Edit tour
Linux
Analysis Report
LxfGfOr9r6
Overview
General Information
Sample Name: | LxfGfOr9r6 |
Analysis ID: | 679618 |
MD5: | a6a6579914345f3a3f6aa3663ee67e11 |
SHA1: | 9b7656bb68fc7b06169e59644b3fb90d80a641f9 |
SHA256: | 8f0bc7d0a706edd460cde7cdb729814412e45b9e1c9344fba7e7eca9f1bce528 |
Tags: | 32elfmiraimotorola |
Infos: |
Detection
Mirai
Score: | 64 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Yara detected Mirai
Multi AV Scanner detection for submitted file
Sample has stripped symbol table
Uses the "uname" system call to query kernel version information (possible evasion)
Enumerates processes within the "proc" file system
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Detected TCP or UDP traffic on non-standard ports
Sample listens on a socket
Sample tries to kill a process (SIGKILL)
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable
Classification
Analysis Advice
Static ELF header machine description suggests that the sample might not execute correctly on this machine. |
All HTTP servers contacted by the sample do not answer. The sample is likely an old dropper which does no longer work. |
Joe Sandbox Version: | 35.0.0 Citrine |
Analysis ID: | 679618 |
Start date and time: 06/08/202206:38:12 | 2022-08-06 06:38:12 +02:00 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 5m 39s |
Hypervisor based Inspection enabled: | false |
Report type: | light |
Sample file name: | LxfGfOr9r6 |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Detection: | MAL |
Classification: | mal64.troj.lin@0/0@48/0 |
- Report size exceeded maximum capacity and may have missing network information.
- TCP Packets have been reduced to 100
Command: | /tmp/LxfGfOr9r6 |
PID: | 6228 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | Connected To CNC |
Standard Error: |
- system is lnxubuntu20
- LxfGfOr9r6 New Fork (PID: 6230, Parent: 6228)
- LxfGfOr9r6 New Fork (PID: 6231, Parent: 6228)
- LxfGfOr9r6 New Fork (PID: 6232, Parent: 6228)
- LxfGfOr9r6 New Fork (PID: 6234, Parent: 6228)
- LxfGfOr9r6 New Fork (PID: 6239, Parent: 6234)
- LxfGfOr9r6 New Fork (PID: 6328, Parent: 6239)
- LxfGfOr9r6 New Fork (PID: 6240, Parent: 6234)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Mirai_8 | Yara detected Mirai | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Mirai_12 | Yara detected Mirai | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Mirai_8 | Yara detected Mirai | Joe Security | ||
JoeSecurity_Mirai_8 | Yara detected Mirai | Joe Security | ||
JoeSecurity_Mirai_8 | Yara detected Mirai | Joe Security |
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Virustotal: | Perma Link |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic: |
Source: | Socket: | ||
Source: | Socket: |
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | .symtab present: |
Source: | SIGKILL sent: |
Source: | String containing 'busybox' found: | ||
Source: | String containing 'busybox' found: | ||
Source: | String containing 'busybox' found: | ||
Source: | String containing 'busybox' found: | ||
Source: | String containing 'busybox' found: |
Source: | Classification label: |
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: |
Source: | Queries kernel information via 'uname': |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | Direct Volume Access | 1 OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | 1 Encrypted Channel | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | 1 Non-Standard Port | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | 1 Non-Application Layer Protocol | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | 2 Application Layer Protocol | SIM Card Swap | Carrier Billing Fraud |
⊘No configs have been found
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
51% | Virustotal | Browse |
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
12% | Virustotal | Browse |
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
arcticboatz.cz | 46.23.109.40 | true | true |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
24.248.177.23 | unknown | United States | 22773 | ASN-CXA-ALL-CCI-22773-RDCUS | false | |
59.1.141.13 | unknown | Korea Republic of | 4766 | KIXS-AS-KRKoreaTelecomKR | false | |
46.34.150.41 | unknown | Russian Federation | 8492 | OBIT-ASOBITLtdRU | false | |
76.227.143.237 | unknown | United States | 7018 | ATT-INTERNET4US | false | |
38.217.51.210 | unknown | United States | 174 | COGENT-174US | false | |
152.71.209.240 | unknown | United Kingdom | 786 | JANETJiscServicesLimitedGB | false | |
244.75.164.126 | unknown | Reserved | unknown | unknown | false | |
98.10.210.66 | unknown | United States | 11351 | TWC-11351-NORTHEASTUS | false | |
77.11.97.25 | unknown | Germany | 6805 | TDDE-ASN1DE | false | |
141.126.207.100 | unknown | United States | 20115 | CHARTER-20115US | false | |
154.165.199.187 | unknown | Ghana | 30986 | SCANCOMGH | false | |
157.91.221.217 | unknown | United States | 1767 | ILIGHT-NETUS | false | |
177.110.235.117 | unknown | Brazil | 26615 | TIMSABR | false | |
69.131.200.183 | unknown | United States | 4181 | TDS-ASUS | false | |
125.184.32.102 | unknown | Korea Republic of | 17858 | POWERVIS-AS-KRLGPOWERCOMMKR | false | |
83.109.79.253 | unknown | Norway | 2119 | TELENOR-NEXTELTelenorNorgeASNO | false | |
182.67.111.205 | unknown | India | 45609 | BHARTI-MOBILITY-AS-APBhartiAirtelLtdASforGPRSService | false | |
191.160.203.230 | unknown | Brazil | 26615 | TIMSABR | false | |
156.97.115.154 | unknown | Chile | 16629 | CTCCORPSATELEFONICAEMPRESASCL | false | |
209.216.88.25 | unknown | United States | 22549 | TBDSL-01US | false | |
75.84.125.27 | unknown | United States | 20001 | TWC-20001-PACWESTUS | false | |
201.239.99.189 | unknown | Chile | 22047 | VTRBANDAANCHASACL | false | |
147.189.118.50 | unknown | United Kingdom | 786 | JANETJiscServicesLimitedGB | false | |
109.84.171.197 | unknown | Germany | 3209 | VODANETInternationalIP-BackboneofVodafoneDE | false | |
149.210.216.115 | unknown | Netherlands | 20857 | TRANSIP-ASAmsterdamtheNetherlandsNL | false | |
209.195.34.30 | unknown | United States | 6597 | CBDC-6597US | false | |
53.47.79.45 | unknown | Germany | 31399 | DAIMLER-ASITIGNGlobalNetworkDE | false | |
61.106.75.80 | unknown | Korea Republic of | 9943 | KNCTV-ASKangNamCableTVKR | false | |
136.96.77.194 | unknown | United States | 60311 | ONEFMCH | false | |
152.31.80.223 | unknown | United States | 6559 | NCIHUS | false | |
143.2.114.89 | unknown | United States | 11003 | PANDGUS | false | |
141.47.146.196 | unknown | Germany | 553 | BELWUEBelWue-KoordinationEU | false | |
207.1.98.117 | unknown | United States | 3561 | CENTURYLINK-LEGACY-SAVVISUS | false | |
207.114.244.71 | unknown | United States | 15292 | LIFESIZEUS | false | |
19.130.7.95 | unknown | United States | 3 | MIT-GATEWAYSUS | false | |
82.186.137.172 | unknown | Italy | 3269 | ASN-IBSNAZIT | false | |
31.85.38.42 | unknown | United Kingdom | 12576 | EELtdGB | false | |
88.228.3.243 | unknown | Turkey | 9121 | TTNETTR | false | |
98.53.252.212 | unknown | United States | 7922 | COMCAST-7922US | false | |
177.124.101.190 | unknown | Brazil | 52617 | WFCOMERCIODESUPRIMENTOSDEINFORMATICALTDABR | false | |
86.251.252.121 | unknown | France | 3215 | FranceTelecom-OrangeFR | false | |
136.45.143.121 | unknown | United States | 16591 | GOOGLE-FIBERUS | false | |
123.128.154.45 | unknown | China | 4837 | CHINA169-BACKBONECHINAUNICOMChina169BackboneCN | false | |
159.51.229.159 | unknown | Germany | 20561 | AS20561-INADE | false | |
118.235.135.111 | unknown | Korea Republic of | 4766 | KIXS-AS-KRKoreaTelecomKR | false | |
188.199.66.32 | unknown | Slovenia | 5603 | SIOL-NETTelekomSlovenijeddSI | false | |
19.237.174.84 | unknown | United States | 3 | MIT-GATEWAYSUS | false | |
13.225.136.141 | unknown | United States | 16509 | AMAZON-02US | false | |
255.219.101.59 | unknown | Reserved | unknown | unknown | false | |
42.64.126.222 | unknown | Taiwan; Republic of China (ROC) | 4249 | LILLY-ASUS | false | |
9.165.62.165 | unknown | United States | 3356 | LEVEL3US | false | |
221.182.222.246 | unknown | China | 9808 | CMNET-GDGuangdongMobileCommunicationCoLtdCN | false | |
12.194.48.32 | unknown | United States | 8030 | WORLDNET5-10US | false | |
161.51.227.255 | unknown | United States | 16525 | KBRUS | false | |
1.96.96.196 | unknown | Korea Republic of | 4766 | KIXS-AS-KRKoreaTelecomKR | false | |
99.227.190.159 | unknown | Canada | 812 | ROGERS-COMMUNICATIONSCA | false | |
46.103.57.45 | unknown | Greece | 3329 | HOL-GRAthensGreeceGR | false | |
116.5.97.26 | unknown | China | 4134 | CHINANET-BACKBONENo31Jin-rongStreetCN | false | |
88.89.170.32 | unknown | Norway | 2119 | TELENOR-NEXTELTelenorNorgeASNO | false | |
69.203.119.147 | unknown | United States | 12271 | TWC-12271-NYCUS | false | |
17.200.5.128 | unknown | United States | 714 | APPLE-ENGINEERINGUS | false | |
104.119.246.22 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
193.128.174.108 | unknown | United Kingdom | 702 | UUNETUS | false | |
182.20.170.123 | unknown | Japan | 10010 | TOKAITOKAICommunicationsCorporationJP | false | |
128.8.55.84 | unknown | United States | 27 | UMDNETUS | false | |
194.23.108.6 | unknown | Sweden | 3301 | TELIANET-SWEDENTeliaCompanySE | false | |
173.11.223.22 | unknown | United States | 7922 | COMCAST-7922US | false | |
135.43.26.41 | unknown | United States | 8030 | WORLDNET5-10US | false | |
199.30.171.213 | unknown | United States | 13337 | EVWI-NET-01US | false | |
23.219.94.244 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
205.164.254.239 | unknown | United States | 174 | COGENT-174US | false | |
1.190.106.84 | unknown | China | 4837 | CHINA169-BACKBONECHINAUNICOMChina169BackboneCN | false | |
198.163.126.0 | unknown | Canada | 53443 | CITY-OF-WINNIPEGCA | false | |
46.152.198.116 | unknown | Saudi Arabia | 35819 | MOBILY-ASEtihadEtisalatCompanyMobilySA | false | |
95.44.121.65 | unknown | Ireland | 5466 | EIRCOMInternetHouseIE | false | |
219.242.193.99 | unknown | China | 4538 | ERX-CERNET-BKBChinaEducationandResearchNetworkCenter | false | |
170.92.57.104 | unknown | United States | 16595 | TOROUS | false | |
223.211.122.194 | unknown | China | 7497 | CSTNET-AS-APComputerNetworkInformationCenterCN | false | |
176.237.112.153 | unknown | Turkey | 16135 | TURKCELL-ASTurkcellASTR | false | |
63.20.97.235 | unknown | United States | 701 | UUNETUS | false | |
181.210.230.135 | unknown | Honduras | 7727 | HondutelHN | false | |
92.48.31.65 | unknown | Saudi Arabia | 35819 | MOBILY-ASEtihadEtisalatCompanyMobilySA | false | |
92.128.153.129 | unknown | France | 3215 | FranceTelecom-OrangeFR | false | |
223.34.72.151 | unknown | Korea Republic of | 9644 | SKTELECOM-NET-ASSKTelecomKR | false | |
99.119.115.88 | unknown | United States | 7018 | ATT-INTERNET4US | false | |
193.227.223.120 | unknown | Poland | 12966 | PolskieLinieLotniczeLOTPL | false | |
247.76.179.180 | unknown | Reserved | unknown | unknown | false | |
78.52.46.188 | unknown | Germany | 6805 | TDDE-ASN1DE | false | |
114.240.17.20 | unknown | China | 4808 | CHINA169-BJChinaUnicomBeijingProvinceNetworkCN | false | |
140.235.31.103 | unknown | Reserved | 6932 | EBSCOPUBUS | false | |
101.160.35.91 | unknown | Australia | 1221 | ASN-TELSTRATelstraCorporationLtdAU | false | |
208.217.74.14 | unknown | United States | 701 | UUNETUS | false | |
161.69.90.38 | unknown | United States | 7754 | MCAFEEUS | false | |
247.134.43.201 | unknown | Reserved | unknown | unknown | false | |
141.79.232.208 | unknown | Germany | 553 | BELWUEBelWue-KoordinationEU | false | |
220.167.243.17 | unknown | China | 4134 | CHINANET-BACKBONENo31Jin-rongStreetCN | false | |
158.225.179.58 | unknown | Germany | 702 | UUNETUS | false | |
188.163.235.142 | unknown | Ukraine | 15895 | KSNET-ASUA | false | |
104.36.207.50 | unknown | United States | 1640 | TGTELUS | false | |
98.10.209.44 | unknown | United States | 11351 | TWC-11351-NORTHEASTUS | false |
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 6.376536609867213 |
TrID: |
|
File name: | LxfGfOr9r6 |
File size: | 92692 |
MD5: | a6a6579914345f3a3f6aa3663ee67e11 |
SHA1: | 9b7656bb68fc7b06169e59644b3fb90d80a641f9 |
SHA256: | 8f0bc7d0a706edd460cde7cdb729814412e45b9e1c9344fba7e7eca9f1bce528 |
SHA512: | 439a63097e60c41d599568c6ab6974fb3a889b09cf6356e81405886ee6a34c49502a5c6bd12b0675bb429ea8b6a95690b581e804da95330cb8f474fb1169d89c |
SSDEEP: | 1536:fovGApny8PGNrq0Arhc2TppCal8tayo3i/o/C1x2bPSlbc411YyK8:fovFpy868tNpCapooK1s14bzK8 |
TLSH: | 02935CC6BC00DD3CF84BD77A44630E09B231A3540A531B377A66FE93BD671E469A2E49 |
File Content Preview: | .ELF.......................D...4..h......4. ...(......................a...a....... .......a4...4...4......2|...... .dt.Q............................NV..a....da...@.N^NuNV..J9...Df>"y...L QJ.g.X.#....LN."y...L QJ.f.A.....J.g.Hy..a0N.X........DN^NuNV..N^NuN |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | |
Entry Point Address: | |
Flags: | |
ELF Header Size: | |
Program Header Offset: | |
Program Header Size: | |
Number of Program Headers: | |
Section Header Offset: | |
Section Header Size: | |
Number of Section Headers: | |
Header String Table Index: |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x80000094 | 0x94 | 0x14 | 0x0 | 0x6 | AX | 0 | 0 | 2 |
.text | PROGBITS | 0x800000a8 | 0xa8 | 0x1403e | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.fini | PROGBITS | 0x800140e6 | 0x140e6 | 0xe | 0x0 | 0x6 | AX | 0 | 0 | 2 |
.rodata | PROGBITS | 0x800140f4 | 0x140f4 | 0x203a | 0x0 | 0x2 | A | 0 | 0 | 2 |
.ctors | PROGBITS | 0x80018134 | 0x16134 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x8001813c | 0x1613c | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x80018148 | 0x16148 | 0x6fc | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.bss | NOBITS | 0x80018844 | 0x16844 | 0x2b6c | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.shstrtab | STRTAB | 0x0 | 0x16844 | 0x3e | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x80000000 | 0x80000000 | 0x1612e | 0x1612e | 6.3953 | 0x5 | R E | 0x2000 | .init .text .fini .rodata | |
LOAD | 0x16134 | 0x80018134 | 0x80018134 | 0x710 | 0x327c | 4.5537 | 0x6 | RW | 0x2000 | .ctors .dtors .data .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 6, 2022 06:38:57.955658913 CEST | 36487 | 23 | 192.168.2.23 | 182.212.162.196 |
Aug 6, 2022 06:38:57.955697060 CEST | 36487 | 23 | 192.168.2.23 | 170.70.176.196 |
Aug 6, 2022 06:38:57.955707073 CEST | 36487 | 23 | 192.168.2.23 | 184.208.52.196 |
Aug 6, 2022 06:38:57.955715895 CEST | 36487 | 23 | 192.168.2.23 | 149.122.148.189 |
Aug 6, 2022 06:38:57.955782890 CEST | 36487 | 23 | 192.168.2.23 | 119.237.15.53 |
Aug 6, 2022 06:38:57.955781937 CEST | 36487 | 23 | 192.168.2.23 | 18.90.116.15 |
Aug 6, 2022 06:38:57.955785036 CEST | 36487 | 23 | 192.168.2.23 | 125.255.186.227 |
Aug 6, 2022 06:38:57.955781937 CEST | 36487 | 23 | 192.168.2.23 | 69.237.77.192 |
Aug 6, 2022 06:38:57.955795050 CEST | 36487 | 23 | 192.168.2.23 | 220.254.218.102 |
Aug 6, 2022 06:38:57.955835104 CEST | 36487 | 23 | 192.168.2.23 | 79.153.238.131 |
Aug 6, 2022 06:38:57.955837011 CEST | 36487 | 23 | 192.168.2.23 | 57.12.238.183 |
Aug 6, 2022 06:38:57.958296061 CEST | 36487 | 23 | 192.168.2.23 | 106.81.138.170 |
Aug 6, 2022 06:38:57.958300114 CEST | 36487 | 23 | 192.168.2.23 | 158.192.89.15 |
Aug 6, 2022 06:38:57.958308935 CEST | 36487 | 23 | 192.168.2.23 | 179.142.233.52 |
Aug 6, 2022 06:38:57.958348989 CEST | 36487 | 23 | 192.168.2.23 | 99.33.131.140 |
Aug 6, 2022 06:38:57.958355904 CEST | 36487 | 23 | 192.168.2.23 | 198.24.228.208 |
Aug 6, 2022 06:38:57.958357096 CEST | 36487 | 23 | 192.168.2.23 | 66.153.92.242 |
Aug 6, 2022 06:38:57.958388090 CEST | 36487 | 23 | 192.168.2.23 | 117.81.234.178 |
Aug 6, 2022 06:38:57.958399057 CEST | 36487 | 23 | 192.168.2.23 | 112.30.58.202 |
Aug 6, 2022 06:38:57.958405972 CEST | 36487 | 23 | 192.168.2.23 | 114.40.120.20 |
Aug 6, 2022 06:38:57.958434105 CEST | 36487 | 23 | 192.168.2.23 | 72.174.97.188 |
Aug 6, 2022 06:38:57.958441973 CEST | 36487 | 23 | 192.168.2.23 | 19.232.112.198 |
Aug 6, 2022 06:38:57.958462954 CEST | 36487 | 23 | 192.168.2.23 | 113.25.4.238 |
Aug 6, 2022 06:38:57.958467007 CEST | 36487 | 23 | 192.168.2.23 | 14.7.53.190 |
Aug 6, 2022 06:38:57.958471060 CEST | 36487 | 23 | 192.168.2.23 | 23.16.231.136 |
Aug 6, 2022 06:38:57.958492994 CEST | 36487 | 23 | 192.168.2.23 | 86.136.66.37 |
Aug 6, 2022 06:38:57.958515882 CEST | 36487 | 23 | 192.168.2.23 | 192.136.184.43 |
Aug 6, 2022 06:38:57.958522081 CEST | 36487 | 23 | 192.168.2.23 | 190.128.142.230 |
Aug 6, 2022 06:38:57.958561897 CEST | 36487 | 23 | 192.168.2.23 | 72.166.196.154 |
Aug 6, 2022 06:38:57.958561897 CEST | 36487 | 23 | 192.168.2.23 | 107.108.89.34 |
Aug 6, 2022 06:38:57.958584070 CEST | 36487 | 23 | 192.168.2.23 | 169.63.92.163 |
Aug 6, 2022 06:38:57.958584070 CEST | 36487 | 23 | 192.168.2.23 | 117.190.206.254 |
Aug 6, 2022 06:38:57.958595991 CEST | 36487 | 23 | 192.168.2.23 | 183.122.155.210 |
Aug 6, 2022 06:38:57.958614111 CEST | 36487 | 23 | 192.168.2.23 | 193.167.89.128 |
Aug 6, 2022 06:38:57.958616018 CEST | 36487 | 23 | 192.168.2.23 | 80.207.188.37 |
Aug 6, 2022 06:38:57.958653927 CEST | 36487 | 23 | 192.168.2.23 | 185.158.142.250 |
Aug 6, 2022 06:38:57.958661079 CEST | 36487 | 23 | 192.168.2.23 | 167.139.113.59 |
Aug 6, 2022 06:38:57.958683968 CEST | 36487 | 23 | 192.168.2.23 | 74.142.140.23 |
Aug 6, 2022 06:38:57.958709955 CEST | 36487 | 23 | 192.168.2.23 | 249.93.172.43 |
Aug 6, 2022 06:38:57.958720922 CEST | 36487 | 23 | 192.168.2.23 | 146.106.136.12 |
Aug 6, 2022 06:38:57.958728075 CEST | 36487 | 23 | 192.168.2.23 | 103.29.222.19 |
Aug 6, 2022 06:38:57.958739042 CEST | 36487 | 23 | 192.168.2.23 | 78.117.198.49 |
Aug 6, 2022 06:38:57.958748102 CEST | 36487 | 23 | 192.168.2.23 | 77.37.118.145 |
Aug 6, 2022 06:38:57.958755016 CEST | 36487 | 23 | 192.168.2.23 | 179.133.123.111 |
Aug 6, 2022 06:38:57.958764076 CEST | 36487 | 23 | 192.168.2.23 | 203.56.127.2 |
Aug 6, 2022 06:38:57.958766937 CEST | 36487 | 23 | 192.168.2.23 | 46.88.253.194 |
Aug 6, 2022 06:38:57.958774090 CEST | 36487 | 23 | 192.168.2.23 | 2.133.14.183 |
Aug 6, 2022 06:38:57.958785057 CEST | 36487 | 23 | 192.168.2.23 | 251.217.142.17 |
Aug 6, 2022 06:38:57.958787918 CEST | 36487 | 23 | 192.168.2.23 | 96.72.106.135 |
Aug 6, 2022 06:38:57.958806038 CEST | 36487 | 23 | 192.168.2.23 | 241.165.134.90 |
Aug 6, 2022 06:38:57.958807945 CEST | 36487 | 23 | 192.168.2.23 | 211.194.86.215 |
Aug 6, 2022 06:38:57.958812952 CEST | 36487 | 23 | 192.168.2.23 | 152.176.187.140 |
Aug 6, 2022 06:38:57.958817005 CEST | 36487 | 23 | 192.168.2.23 | 242.241.39.108 |
Aug 6, 2022 06:38:57.958823919 CEST | 36487 | 23 | 192.168.2.23 | 217.167.168.91 |
Aug 6, 2022 06:38:57.958827019 CEST | 36487 | 23 | 192.168.2.23 | 218.221.110.57 |
Aug 6, 2022 06:38:57.958833933 CEST | 36487 | 23 | 192.168.2.23 | 71.68.84.50 |
Aug 6, 2022 06:38:57.958837032 CEST | 36487 | 23 | 192.168.2.23 | 27.248.249.120 |
Aug 6, 2022 06:38:57.958848953 CEST | 36487 | 23 | 192.168.2.23 | 184.171.39.117 |
Aug 6, 2022 06:38:57.958857059 CEST | 36487 | 23 | 192.168.2.23 | 198.44.240.44 |
Aug 6, 2022 06:38:57.958863020 CEST | 36487 | 23 | 192.168.2.23 | 185.33.216.213 |
Aug 6, 2022 06:38:57.958864927 CEST | 36487 | 23 | 192.168.2.23 | 70.206.143.91 |
Aug 6, 2022 06:38:57.958873034 CEST | 36487 | 23 | 192.168.2.23 | 195.217.245.83 |
Aug 6, 2022 06:38:57.958877087 CEST | 36487 | 23 | 192.168.2.23 | 141.95.171.11 |
Aug 6, 2022 06:38:57.958919048 CEST | 36487 | 23 | 192.168.2.23 | 242.106.250.22 |
Aug 6, 2022 06:38:57.958924055 CEST | 36487 | 23 | 192.168.2.23 | 146.47.171.166 |
Aug 6, 2022 06:38:57.958925962 CEST | 36487 | 23 | 192.168.2.23 | 120.135.163.189 |
Aug 6, 2022 06:38:57.958925962 CEST | 36487 | 23 | 192.168.2.23 | 189.128.177.15 |
Aug 6, 2022 06:38:57.958933115 CEST | 36487 | 23 | 192.168.2.23 | 181.10.49.78 |
Aug 6, 2022 06:38:57.958933115 CEST | 36487 | 23 | 192.168.2.23 | 158.78.225.64 |
Aug 6, 2022 06:38:57.958935022 CEST | 36487 | 23 | 192.168.2.23 | 48.13.147.223 |
Aug 6, 2022 06:38:57.958935976 CEST | 36487 | 23 | 192.168.2.23 | 66.39.235.201 |
Aug 6, 2022 06:38:57.958936930 CEST | 36487 | 23 | 192.168.2.23 | 78.201.23.72 |
Aug 6, 2022 06:38:57.958954096 CEST | 36487 | 23 | 192.168.2.23 | 156.4.59.193 |
Aug 6, 2022 06:38:57.958959103 CEST | 36487 | 23 | 192.168.2.23 | 113.164.20.252 |
Aug 6, 2022 06:38:57.958971024 CEST | 36487 | 23 | 192.168.2.23 | 219.129.44.109 |
Aug 6, 2022 06:38:57.958998919 CEST | 36487 | 23 | 192.168.2.23 | 58.22.16.254 |
Aug 6, 2022 06:38:57.959008932 CEST | 36487 | 23 | 192.168.2.23 | 189.92.201.149 |
Aug 6, 2022 06:38:57.959022045 CEST | 36487 | 23 | 192.168.2.23 | 192.171.208.167 |
Aug 6, 2022 06:38:57.959036112 CEST | 36487 | 23 | 192.168.2.23 | 42.133.27.209 |
Aug 6, 2022 06:38:57.959042072 CEST | 36487 | 23 | 192.168.2.23 | 13.7.215.209 |
Aug 6, 2022 06:38:57.959048986 CEST | 36487 | 23 | 192.168.2.23 | 2.169.224.146 |
Aug 6, 2022 06:38:57.959100008 CEST | 36487 | 23 | 192.168.2.23 | 96.114.165.207 |
Aug 6, 2022 06:38:57.959239960 CEST | 36487 | 23 | 192.168.2.23 | 202.162.220.182 |
Aug 6, 2022 06:38:57.959244967 CEST | 36487 | 23 | 192.168.2.23 | 47.180.130.15 |
Aug 6, 2022 06:38:57.959278107 CEST | 36487 | 23 | 192.168.2.23 | 167.139.146.0 |
Aug 6, 2022 06:38:57.959278107 CEST | 36487 | 23 | 192.168.2.23 | 241.136.125.129 |
Aug 6, 2022 06:38:57.959285021 CEST | 36487 | 23 | 192.168.2.23 | 66.241.34.93 |
Aug 6, 2022 06:38:57.959286928 CEST | 36487 | 23 | 192.168.2.23 | 95.255.140.214 |
Aug 6, 2022 06:38:57.959290028 CEST | 36487 | 23 | 192.168.2.23 | 81.166.95.154 |
Aug 6, 2022 06:38:57.959292889 CEST | 36487 | 23 | 192.168.2.23 | 97.4.105.230 |
Aug 6, 2022 06:38:57.959295034 CEST | 36487 | 23 | 192.168.2.23 | 178.248.178.111 |
Aug 6, 2022 06:38:57.959306002 CEST | 36487 | 23 | 192.168.2.23 | 18.22.78.29 |
Aug 6, 2022 06:38:57.959327936 CEST | 36487 | 23 | 192.168.2.23 | 89.250.139.124 |
Aug 6, 2022 06:38:57.959328890 CEST | 36487 | 23 | 192.168.2.23 | 222.136.123.173 |
Aug 6, 2022 06:38:57.959336042 CEST | 36487 | 23 | 192.168.2.23 | 37.88.249.190 |
Aug 6, 2022 06:38:57.959340096 CEST | 36487 | 23 | 192.168.2.23 | 173.106.118.74 |
Aug 6, 2022 06:38:57.959362030 CEST | 36487 | 23 | 192.168.2.23 | 255.41.217.232 |
Aug 6, 2022 06:38:57.959369898 CEST | 36487 | 23 | 192.168.2.23 | 128.254.28.173 |
Aug 6, 2022 06:38:57.959382057 CEST | 36487 | 23 | 192.168.2.23 | 175.93.129.171 |
Aug 6, 2022 06:38:57.959383965 CEST | 36487 | 23 | 192.168.2.23 | 148.54.47.45 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Aug 6, 2022 06:38:58.015841961 CEST | 192.168.2.23 | 8.8.8.8 | 0xc902 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:39:03.063251019 CEST | 192.168.2.23 | 8.8.8.8 | 0xa55c | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:39:12.112843037 CEST | 192.168.2.23 | 8.8.8.8 | 0x4b70 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:39:20.161328077 CEST | 192.168.2.23 | 8.8.8.8 | 0x7193 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:39:28.210354090 CEST | 192.168.2.23 | 8.8.8.8 | 0x1dbd | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:39:34.258898020 CEST | 192.168.2.23 | 8.8.8.8 | 0x102 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:39:37.308526039 CEST | 192.168.2.23 | 8.8.8.8 | 0x19e1 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:39:39.358630896 CEST | 192.168.2.23 | 8.8.8.8 | 0x8660 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:39:44.408814907 CEST | 192.168.2.23 | 8.8.8.8 | 0x3d48 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:39:47.457130909 CEST | 192.168.2.23 | 8.8.8.8 | 0x1976 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:39:48.544106007 CEST | 192.168.2.23 | 8.8.8.8 | 0x4e24 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:39:51.592320919 CEST | 192.168.2.23 | 8.8.8.8 | 0x7b4d | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:40:01.638744116 CEST | 192.168.2.23 | 8.8.8.8 | 0xaffb | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:40:07.692687988 CEST | 192.168.2.23 | 8.8.8.8 | 0x27c2 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:40:13.758572102 CEST | 192.168.2.23 | 8.8.8.8 | 0xfaef | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:40:14.807538986 CEST | 192.168.2.23 | 8.8.8.8 | 0xc2a0 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:40:19.810678005 CEST | 192.168.2.23 | 8.8.8.8 | 0xc2a0 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:40:24.898312092 CEST | 192.168.2.23 | 8.8.8.8 | 0x7236 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:40:30.944502115 CEST | 192.168.2.23 | 8.8.8.8 | 0x94f6 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:40:32.990680933 CEST | 192.168.2.23 | 8.8.8.8 | 0x42d7 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:40:35.037621021 CEST | 192.168.2.23 | 8.8.8.8 | 0xfef0 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:40:43.089071989 CEST | 192.168.2.23 | 8.8.8.8 | 0x9ba | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:40:48.137229919 CEST | 192.168.2.23 | 8.8.8.8 | 0x50cb | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:40:54.185642004 CEST | 192.168.2.23 | 8.8.8.8 | 0x1341 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:40:56.233990908 CEST | 192.168.2.23 | 8.8.8.8 | 0xef77 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:40:57.288228035 CEST | 192.168.2.23 | 8.8.8.8 | 0x1094 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:41:02.414253950 CEST | 192.168.2.23 | 8.8.8.8 | 0xe0af | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:41:12.473647118 CEST | 192.168.2.23 | 8.8.8.8 | 0xb651 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:41:19.522330999 CEST | 192.168.2.23 | 8.8.8.8 | 0x5aa5 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:41:25.568595886 CEST | 192.168.2.23 | 8.8.8.8 | 0xa4db | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:41:30.617033958 CEST | 192.168.2.23 | 8.8.8.8 | 0xe260 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:41:39.676574945 CEST | 192.168.2.23 | 8.8.8.8 | 0x8841 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:41:46.139307022 CEST | 192.168.2.23 | 8.8.8.8 | 0xc902 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:41:48.738687992 CEST | 192.168.2.23 | 8.8.8.8 | 0x2d47 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:41:49.787352085 CEST | 192.168.2.23 | 8.8.8.8 | 0x3382 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:41:51.188376904 CEST | 192.168.2.23 | 8.8.8.8 | 0xa55c | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:41:56.933408022 CEST | 192.168.2.23 | 8.8.8.8 | 0xaa1f | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:42:00.237283945 CEST | 192.168.2.23 | 8.8.8.8 | 0x4b70 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:42:00.987062931 CEST | 192.168.2.23 | 8.8.8.8 | 0xbd5b | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:42:04.063508034 CEST | 192.168.2.23 | 8.8.8.8 | 0xe062 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:42:08.291137934 CEST | 192.168.2.23 | 8.8.8.8 | 0x7193 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:42:13.409574986 CEST | 192.168.2.23 | 8.8.8.8 | 0x78d2 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:42:17.357780933 CEST | 192.168.2.23 | 8.8.8.8 | 0x1dbd | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:42:21.549640894 CEST | 192.168.2.23 | 8.8.8.8 | 0x46d1 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:42:24.435219049 CEST | 192.168.2.23 | 8.8.8.8 | 0x102 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:42:26.901320934 CEST | 192.168.2.23 | 8.8.8.8 | 0xe40c | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:42:27.482821941 CEST | 192.168.2.23 | 8.8.8.8 | 0x19e1 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 6, 2022 06:42:29.594454050 CEST | 192.168.2.23 | 8.8.8.8 | 0x8660 | Standard query (0) | A (IP address) | IN (0x0001) |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Aug 6, 2022 06:38:58.033246040 CEST | 8.8.8.8 | 192.168.2.23 | 0xc902 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:39:03.083034992 CEST | 8.8.8.8 | 192.168.2.23 | 0xa55c | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:39:12.130494118 CEST | 8.8.8.8 | 192.168.2.23 | 0x4b70 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:39:20.180969000 CEST | 8.8.8.8 | 192.168.2.23 | 0x7193 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:39:28.229773045 CEST | 8.8.8.8 | 192.168.2.23 | 0x1dbd | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:39:34.277985096 CEST | 8.8.8.8 | 192.168.2.23 | 0x102 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:39:37.328144073 CEST | 8.8.8.8 | 192.168.2.23 | 0x19e1 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:39:39.378031969 CEST | 8.8.8.8 | 192.168.2.23 | 0x8660 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:39:44.428303003 CEST | 8.8.8.8 | 192.168.2.23 | 0x3d48 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:39:47.476232052 CEST | 8.8.8.8 | 192.168.2.23 | 0x1976 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:39:48.563440084 CEST | 8.8.8.8 | 192.168.2.23 | 0x4e24 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:39:51.610304117 CEST | 8.8.8.8 | 192.168.2.23 | 0x7b4d | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:40:01.656316996 CEST | 8.8.8.8 | 192.168.2.23 | 0xaffb | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:40:07.729549885 CEST | 8.8.8.8 | 192.168.2.23 | 0x27c2 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:40:13.778358936 CEST | 8.8.8.8 | 192.168.2.23 | 0xfaef | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:40:19.830240011 CEST | 8.8.8.8 | 192.168.2.23 | 0xc2a0 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:40:24.915445089 CEST | 8.8.8.8 | 192.168.2.23 | 0x7236 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:40:30.962285042 CEST | 8.8.8.8 | 192.168.2.23 | 0x94f6 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:40:33.008429050 CEST | 8.8.8.8 | 192.168.2.23 | 0x42d7 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:40:35.057518005 CEST | 8.8.8.8 | 192.168.2.23 | 0xfef0 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:40:43.107075930 CEST | 8.8.8.8 | 192.168.2.23 | 0x9ba | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:40:48.156894922 CEST | 8.8.8.8 | 192.168.2.23 | 0x50cb | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:40:54.205457926 CEST | 8.8.8.8 | 192.168.2.23 | 0x1341 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:40:56.252594948 CEST | 8.8.8.8 | 192.168.2.23 | 0xef77 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:40:57.308721066 CEST | 8.8.8.8 | 192.168.2.23 | 0x1094 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:41:02.442663908 CEST | 8.8.8.8 | 192.168.2.23 | 0xe0af | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:41:12.491463900 CEST | 8.8.8.8 | 192.168.2.23 | 0xb651 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:41:19.539896011 CEST | 8.8.8.8 | 192.168.2.23 | 0x5aa5 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:41:25.588309050 CEST | 8.8.8.8 | 192.168.2.23 | 0xa4db | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:41:30.636569023 CEST | 8.8.8.8 | 192.168.2.23 | 0xe260 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:41:39.695657969 CEST | 8.8.8.8 | 192.168.2.23 | 0x8841 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:41:46.158691883 CEST | 8.8.8.8 | 192.168.2.23 | 0xc902 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:41:48.758279085 CEST | 8.8.8.8 | 192.168.2.23 | 0x2d47 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:41:49.804258108 CEST | 8.8.8.8 | 192.168.2.23 | 0x3382 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:41:51.208085060 CEST | 8.8.8.8 | 192.168.2.23 | 0xa55c | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:41:56.952830076 CEST | 8.8.8.8 | 192.168.2.23 | 0xaa1f | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:42:00.256917953 CEST | 8.8.8.8 | 192.168.2.23 | 0x4b70 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:42:01.006757975 CEST | 8.8.8.8 | 192.168.2.23 | 0xbd5b | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:42:04.080832958 CEST | 8.8.8.8 | 192.168.2.23 | 0xe062 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:42:08.310482025 CEST | 8.8.8.8 | 192.168.2.23 | 0x7193 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:42:13.428618908 CEST | 8.8.8.8 | 192.168.2.23 | 0x78d2 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:42:17.375529051 CEST | 8.8.8.8 | 192.168.2.23 | 0x1dbd | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:42:21.568782091 CEST | 8.8.8.8 | 192.168.2.23 | 0x46d1 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:42:24.454607010 CEST | 8.8.8.8 | 192.168.2.23 | 0x102 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:42:26.920907021 CEST | 8.8.8.8 | 192.168.2.23 | 0xe40c | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:42:27.502365112 CEST | 8.8.8.8 | 192.168.2.23 | 0x19e1 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) | ||
Aug 6, 2022 06:42:29.613771915 CEST | 8.8.8.8 | 192.168.2.23 | 0x8660 | No error (0) | 46.23.109.40 | A (IP address) | IN (0x0001) |
System Behavior
Start time: | 06:38:57 |
Start date: | 06/08/2022 |
Path: | /tmp/LxfGfOr9r6 |
Arguments: | /tmp/LxfGfOr9r6 |
File size: | 4463432 bytes |
MD5 hash: | cd177594338c77b895ae27c33f8f86cc |
Start time: | 06:38:57 |
Start date: | 06/08/2022 |
Path: | /tmp/LxfGfOr9r6 |
Arguments: | n/a |
File size: | 4463432 bytes |
MD5 hash: | cd177594338c77b895ae27c33f8f86cc |
Start time: | 06:38:57 |
Start date: | 06/08/2022 |
Path: | /tmp/LxfGfOr9r6 |
Arguments: | n/a |
File size: | 4463432 bytes |
MD5 hash: | cd177594338c77b895ae27c33f8f86cc |
Start time: | 06:38:57 |
Start date: | 06/08/2022 |
Path: | /tmp/LxfGfOr9r6 |
Arguments: | n/a |
File size: | 4463432 bytes |
MD5 hash: | cd177594338c77b895ae27c33f8f86cc |
Start time: | 06:38:57 |
Start date: | 06/08/2022 |
Path: | /tmp/LxfGfOr9r6 |
Arguments: | n/a |
File size: | 4463432 bytes |
MD5 hash: | cd177594338c77b895ae27c33f8f86cc |
Start time: | 06:38:57 |
Start date: | 06/08/2022 |
Path: | /tmp/LxfGfOr9r6 |
Arguments: | n/a |
File size: | 4463432 bytes |
MD5 hash: | cd177594338c77b895ae27c33f8f86cc |
Start time: | 06:41:45 |
Start date: | 06/08/2022 |
Path: | /tmp/LxfGfOr9r6 |
Arguments: | n/a |
File size: | 4463432 bytes |
MD5 hash: | cd177594338c77b895ae27c33f8f86cc |
Start time: | 06:38:57 |
Start date: | 06/08/2022 |
Path: | /tmp/LxfGfOr9r6 |
Arguments: | n/a |
File size: | 4463432 bytes |
MD5 hash: | cd177594338c77b895ae27c33f8f86cc |