Edit tour
Windows
Analysis Report
9gkAKTWOXp.exe
Overview
General Information
| Sample Name: | 9gkAKTWOXp.exe |
| Analysis ID: | 694569 |
| MD5: | 74e135b472b7496b371ce3ba3acfeea8 |
| SHA1: | b64fdd870ff28291b8347317a838a5fb210a6056 |
| SHA256: | d093322a612760cb00ae6fb4c453851ba26f59f2e6a0920b5871a28bbddf9355 |
| Tags: | exe |
| Infos: |  |
 | |
Detection
Gandcrab
| Score: | 100 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Yara detected Gandcrab
Multi AV Scanner detection for submitted file
Malicious sample detected (through community Yara rule)
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Antivirus detection for dropped file
Snort IDS alert for network traffic
Contains functionality to determine the online IP of the system
Found Tor onion address
Uses nslookup.exe to query domains
Machine Learning detection for sample
May check the online IP address of the machine
Machine Learning detection for dropped file
Uses 32bit PE files
Queries the volume information (name, serial number etc) of a device
Yara signature match
Antivirus or Machine Learning detection for unpacked file
May sleep (evasive loops) to hinder dynamic analysis
Detected potential crypto function
Contains functionality to query CPU information (cpuid)
Sample execution stops while process was sleeping (likely an evasion)
Too many similar processes found
Contains functionality to dynamically determine API calls
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Queries information about the installed CPU (vendor, model number etc)
Drops PE files
Found evaded block containing many API calls
Contains functionality to enumerate device drivers
Checks for available system drives (often done to infect USB drives)
Uses Microsoft's Enhanced Cryptographic Provider
Creates a process in suspended mode (likely to inject code)
Classification
- System is w10x64
9gkAKTWOXp.exe (PID: 4664 cmdline: "C:\Users\ user\Deskt op\9gkAKTW OXp.exe" MD5: 74E135B472B7496B371CE3BA3ACFEEA8) 
nslookup.exe (PID: 5752 cmdline: nslookup n omoreranso m.bit dns1 .soprodns. ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) 
conhost.exe (PID: 5460 cmdline: C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 484 cmdline:
nslookup e msisoft.bi t dns1.sop rodns.ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 1944 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 5368 cmdline:
nslookup g andcrab.bi t dns1.sop rodns.ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 4184 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 6080 cmdline:
nslookup n omoreranso m.bit dns1 .soprodns. ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 5208 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 3232 cmdline:
nslookup e msisoft.bi t dns1.sop rodns.ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 5816 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 3460 cmdline:
nslookup g andcrab.bi t dns1.sop rodns.ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 3880 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 408 cmdline:
nslookup n omoreranso m.bit dns1 .soprodns. ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 5920 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 996 cmdline:
nslookup e msisoft.bi t dns1.sop rodns.ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 5116 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 5780 cmdline:
nslookup g andcrab.bi t dns1.sop rodns.ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 5360 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 5880 cmdline:
nslookup n omoreranso m.bit dns1 .soprodns. ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 4272 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 4948 cmdline:
nslookup e msisoft.bi t dns1.sop rodns.ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 1328 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 6064 cmdline:
nslookup g andcrab.bi t dns1.sop rodns.ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 1976 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 5784 cmdline:
nslookup n omoreranso m.bit dns1 .soprodns. ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 5956 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 2516 cmdline:
nslookup e msisoft.bi t dns1.sop rodns.ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 3184 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 576 cmdline:
nslookup g andcrab.bi t dns1.sop rodns.ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 5500 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 5964 cmdline:
nslookup n omoreranso m.bit dns1 .soprodns. ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 5972 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 4512 cmdline:
nslookup e msisoft.bi t dns1.sop rodns.ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 1360 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 1556 cmdline:
nslookup g andcrab.bi t dns1.sop rodns.ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 2140 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 2764 cmdline:
nslookup n omoreranso m.bit dns1 .soprodns. ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 4820 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 4272 cmdline:
nslookup e msisoft.bi t dns1.sop rodns.ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 3184 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 5236 cmdline:
nslookup g andcrab.bi t dns1.sop rodns.ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 4996 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - nslookup.exe (PID: 5708 cmdline:
nslookup n omoreranso m.bit dns1 .soprodns. ru MD5: 8E82529D1475D67615ADCB4E1B8F4EEC) - conhost.exe (PID: 3196 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
- vkspii.exe (PID: 6028 cmdline:
"C:\Users\ user\AppDa ta\Roaming \Microsoft \vkspii.ex e" MD5: 551DA842D854798E9D42602EB420BD96)
- vkspii.exe (PID: 4024 cmdline:
"C:\Users\ user\AppDa ta\Roaming \Microsoft \vkspii.ex e" MD5: 551DA842D854798E9D42602EB420BD96)
- cleanup
⊘No configs have been found
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| SUSP_RANSOMWARE_Indicator_Jul20 | Detects ransomware indicator | Florian Roth |
| |
| JoeSecurity_Gandcrab | Yara detected Gandcrab | Joe Security | ||
| Gandcrab | Gandcrab Payload | kevoreilly |
|
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| SUSP_RANSOMWARE_Indicator_Jul20 | Detects ransomware indicator | Florian Roth |
| |
| JoeSecurity_Gandcrab | Yara detected Gandcrab | Joe Security | ||
| Gandcrab | Gandcrab Payload | kevoreilly |
|
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_Gandcrab | Yara detected Gandcrab | Joe Security | ||
| JoeSecurity_Gandcrab | Yara detected Gandcrab | Joe Security | ||
| JoeSecurity_Gandcrab | Yara detected Gandcrab | Joe Security | ||
| JoeSecurity_Gandcrab | Yara detected Gandcrab | Joe Security | ||
| JoeSecurity_Gandcrab | Yara detected Gandcrab | Joe Security | ||
| Click to see the 6 entries | ||||
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| SUSP_RANSOMWARE_Indicator_Jul20 | Detects ransomware indicator | Florian Roth |
| |
| JoeSecurity_Gandcrab | Yara detected Gandcrab | Joe Security | ||
| Gandcrab | Gandcrab Payload | kevoreilly |
| |
| SUSP_RANSOMWARE_Indicator_Jul20 | Detects ransomware indicator | Florian Roth |
| |
| JoeSecurity_Gandcrab | Yara detected Gandcrab | Joe Security | ||
| Click to see the 13 entries | ||||
⊘No Sigma rule has matched
| Timestamp: | 192.168.2.38.8.8.855642532829498 09/01/22-00:01:41.321667 |
| SID: | 2829498 |
| Source Port: | 55642 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.860090532829500 09/01/22-00:02:16.489371 |
| SID: | 2829500 |
| Source Port: | 60090 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.862436532026737 09/01/22-00:02:57.542714 |
| SID: | 2026737 |
| Source Port: | 62436 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.855955532829500 09/01/22-00:03:25.632008 |
| SID: | 2829500 |
| Source Port: | 55955 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853431532829498 09/01/22-00:02:18.409896 |
| SID: | 2829498 |
| Source Port: | 53431 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865513532829500 09/01/22-00:02:19.430995 |
| SID: | 2829500 |
| Source Port: | 65513 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864276532829498 09/01/22-00:03:00.100399 |
| SID: | 2829498 |
| Source Port: | 64276 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.851891532026737 09/01/22-00:03:31.975246 |
| SID: | 2026737 |
| Source Port: | 51891 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859765532026737 09/01/22-00:03:34.032990 |
| SID: | 2026737 |
| Source Port: | 59765 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853309532829500 09/01/22-00:01:54.918396 |
| SID: | 2829500 |
| Source Port: | 53309 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.854155532829498 09/01/22-00:02:39.711366 |
| SID: | 2829498 |
| Source Port: | 54155 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.849169532829500 09/01/22-00:02:32.443414 |
| SID: | 2829500 |
| Source Port: | 49169 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864378532829500 09/01/22-00:03:19.972139 |
| SID: | 2829500 |
| Source Port: | 64378 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.857391532829500 09/01/22-00:02:53.276938 |
| SID: | 2829500 |
| Source Port: | 57391 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.851597532026737 09/01/22-00:03:26.976848 |
| SID: | 2026737 |
| Source Port: | 51597 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853271532829498 09/01/22-00:02:55.260307 |
| SID: | 2829498 |
| Source Port: | 53271 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853471532829500 09/01/22-00:02:00.665796 |
| SID: | 2829500 |
| Source Port: | 53471 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865323532026737 09/01/22-00:01:43.859132 |
| SID: | 2026737 |
| Source Port: | 65323 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.860647532829498 09/01/22-00:03:25.300157 |
| SID: | 2829498 |
| Source Port: | 60647 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.850230532026737 09/01/22-00:02:54.735839 |
| SID: | 2026737 |
| Source Port: | 50230 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.850624532026737 09/01/22-00:03:18.677171 |
| SID: | 2026737 |
| Source Port: | 50624 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853468532829500 09/01/22-00:02:00.604247 |
| SID: | 2829500 |
| Source Port: | 53468 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.858122532829498 09/01/22-00:02:27.905128 |
| SID: | 2829498 |
| Source Port: | 58122 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.854436532829498 09/01/22-00:03:36.045306 |
| SID: | 2829498 |
| Source Port: | 54436 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.862426532026737 09/01/22-00:03:13.145963 |
| SID: | 2026737 |
| Source Port: | 62426 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.856046532829500 09/01/22-00:01:38.500367 |
| SID: | 2829500 |
| Source Port: | 56046 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859378532829500 09/01/22-00:02:48.340518 |
| SID: | 2829500 |
| Source Port: | 59378 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.858305532026737 09/01/22-00:02:34.497221 |
| SID: | 2026737 |
| Source Port: | 58305 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.861418532829498 09/01/22-00:02:02.984507 |
| SID: | 2829498 |
| Source Port: | 61418 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.850095532026737 09/01/22-00:03:38.741458 |
| SID: | 2026737 |
| Source Port: | 50095 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.852114532026737 09/01/22-00:03:20.324395 |
| SID: | 2026737 |
| Source Port: | 52114 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865466532829500 09/01/22-00:03:37.373699 |
| SID: | 2829500 |
| Source Port: | 65466 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853042532026737 09/01/22-00:03:06.339869 |
| SID: | 2026737 |
| Source Port: | 53042 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.849877532829500 09/01/22-00:02:36.035379 |
| SID: | 2829500 |
| Source Port: | 49877 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864971532829500 09/01/22-00:03:05.617213 |
| SID: | 2829500 |
| Source Port: | 64971 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.861186532829498 09/01/22-00:02:52.648140 |
| SID: | 2829498 |
| Source Port: | 61186 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859829532829500 09/01/22-00:02:55.953112 |
| SID: | 2829500 |
| Source Port: | 59829 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.849204532026737 09/01/22-00:02:46.678054 |
| SID: | 2026737 |
| Source Port: | 49204 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.861364532829498 09/01/22-00:03:28.558638 |
| SID: | 2829498 |
| Source Port: | 61364 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.857829532829500 09/01/22-00:03:23.021549 |
| SID: | 2829500 |
| Source Port: | 57829 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.850788532026737 09/01/22-00:02:43.387386 |
| SID: | 2026737 |
| Source Port: | 50788 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.851996532026737 09/01/22-00:02:26.312895 |
| SID: | 2026737 |
| Source Port: | 51996 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.857706532829500 09/01/22-00:01:42.686131 |
| SID: | 2829500 |
| Source Port: | 57706 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859436532026737 09/01/22-00:01:57.638087 |
| SID: | 2026737 |
| Source Port: | 59436 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859822532026737 09/01/22-00:02:19.952319 |
| SID: | 2026737 |
| Source Port: | 59822 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.860587532026737 09/01/22-00:01:27.550732 |
| SID: | 2026737 |
| Source Port: | 60587 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.852957532829500 09/01/22-00:01:25.328522 |
| SID: | 2829500 |
| Source Port: | 52957 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.858914532829500 09/01/22-00:03:18.020601 |
| SID: | 2829500 |
| Source Port: | 58914 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853850532026737 09/01/22-00:01:50.247028 |
| SID: | 2026737 |
| Source Port: | 53850 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.856619532026737 09/01/22-00:02:49.126045 |
| SID: | 2026737 |
| Source Port: | 56619 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.852112532026737 09/01/22-00:03:20.284135 |
| SID: | 2026737 |
| Source Port: | 52112 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865198532829500 09/01/22-00:02:04.768621 |
| SID: | 2829500 |
| Source Port: | 65198 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853848532829498 09/01/22-00:01:59.462827 |
| SID: | 2829498 |
| Source Port: | 53848 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.851893532026737 09/01/22-00:03:32.036713 |
| SID: | 2026737 |
| Source Port: | 51893 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.854433532829498 09/01/22-00:03:35.979601 |
| SID: | 2829498 |
| Source Port: | 54433 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853310532829500 09/01/22-00:01:54.940366 |
| SID: | 2829500 |
| Source Port: | 53310 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859438532026737 09/01/22-00:01:57.681285 |
| SID: | 2026737 |
| Source Port: | 59438 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.861421532829498 09/01/22-00:02:03.043258 |
| SID: | 2829498 |
| Source Port: | 61421 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.852458532026737 09/01/22-00:03:02.844406 |
| SID: | 2026737 |
| Source Port: | 52458 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.855652532829498 09/01/22-00:03:19.259211 |
| SID: | 2829498 |
| Source Port: | 55652 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.861130532829498 09/01/22-00:03:15.942186 |
| SID: | 2829498 |
| Source Port: | 61130 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.860421532829498 09/01/22-00:03:32.382333 |
| SID: | 2829498 |
| Source Port: | 60421 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864973532829500 09/01/22-00:03:05.661525 |
| SID: | 2829500 |
| Source Port: | 64973 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.863567532026737 09/01/22-00:02:17.089606 |
| SID: | 2026737 |
| Source Port: | 63567 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865463532829500 09/01/22-00:03:37.309587 |
| SID: | 2829500 |
| Source Port: | 65463 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865389532026737 09/01/22-00:02:38.719558 |
| SID: | 2026737 |
| Source Port: | 65389 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853040532026737 09/01/22-00:03:06.300781 |
| SID: | 2026737 |
| Source Port: | 53040 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.857827532829500 09/01/22-00:03:22.978908 |
| SID: | 2829500 |
| Source Port: | 57827 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853039532026737 09/01/22-00:03:06.280270 |
| SID: | 2026737 |
| Source Port: | 53039 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859585532026737 09/01/22-00:02:11.746820 |
| SID: | 2026737 |
| Source Port: | 59585 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.857708532829500 09/01/22-00:01:42.729663 |
| SID: | 2829500 |
| Source Port: | 57708 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.851142532829498 09/01/22-00:01:24.090037 |
| SID: | 2829498 |
| Source Port: | 51142 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853433532829498 09/01/22-00:02:18.458138 |
| SID: | 2829498 |
| Source Port: | 53433 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.860093532829500 09/01/22-00:02:16.558554 |
| SID: | 2829500 |
| Source Port: | 60093 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.849206532026737 09/01/22-00:02:46.717208 |
| SID: | 2026737 |
| Source Port: | 49206 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.851143532829498 09/01/22-00:01:24.124615 |
| SID: | 2829498 |
| Source Port: | 51143 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.854158532829498 09/01/22-00:02:39.772185 |
| SID: | 2829498 |
| Source Port: | 54158 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859376532829500 09/01/22-00:02:48.263272 |
| SID: | 2829500 |
| Source Port: | 59376 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864825532829500 09/01/22-00:02:24.749273 |
| SID: | 2829500 |
| Source Port: | 64825 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864273532829498 09/01/22-00:03:00.036817 |
| SID: | 2829498 |
| Source Port: | 64273 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.851894532026737 09/01/22-00:03:32.055555 |
| SID: | 2026737 |
| Source Port: | 51894 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.854434532829498 09/01/22-00:03:36.001169 |
| SID: | 2829498 |
| Source Port: | 54434 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859768532026737 09/01/22-00:03:34.095324 |
| SID: | 2026737 |
| Source Port: | 59768 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853054532829498 09/01/22-00:02:15.078816 |
| SID: | 2829498 |
| Source Port: | 53054 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.863448532829498 09/01/22-00:02:35.455212 |
| SID: | 2829498 |
| Source Port: | 63448 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865111532829500 09/01/22-00:01:46.954181 |
| SID: | 2829500 |
| Source Port: | 65111 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853627532026737 09/01/22-00:02:01.832804 |
| SID: | 2026737 |
| Source Port: | 53627 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865200532829500 09/01/22-00:02:04.820486 |
| SID: | 2829500 |
| Source Port: | 65200 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.855461532829498 09/01/22-00:03:07.325312 |
| SID: | 2829498 |
| Source Port: | 55461 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865390532026737 09/01/22-00:02:38.738598 |
| SID: | 2026737 |
| Source Port: | 65390 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865516532829500 09/01/22-00:02:19.492210 |
| SID: | 2829500 |
| Source Port: | 65516 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.855654532829498 09/01/22-00:03:19.297074 |
| SID: | 2829498 |
| Source Port: | 55654 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.854288532829500 09/01/22-00:03:33.756470 |
| SID: | 2829500 |
| Source Port: | 54288 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865515532829500 09/01/22-00:02:19.472414 |
| SID: | 2829500 |
| Source Port: | 65515 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859767532026737 09/01/22-00:03:34.075907 |
| SID: | 2026737 |
| Source Port: | 59767 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.860649532829498 09/01/22-00:03:25.341169 |
| SID: | 2829498 |
| Source Port: | 60649 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853628532026737 09/01/22-00:02:01.851234 |
| SID: | 2026737 |
| Source Port: | 53628 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864970532829500 09/01/22-00:02:44.867082 |
| SID: | 2829500 |
| Source Port: | 64970 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.862434532026737 09/01/22-00:02:57.492445 |
| SID: | 2026737 |
| Source Port: | 62434 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859583532026737 09/01/22-00:02:11.706174 |
| SID: | 2026737 |
| Source Port: | 59583 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.850232532026737 09/01/22-00:02:54.777871 |
| SID: | 2026737 |
| Source Port: | 50232 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.852959532829500 09/01/22-00:01:25.367458 |
| SID: | 2829500 |
| Source Port: | 52959 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.850787532026737 09/01/22-00:02:43.367194 |
| SID: | 2026737 |
| Source Port: | 50787 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.858123532829498 09/01/22-00:02:27.969558 |
| SID: | 2829498 |
| Source Port: | 58123 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.860423532829498 09/01/22-00:03:32.424188 |
| SID: | 2829498 |
| Source Port: | 60423 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865201532829500 09/01/22-00:02:04.842170 |
| SID: | 2829500 |
| Source Port: | 65201 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.854157532829498 09/01/22-00:02:39.751533 |
| SID: | 2829498 |
| Source Port: | 54157 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865112532829500 09/01/22-00:01:46.974641 |
| SID: | 2829500 |
| Source Port: | 65112 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859830532829500 09/01/22-00:02:55.974495 |
| SID: | 2829500 |
| Source Port: | 59830 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.855460532829498 09/01/22-00:03:07.301197 |
| SID: | 2829498 |
| Source Port: | 55460 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853307532829500 09/01/22-00:01:54.875889 |
| SID: | 2829500 |
| Source Port: | 53307 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.851595532026737 09/01/22-00:03:26.929732 |
| SID: | 2026737 |
| Source Port: | 51595 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.856044532829500 09/01/22-00:01:38.460693 |
| SID: | 2829500 |
| Source Port: | 56044 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.857828532829500 09/01/22-00:03:23.000023 |
| SID: | 2829500 |
| Source Port: | 57828 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864606532829500 09/01/22-00:02:41.903320 |
| SID: | 2829500 |
| Source Port: | 64606 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853273532829498 09/01/22-00:02:55.304130 |
| SID: | 2829498 |
| Source Port: | 53273 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.856047532829500 09/01/22-00:01:38.529181 |
| SID: | 2829500 |
| Source Port: | 56047 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.850626532026737 09/01/22-00:03:18.717464 |
| SID: | 2026737 |
| Source Port: | 50626 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.863691532829498 09/01/22-00:03:21.687512 |
| SID: | 2829498 |
| Source Port: | 63691 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859825532026737 09/01/22-00:02:20.014612 |
| SID: | 2026737 |
| Source Port: | 59825 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.855954532829500 09/01/22-00:03:25.612012 |
| SID: | 2829500 |
| Source Port: | 55954 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.862428532026737 09/01/22-00:03:13.188986 |
| SID: | 2026737 |
| Source Port: | 62428 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.861419532829498 09/01/22-00:02:03.004767 |
| SID: | 2829498 |
| Source Port: | 61419 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.860474532829498 09/01/22-00:02:47.119975 |
| SID: | 2829498 |
| Source Port: | 60474 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864274532829498 09/01/22-00:03:00.057400 |
| SID: | 2829498 |
| Source Port: | 64274 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853853532026737 09/01/22-00:01:50.543832 |
| SID: | 2026737 |
| Source Port: | 53853 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.855248532829498 09/01/22-00:03:03.486266 |
| SID: | 2829498 |
| Source Port: | 55248 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853432532829498 09/01/22-00:02:18.428585 |
| SID: | 2829498 |
| Source Port: | 53432 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853849532829498 09/01/22-00:01:59.483040 |
| SID: | 2829498 |
| Source Port: | 53849 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859586532026737 09/01/22-00:02:11.767488 |
| SID: | 2026737 |
| Source Port: | 59586 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.860477532829498 09/01/22-00:02:47.180255 |
| SID: | 2829498 |
| Source Port: | 60477 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.852743532026737 09/01/22-00:03:23.998658 |
| SID: | 2026737 |
| Source Port: | 52743 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.849170532829500 09/01/22-00:02:32.467435 |
| SID: | 2829500 |
| Source Port: | 49170 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865325532026737 09/01/22-00:01:43.903174 |
| SID: | 2026737 |
| Source Port: | 65325 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.857575532829498 09/01/22-00:01:53.271847 |
| SID: | 2829498 |
| Source Port: | 57575 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.849879532829500 09/01/22-00:02:36.072251 |
| SID: | 2829500 |
| Source Port: | 49879 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859640532026737 09/01/22-00:01:39.971866 |
| SID: | 2026737 |
| Source Port: | 59640 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865109532829500 09/01/22-00:01:46.914019 |
| SID: | 2829500 |
| Source Port: | 65109 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.863450532829498 09/01/22-00:02:35.496675 |
| SID: | 2829498 |
| Source Port: | 63450 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.860646532829498 09/01/22-00:03:25.281760 |
| SID: | 2829498 |
| Source Port: | 60646 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.854285532829500 09/01/22-00:03:33.695070 |
| SID: | 2829500 |
| Source Port: | 54285 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.858915532829500 09/01/22-00:03:18.040653 |
| SID: | 2829500 |
| Source Port: | 58915 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864974532829500 09/01/22-00:03:05.683602 |
| SID: | 2829500 |
| Source Port: | 64974 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.858482532829500 09/01/22-00:03:29.362481 |
| SID: | 2829500 |
| Source Port: | 58482 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864125532829498 09/01/22-00:02:44.347197 |
| SID: | 2829498 |
| Source Port: | 64125 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859437532026737 09/01/22-00:01:57.658266 |
| SID: | 2026737 |
| Source Port: | 59437 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |