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:21.412739992 CEST | 1187 | 49806 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:21.491796017 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:21.520121098 CEST | 1187 | 49806 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:21.529082060 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:21.642277002 CEST | 1187 | 49806 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:21.642427921 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:21.673711061 CEST | 1187 | 49806 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:21.788784981 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:21.830266953 CEST | 1187 | 49806 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:21.991889954 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:22.408127069 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:22.533185959 CEST | 1187 | 49806 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:22.769854069 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:22.951941967 CEST | 1187 | 49806 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:23.258409977 CEST | 49806 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:27.333435059 CEST | 49820 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:27.361965895 CEST | 1187 | 49820 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:27.362287045 CEST | 49820 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:27.364562035 CEST | 49820 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:27.413276911 CEST | 1187 | 49820 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:27.413845062 CEST | 49820 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:27.444709063 CEST | 1187 | 49820 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:27.602137089 CEST | 49820 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:27.649451017 CEST | 49820 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:27.736037016 CEST | 1187 | 49820 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:28.069785118 CEST | 1187 | 49820 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:28.136739016 CEST | 49820 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:28.166110039 CEST | 1187 | 49820 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:28.167311907 CEST | 49820 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:28.196839094 CEST | 1187 | 49820 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:28.197976112 CEST | 49820 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:28.244522095 CEST | 1187 | 49820 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:28.244729996 CEST | 49820 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:28.335901976 CEST | 1187 | 49820 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:28.336047888 CEST | 49820 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:28.439045906 CEST | 1187 | 49820 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:29.308918953 CEST | 49820 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:33.541991949 CEST | 49849 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:33.570228100 CEST | 1187 | 49849 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:33.570362091 CEST | 49849 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:33.573019981 CEST | 49849 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:33.645802975 CEST | 1187 | 49849 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:33.657717943 CEST | 1187 | 49849 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:33.658169985 CEST | 49849 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:33.692363024 CEST | 1187 | 49849 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:33.742902994 CEST | 49849 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:34.356352091 CEST | 49849 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:34.439205885 CEST | 1187 | 49849 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:34.443192005 CEST | 49849 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:34.535021067 CEST | 1187 | 49849 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:34.886504889 CEST | 1187 | 49849 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:34.887804985 CEST | 49849 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:34.919009924 CEST | 1187 | 49849 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:34.961730957 CEST | 49849 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:34.974453926 CEST | 49849 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:35.002753019 CEST | 1187 | 49849 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:35.003135920 CEST | 49849 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:35.031367064 CEST | 1187 | 49849 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:35.031461000 CEST | 49849 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:35.136266947 CEST | 1187 | 49849 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:35.364876032 CEST | 49849 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:39.486753941 CEST | 49861 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:39.514676094 CEST | 1187 | 49861 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:39.514847994 CEST | 49861 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:39.516369104 CEST | 49861 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:39.643739939 CEST | 1187 | 49861 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:39.798290968 CEST | 1187 | 49861 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:39.798588037 CEST | 49861 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:39.830028057 CEST | 1187 | 49861 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:39.884000063 CEST | 49861 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:40.109956026 CEST | 49861 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:40.236191034 CEST | 1187 | 49861 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:41.333630085 CEST | 1187 | 49861 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:41.335055113 CEST | 49861 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:41.364427090 CEST | 1187 | 49861 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:41.415426970 CEST | 49861 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:41.444631100 CEST | 1187 | 49861 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:41.444926023 CEST | 49861 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:41.473400116 CEST | 1187 | 49861 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:41.474405050 CEST | 49861 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:41.502873898 CEST | 1187 | 49861 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:41.556135893 CEST | 49861 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:42.438690901 CEST | 1187 | 49861 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:42.493601084 CEST | 49861 | 1187 | 192.168.2.6 | 212.193.30.204 |
May 12, 2022 11:47:44.554132938 CEST | 1187 | 49861 | 212.193.30.204 | 192.168.2.6 |
May 12, 2022 11:47:44.603215933 CEST | 49861 | 1187 | 192.168.2.6 | 212.193.30.204 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
May 12, 2022 11:45:59.719104052 CEST | 60350 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:45:59.738647938 CEST | 53 | 60350 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:46:07.848177910 CEST | 50958 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:46:07.865642071 CEST | 53 | 50958 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:46:14.942732096 CEST | 61607 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:46:14.964139938 CEST | 53 | 61607 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:46:20.013334990 CEST | 50029 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:46:20.034503937 CEST | 53 | 50029 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:46:27.248006105 CEST | 57037 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:46:27.276652098 CEST | 53 | 57037 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:46:33.789479971 CEST | 54529 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:46:33.809222937 CEST | 53 | 54529 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:46:40.117198944 CEST | 54015 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:46:40.138298988 CEST | 53 | 54015 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:46:46.328948975 CEST | 52698 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:46:46.346694946 CEST | 53 | 52698 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:46:52.333759069 CEST | 53829 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:46:52.353224993 CEST | 53 | 53829 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:46:57.576210976 CEST | 58689 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:46:57.595288992 CEST | 53 | 58689 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:47:05.205492020 CEST | 49520 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:47:05.226891041 CEST | 53 | 49520 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:47:11.999896049 CEST | 65526 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:47:12.017131090 CEST | 53 | 65526 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:47:20.426290035 CEST | 52965 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:47:20.446069956 CEST | 53 | 52965 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:47:27.310189009 CEST | 60238 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:47:27.331798077 CEST | 53 | 60238 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:47:33.475518942 CEST | 59028 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:47:33.494777918 CEST | 53 | 59028 | 8.8.8.8 | 192.168.2.6 |
May 12, 2022 11:47:39.463468075 CEST | 57178 | 53 | 192.168.2.6 | 8.8.8.8 |
May 12, 2022 11:47:39.482785940 CEST | 53 | 57178 | 8.8.8.8 | 192.168.2.6 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
May 12, 2022 11:45:59.719104052 CEST | 192.168.2.6 | 8.8.8.8 | 0xb72 | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:46:07.848177910 CEST | 192.168.2.6 | 8.8.8.8 | 0x8438 | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:46:14.942732096 CEST | 192.168.2.6 | 8.8.8.8 | 0x20ea | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:46:20.013334990 CEST | 192.168.2.6 | 8.8.8.8 | 0x127e | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:46:27.248006105 CEST | 192.168.2.6 | 8.8.8.8 | 0x2df3 | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:46:33.789479971 CEST | 192.168.2.6 | 8.8.8.8 | 0xe7d2 | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:46:40.117198944 CEST | 192.168.2.6 | 8.8.8.8 | 0x6489 | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:46:46.328948975 CEST | 192.168.2.6 | 8.8.8.8 | 0x7d06 | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:46:52.333759069 CEST | 192.168.2.6 | 8.8.8.8 | 0x8b08 | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:46:57.576210976 CEST | 192.168.2.6 | 8.8.8.8 | 0x49b1 | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:47:05.205492020 CEST | 192.168.2.6 | 8.8.8.8 | 0x939a | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:47:11.999896049 CEST | 192.168.2.6 | 8.8.8.8 | 0x1316 | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:47:20.426290035 CEST | 192.168.2.6 | 8.8.8.8 | 0xb5e1 | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:47:27.310189009 CEST | 192.168.2.6 | 8.8.8.8 | 0x36f7 | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:47:33.475518942 CEST | 192.168.2.6 | 8.8.8.8 | 0x5d04 | Standard query (0) | A (IP address) | IN (0x0001) | |
May 12, 2022 11:47:39.463468075 CEST | 192.168.2.6 | 8.8.8.8 | 0xaf92 | Standard query (0) | A (IP address) | IN (0x0001) |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
May 12, 2022 11:45:59.738647938 CEST | 8.8.8.8 | 192.168.2.6 | 0xb72 | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:46:07.865642071 CEST | 8.8.8.8 | 192.168.2.6 | 0x8438 | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:46:14.964139938 CEST | 8.8.8.8 | 192.168.2.6 | 0x20ea | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:46:20.034503937 CEST | 8.8.8.8 | 192.168.2.6 | 0x127e | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:46:27.276652098 CEST | 8.8.8.8 | 192.168.2.6 | 0x2df3 | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:46:33.809222937 CEST | 8.8.8.8 | 192.168.2.6 | 0xe7d2 | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:46:40.138298988 CEST | 8.8.8.8 | 192.168.2.6 | 0x6489 | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:46:46.346694946 CEST | 8.8.8.8 | 192.168.2.6 | 0x7d06 | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:46:52.353224993 CEST | 8.8.8.8 | 192.168.2.6 | 0x8b08 | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:46:57.595288992 CEST | 8.8.8.8 | 192.168.2.6 | 0x49b1 | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:47:05.226891041 CEST | 8.8.8.8 | 192.168.2.6 | 0x939a | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:47:12.017131090 CEST | 8.8.8.8 | 192.168.2.6 | 0x1316 | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:47:20.446069956 CEST | 8.8.8.8 | 192.168.2.6 | 0xb5e1 | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:47:27.331798077 CEST | 8.8.8.8 | 192.168.2.6 | 0x36f7 | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:47:33.494777918 CEST | 8.8.8.8 | 192.168.2.6 | 0x5d04 | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) | ||
May 12, 2022 11:47:39.482785940 CEST | 8.8.8.8 | 192.168.2.6 | 0xaf92 | No error (0) | 212.193.30.204 | A (IP address) | IN (0x0001) |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 11:45:35 |
Start date: | 12/05/2022 |
Path: | C:\Users\user\Desktop\MARIAM HONAINE'S CV.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0xeb0000 |
File size: | 573440 bytes |
MD5 hash: | 06981BA465EB7ECA5E8DA7572511E3D1 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | .Net C# or VB.NET |
Yara matches: |
|
Reputation: | low |
Target ID: | 4 |
Start time: | 11:45:51 |
Start date: | 12/05/2022 |
Path: | C:\Users\user\Desktop\MARIAM HONAINE'S CV.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x4d0000 |
File size: | 573440 bytes |
MD5 hash: | 06981BA465EB7ECA5E8DA7572511E3D1 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | .Net C# or VB.NET |
Yara matches: |
|
Reputation: | low |
Execution Graph
Execution Coverage: | 11.9% |
Dynamic/Decrypted Code Coverage: | 100% |
Signature Coverage: | 0% |
Total number of Nodes: | 81 |
Total number of Limit Nodes: | 3 |
Graph
Function 01899890 Relevance: 1.7, APIs: 1, Instructions: 194COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 01893F88 Relevance: 1.6, APIs: 1, Instructions: 96COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0189B924 Relevance: 1.6, APIs: 1, Instructions: 65COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 01899270 Relevance: 1.6, APIs: 1, Instructions: 62libraryCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 01899288 Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 01899A70 Relevance: 1.5, APIs: 1, Instructions: 47COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0162D4C4 Relevance: .1, Instructions: 75COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0162D3D8 Relevance: .1, Instructions: 75COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0163D1D4 Relevance: .1, Instructions: 72COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0163D01C Relevance: .1, Instructions: 72COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0162D4BF Relevance: .1, Instructions: 56COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0162D3D3 Relevance: .1, Instructions: 56COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0163D017 Relevance: .1, Instructions: 53COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0163D1CF Relevance: .1, Instructions: 53COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0162D745 Relevance: .0, Instructions: 45COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0162D744 Relevance: .0, Instructions: 36COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0189E670 Relevance: .3, Instructions: 315COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0189C67C Relevance: .3, Instructions: 265COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0189E660 Relevance: .2, Instructions: 224COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |