Windows
Analysis Report
Payment_copy28476450.exe
Overview
General Information
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- Payment_copy28476450.exe (PID: 160 cmdline:
C:\Users\u ser\Deskto p\Payment_ copy284764 50.exe MD5: 70E90926399154C2708801A73CF53D99) - wcycejenv.exe (PID: 588 cmdline:
"C:\Users\ user\AppDa ta\Local\T emp\wcycej env.exe" C :\Users\us er\AppData \Local\Tem p\stvrrcrc .d MD5: 3182BEF520A1E9F52BE3755C25E4C3B0) - conhost.exe (PID: 584 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - wcycejenv.exe (PID: 5332 cmdline:
"C:\Users\ user\AppDa ta\Local\T emp\wcycej env.exe" C :\Users\us er\AppData \Local\Tem p\stvrrcrc .d MD5: 3182BEF520A1E9F52BE3755C25E4C3B0)
- cleanup
{"C2 list": ["http://kbfvzoboss.bid/alien/fre.php", "http://alphastand.trade/alien/fre.php", "http://alphastand.win/alien/fre.php", "http://alphastand.top/alien/fre.php"]}
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Lokibot_1 | Yara detected Lokibot | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
JoeSecurity_aPLib_compressed_binary | Yara detected aPLib compressed binary | Joe Security | ||
JoeSecurity_Lokibot | Yara detected Lokibot | Joe Security | ||
INDICATOR_SUSPICIOUS_GENInfoStealer | Detects executables containing common artifcats observed in infostealers | ditekSHen |
| |
Windows_Trojan_Lokibot_1f885282 | unknown | unknown |
| |
Click to see the 24 entries |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
SUSP_XORed_URL_in_EXE | Detects an XORed URL in an executable | Florian Roth |
| |
JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
JoeSecurity_aPLib_compressed_binary | Yara detected aPLib compressed binary | Joe Security | ||
JoeSecurity_Lokibot | Yara detected Lokibot | Joe Security | ||
INDICATOR_SUSPICIOUS_GENInfoStealer | Detects executables containing common artifcats observed in infostealers | ditekSHen |
| |
Click to see the 35 entries |
Timestamp: | 192.168.2.695.213.216.20249737802025381 11/24/22-19:55:31.199874 |
SID: | 2025381 |
Source Port: | 49737 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249748802021641 11/24/22-19:55:53.130311 |
SID: | 2021641 |
Source Port: | 49748 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249750802825766 11/24/22-19:55:57.329298 |
SID: | 2825766 |
Source Port: | 49750 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249751802021641 11/24/22-19:55:59.376338 |
SID: | 2021641 |
Source Port: | 49751 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.859881532014169 11/24/22-19:55:09.708351 |
SID: | 2014169 |
Source Port: | 59881 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 95.213.216.202192.168.2.680497332025483 11/24/22-19:55:24.906100 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49733 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497352025483 11/24/22-19:55:28.867256 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49735 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249736802024318 11/24/22-19:55:29.163584 |
SID: | 2024318 |
Source Port: | 49736 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497372025483 11/24/22-19:55:32.908191 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49737 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497392025483 11/24/22-19:55:36.924861 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49739 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249754802024318 11/24/22-19:56:04.818902 |
SID: | 2024318 |
Source Port: | 49754 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249736802024313 11/24/22-19:55:29.163584 |
SID: | 2024313 |
Source Port: | 49736 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.856122532014169 11/24/22-19:54:54.866804 |
SID: | 2014169 |
Source Port: | 56122 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249754802024313 11/24/22-19:56:04.818902 |
SID: | 2024313 |
Source Port: | 49754 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249711802024313 11/24/22-19:54:38.624655 |
SID: | 2024313 |
Source Port: | 49711 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249705802021641 11/24/22-19:54:27.228813 |
SID: | 2021641 |
Source Port: | 49705 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249719802025381 11/24/22-19:54:53.033944 |
SID: | 2025381 |
Source Port: | 49719 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249729802825766 11/24/22-19:55:13.852615 |
SID: | 2825766 |
Source Port: | 49729 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249722802025381 11/24/22-19:54:59.769485 |
SID: | 2025381 |
Source Port: | 49722 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249747802825766 11/24/22-19:55:51.131718 |
SID: | 2825766 |
Source Port: | 49747 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249711802024318 11/24/22-19:54:38.624655 |
SID: | 2024318 |
Source Port: | 49711 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249740802025381 11/24/22-19:55:37.776321 |
SID: | 2025381 |
Source Port: | 49740 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249750802025381 11/24/22-19:55:57.329298 |
SID: | 2025381 |
Source Port: | 49750 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249737802825766 11/24/22-19:55:31.199874 |
SID: | 2825766 |
Source Port: | 49737 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249714802825766 11/24/22-19:54:45.091814 |
SID: | 2825766 |
Source Port: | 49714 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.850343532014169 11/24/22-19:55:13.761219 |
SID: | 2014169 |
Source Port: | 50343 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249741802021641 11/24/22-19:55:39.990050 |
SID: | 2021641 |
Source Port: | 49741 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249709802025381 11/24/22-19:54:33.518227 |
SID: | 2025381 |
Source Port: | 49709 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249723802021641 11/24/22-19:55:01.692450 |
SID: | 2021641 |
Source Port: | 49723 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249727802025381 11/24/22-19:55:09.788187 |
SID: | 2025381 |
Source Port: | 49727 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249700802021641 11/24/22-19:54:18.249997 |
SID: | 2021641 |
Source Port: | 49700 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.856569532014169 11/24/22-19:55:23.105213 |
SID: | 2014169 |
Source Port: | 56569 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249719802825766 11/24/22-19:54:53.033944 |
SID: | 2825766 |
Source Port: | 49719 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249732802825766 11/24/22-19:55:21.169470 |
SID: | 2825766 |
Source Port: | 49732 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.853943532014169 11/24/22-19:55:03.645658 |
SID: | 2014169 |
Source Port: | 53943 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249755802025381 11/24/22-19:56:06.881877 |
SID: | 2025381 |
Source Port: | 49755 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.855629532014169 11/24/22-19:55:19.049102 |
SID: | 2014169 |
Source Port: | 55629 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 95.213.216.202192.168.2.680497312025483 11/24/22-19:55:20.867899 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49731 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249755802825766 11/24/22-19:56:06.881877 |
SID: | 2825766 |
Source Port: | 49755 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249701802024313 11/24/22-19:54:22.087876 |
SID: | 2024313 |
Source Port: | 49701 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249732802025381 11/24/22-19:55:21.169470 |
SID: | 2025381 |
Source Port: | 49732 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.860130532014169 11/24/22-19:55:57.225226 |
SID: | 2014169 |
Source Port: | 60130 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249718802024313 11/24/22-19:54:50.807735 |
SID: | 2024313 |
Source Port: | 49718 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249701802024318 11/24/22-19:54:22.087876 |
SID: | 2024318 |
Source Port: | 49701 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249699802024318 11/24/22-19:54:15.956073 |
SID: | 2024318 |
Source Port: | 49699 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497402025483 11/24/22-19:55:39.709470 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49740 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497422025483 11/24/22-19:55:42.590814 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49742 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249718802024318 11/24/22-19:54:50.807735 |
SID: | 2024318 |
Source Port: | 49718 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249699802024313 11/24/22-19:54:15.956073 |
SID: | 2024313 |
Source Port: | 49699 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249702802025381 11/24/22-19:54:25.054966 |
SID: | 2025381 |
Source Port: | 49702 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.861609532014169 11/24/22-19:54:59.613442 |
SID: | 2014169 |
Source Port: | 61609 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 95.213.216.202192.168.2.680497282025483 11/24/22-19:55:13.560423 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49728 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249710802021641 11/24/22-19:54:35.914327 |
SID: | 2021641 |
Source Port: | 49710 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249716802024318 11/24/22-19:54:48.704817 |
SID: | 2024318 |
Source Port: | 49716 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.862958532014169 11/24/22-19:55:40.875534 |
SID: | 2014169 |
Source Port: | 62958 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.68.8.8.864382532014169 11/24/22-19:54:15.835585 |
SID: | 2014169 |
Source Port: | 64382 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249716802024313 11/24/22-19:54:48.704817 |
SID: | 2024313 |
Source Port: | 49716 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249707802021641 11/24/22-19:54:31.276699 |
SID: | 2021641 |
Source Port: | 49707 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249739802825766 11/24/22-19:55:35.259290 |
SID: | 2825766 |
Source Port: | 49739 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497242025483 11/24/22-19:55:05.403255 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49724 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.849232532014169 11/24/22-19:55:31.114753 |
SID: | 2014169 |
Source Port: | 49232 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.68.8.8.862848532014169 11/24/22-19:55:44.925533 |
SID: | 2014169 |
Source Port: | 62848 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249713802021641 11/24/22-19:54:43.021097 |
SID: | 2021641 |
Source Port: | 49713 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249745802825766 11/24/22-19:55:47.082758 |
SID: | 2825766 |
Source Port: | 49745 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249731802024318 11/24/22-19:55:19.158567 |
SID: | 2024318 |
Source Port: | 49731 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249706802825766 11/24/22-19:54:29.062049 |
SID: | 2825766 |
Source Port: | 49706 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249749802024313 11/24/22-19:55:55.139215 |
SID: | 2024313 |
Source Port: | 49749 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249709802825766 11/24/22-19:54:33.518227 |
SID: | 2825766 |
Source Port: | 49709 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249731802024313 11/24/22-19:55:19.158567 |
SID: | 2024313 |
Source Port: | 49731 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249746802024313 11/24/22-19:55:49.078874 |
SID: | 2024313 |
Source Port: | 49746 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249742802825766 11/24/22-19:55:40.973542 |
SID: | 2825766 |
Source Port: | 49742 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249749802024318 11/24/22-19:55:55.139215 |
SID: | 2024318 |
Source Port: | 49749 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497072025483 11/24/22-19:54:33.040572 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49707 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249712802825766 11/24/22-19:54:40.926341 |
SID: | 2825766 |
Source Port: | 49712 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249752802024313 11/24/22-19:56:01.434635 |
SID: | 2024313 |
Source Port: | 49752 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249746802024318 11/24/22-19:55:49.078874 |
SID: | 2024318 |
Source Port: | 49746 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249752802024318 11/24/22-19:56:01.434635 |
SID: | 2024318 |
Source Port: | 49752 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249728802021641 11/24/22-19:55:11.780324 |
SID: | 2021641 |
Source Port: | 49728 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249743802021641 11/24/22-19:55:42.875605 |
SID: | 2021641 |
Source Port: | 49743 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249738802024313 11/24/22-19:55:33.192742 |
SID: | 2024313 |
Source Port: | 49738 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.862910532014169 11/24/22-19:54:44.985895 |
SID: | 2014169 |
Source Port: | 62910 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249724802025381 11/24/22-19:55:03.741584 |
SID: | 2025381 |
Source Port: | 49724 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249738802024318 11/24/22-19:55:33.192742 |
SID: | 2024318 |
Source Port: | 49738 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249740802825766 11/24/22-19:55:37.776321 |
SID: | 2825766 |
Source Port: | 49740 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249744802024313 11/24/22-19:55:45.028740 |
SID: | 2024313 |
Source Port: | 49744 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249697802825766 11/24/22-19:54:11.348011 |
SID: | 2825766 |
Source Port: | 49697 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.856331532014169 11/24/22-19:54:31.195563 |
SID: | 2014169 |
Source Port: | 56331 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.68.8.8.849448532014169 11/24/22-19:54:35.800639 |
SID: | 2014169 |
Source Port: | 49448 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249744802024318 11/24/22-19:55:45.028740 |
SID: | 2024318 |
Source Port: | 49744 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.856750532014169 11/24/22-19:56:03.361289 |
SID: | 2014169 |
Source Port: | 56750 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.68.8.8.850506532014169 11/24/22-19:54:33.429766 |
SID: | 2014169 |
Source Port: | 50506 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.68.8.8.859752532014169 11/24/22-19:55:35.135406 |
SID: | 2014169 |
Source Port: | 59752 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249721802021641 11/24/22-19:54:56.896268 |
SID: | 2021641 |
Source Port: | 49721 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249729802025381 11/24/22-19:55:13.852615 |
SID: | 2025381 |
Source Port: | 49729 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249698802025381 11/24/22-19:54:13.981663 |
SID: | 2025381 |
Source Port: | 49698 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249730802025381 11/24/22-19:55:16.067382 |
SID: | 2025381 |
Source Port: | 49730 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.862732532014169 11/24/22-19:55:59.286288 |
SID: | 2014169 |
Source Port: | 62732 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.68.8.8.859336532014169 11/24/22-19:56:04.733170 |
SID: | 2014169 |
Source Port: | 59336 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249734802825766 11/24/22-19:55:25.189583 |
SID: | 2825766 |
Source Port: | 49734 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.865198532014169 11/24/22-19:54:42.928676 |
SID: | 2014169 |
Source Port: | 65198 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249735802025381 11/24/22-19:55:27.170416 |
SID: | 2025381 |
Source Port: | 49735 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497542025483 11/24/22-19:56:06.628427 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49754 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249715802021641 11/24/22-19:54:47.405096 |
SID: | 2021641 |
Source Port: | 49715 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497192025483 11/24/22-19:54:54.654090 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49719 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497522025483 11/24/22-19:56:03.175717 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49752 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249753802825766 11/24/22-19:56:03.443038 |
SID: | 2825766 |
Source Port: | 49753 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.851321532014169 11/24/22-19:55:51.025349 |
SID: | 2014169 |
Source Port: | 51321 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249697802025381 11/24/22-19:54:11.348011 |
SID: | 2025381 |
Source Port: | 49697 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249707802825766 11/24/22-19:54:31.276699 |
SID: | 2825766 |
Source Port: | 49707 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249744802825766 11/24/22-19:55:45.028740 |
SID: | 2825766 |
Source Port: | 49744 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249749802025381 11/24/22-19:55:55.139215 |
SID: | 2025381 |
Source Port: | 49749 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497162025483 11/24/22-19:54:50.512832 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49716 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497142025483 11/24/22-19:54:46.656019 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49714 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249754802021641 11/24/22-19:56:04.818902 |
SID: | 2021641 |
Source Port: | 49754 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249705802024318 11/24/22-19:54:27.228813 |
SID: | 2024318 |
Source Port: | 49705 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249710802025381 11/24/22-19:54:35.914327 |
SID: | 2025381 |
Source Port: | 49710 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497112025483 11/24/22-19:54:39.580169 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49711 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497132025483 11/24/22-19:54:44.610304 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49713 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249735802825766 11/24/22-19:55:27.170416 |
SID: | 2825766 |
Source Port: | 49735 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249752802025381 11/24/22-19:56:01.434635 |
SID: | 2025381 |
Source Port: | 49752 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.862766532014169 11/24/22-19:55:55.046216 |
SID: | 2014169 |
Source Port: | 62766 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249705802024313 11/24/22-19:54:27.228813 |
SID: | 2024313 |
Source Port: | 49705 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249710802825766 11/24/22-19:54:35.914327 |
SID: | 2825766 |
Source Port: | 49710 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249707802025381 11/24/22-19:54:31.276699 |
SID: | 2025381 |
Source Port: | 49707 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.864601532014169 11/24/22-19:54:24.912578 |
SID: | 2014169 |
Source Port: | 64601 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249706802024313 11/24/22-19:54:29.062049 |
SID: | 2024313 |
Source Port: | 49706 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249735802021641 11/24/22-19:55:27.170416 |
SID: | 2021641 |
Source Port: | 49735 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249706802024318 11/24/22-19:54:29.062049 |
SID: | 2024318 |
Source Port: | 49706 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.852481532014169 11/24/22-19:55:01.607307 |
SID: | 2014169 |
Source Port: | 52481 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249726802825766 11/24/22-19:55:07.738200 |
SID: | 2825766 |
Source Port: | 49726 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249754802825766 11/24/22-19:56:04.818902 |
SID: | 2825766 |
Source Port: | 49754 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249733802025381 11/24/22-19:55:23.201569 |
SID: | 2025381 |
Source Port: | 49733 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249753802021641 11/24/22-19:56:03.443038 |
SID: | 2021641 |
Source Port: | 49753 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249724802024313 11/24/22-19:55:03.741584 |
SID: | 2024313 |
Source Port: | 49724 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.864404532014169 11/24/22-19:55:42.774058 |
SID: | 2014169 |
Source Port: | 64404 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249726802025381 11/24/22-19:55:07.738200 |
SID: | 2025381 |
Source Port: | 49726 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249747802024318 11/24/22-19:55:51.131718 |
SID: | 2024318 |
Source Port: | 49747 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249725802825766 11/24/22-19:55:05.694279 |
SID: | 2825766 |
Source Port: | 49725 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249712802021641 11/24/22-19:54:40.926341 |
SID: | 2021641 |
Source Port: | 49712 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249747802024313 11/24/22-19:55:51.131718 |
SID: | 2024313 |
Source Port: | 49747 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.852865532014169 11/24/22-19:55:37.629169 |
SID: | 2014169 |
Source Port: | 52865 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 95.213.216.202192.168.2.680497462025483 11/24/22-19:55:50.859980 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49746 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249699802021641 11/24/22-19:54:15.956073 |
SID: | 2021641 |
Source Port: | 49699 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249724802024318 11/24/22-19:55:03.741584 |
SID: | 2024318 |
Source Port: | 49724 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497552025483 11/24/22-19:56:08.689068 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49755 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249719802021641 11/24/22-19:54:53.033944 |
SID: | 2021641 |
Source Port: | 49719 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497442025483 11/24/22-19:55:46.796463 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49744 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497272025483 11/24/22-19:55:11.470809 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49727 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.863863532014169 11/24/22-19:54:46.995919 |
SID: | 2014169 |
Source Port: | 63863 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249716802021641 11/24/22-19:54:48.704817 |
SID: | 2021641 |
Source Port: | 49716 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249751802025381 11/24/22-19:55:59.376338 |
SID: | 2025381 |
Source Port: | 49751 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249714802025381 11/24/22-19:54:45.091814 |
SID: | 2025381 |
Source Port: | 49714 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249722802021641 11/24/22-19:54:59.769485 |
SID: | 2021641 |
Source Port: | 49722 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497222025483 11/24/22-19:55:01.407205 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49722 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249720802025381 11/24/22-19:54:54.960633 |
SID: | 2025381 |
Source Port: | 49720 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.853203532014169 11/24/22-19:54:18.123294 |
SID: | 2014169 |
Source Port: | 53203 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249700802825766 11/24/22-19:54:18.249997 |
SID: | 2825766 |
Source Port: | 49700 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249737802024318 11/24/22-19:55:31.199874 |
SID: | 2024318 |
Source Port: | 49737 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249740802024313 11/24/22-19:55:37.776321 |
SID: | 2024313 |
Source Port: | 49740 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249742802025381 11/24/22-19:55:40.973542 |
SID: | 2025381 |
Source Port: | 49742 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497052025483 11/24/22-19:54:28.634655 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49705 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249731802021641 11/24/22-19:55:19.158567 |
SID: | 2021641 |
Source Port: | 49731 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.857686532014169 11/24/22-19:54:13.553924 |
SID: | 2014169 |
Source Port: | 57686 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.68.8.8.858595532014169 11/24/22-19:54:28.961973 |
SID: | 2014169 |
Source Port: | 58595 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249736802025381 11/24/22-19:55:29.163584 |
SID: | 2025381 |
Source Port: | 49736 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249745802025381 11/24/22-19:55:47.082758 |
SID: | 2025381 |
Source Port: | 49745 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.857515532014169 11/24/22-19:55:48.986225 |
SID: | 2014169 |
Source Port: | 57515 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249734802024318 11/24/22-19:55:25.189583 |
SID: | 2024318 |
Source Port: | 49734 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497002025483 11/24/22-19:54:20.029122 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49700 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249725802021641 11/24/22-19:55:05.694279 |
SID: | 2021641 |
Source Port: | 49725 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249734802024313 11/24/22-19:55:25.189583 |
SID: | 2024313 |
Source Port: | 49734 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249743802024318 11/24/22-19:55:42.875605 |
SID: | 2024318 |
Source Port: | 49743 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249728802024318 11/24/22-19:55:11.780324 |
SID: | 2024318 |
Source Port: | 49728 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249737802024313 11/24/22-19:55:31.199874 |
SID: | 2024313 |
Source Port: | 49737 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249728802024313 11/24/22-19:55:11.780324 |
SID: | 2024313 |
Source Port: | 49728 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249739802025381 11/24/22-19:55:35.259290 |
SID: | 2025381 |
Source Port: | 49739 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.855956532014169 11/24/22-19:55:46.990731 |
SID: | 2014169 |
Source Port: | 55956 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249743802024313 11/24/22-19:55:42.875605 |
SID: | 2024313 |
Source Port: | 49743 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249709802024313 11/24/22-19:54:33.518227 |
SID: | 2024313 |
Source Port: | 49709 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249738802021641 11/24/22-19:55:33.192742 |
SID: | 2021641 |
Source Port: | 49738 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.859082532014169 11/24/22-19:54:38.013432 |
SID: | 2014169 |
Source Port: | 59082 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249740802024318 11/24/22-19:55:37.776321 |
SID: | 2024318 |
Source Port: | 49740 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249722802825766 11/24/22-19:54:59.769485 |
SID: | 2825766 |
Source Port: | 49722 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.851530532014169 11/24/22-19:54:52.685795 |
SID: | 2014169 |
Source Port: | 51530 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249701802025381 11/24/22-19:54:22.087876 |
SID: | 2025381 |
Source Port: | 49701 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249723802025381 11/24/22-19:55:01.692450 |
SID: | 2025381 |
Source Port: | 49723 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249721802024313 11/24/22-19:54:56.896268 |
SID: | 2024313 |
Source Port: | 49721 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249750802021641 11/24/22-19:55:57.329298 |
SID: | 2021641 |
Source Port: | 49750 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249715802024318 11/24/22-19:54:47.405096 |
SID: | 2024318 |
Source Port: | 49715 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497302025483 11/24/22-19:55:17.735946 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49730 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249716802825766 11/24/22-19:54:48.704817 |
SID: | 2825766 |
Source Port: | 49716 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249721802024318 11/24/22-19:54:56.896268 |
SID: | 2024318 |
Source Port: | 49721 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.860032532014169 11/24/22-19:55:29.068969 |
SID: | 2014169 |
Source Port: | 60032 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249744802021641 11/24/22-19:55:45.028740 |
SID: | 2021641 |
Source Port: | 49744 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497412025483 11/24/22-19:55:40.700457 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49741 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497492025483 11/24/22-19:55:57.050677 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49749 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249709802024318 11/24/22-19:54:33.518227 |
SID: | 2024318 |
Source Port: | 49709 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249715802024313 11/24/22-19:54:47.405096 |
SID: | 2024313 |
Source Port: | 49715 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.858917532014169 11/24/22-19:55:11.700175 |
SID: | 2014169 |
Source Port: | 58917 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249745802024318 11/24/22-19:55:47.082758 |
SID: | 2024318 |
Source Port: | 49745 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497342025483 11/24/22-19:55:26.886961 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49734 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249742802021641 11/24/22-19:55:40.973542 |
SID: | 2021641 |
Source Port: | 49742 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497362025483 11/24/22-19:55:30.902353 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49736 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497382025483 11/24/22-19:55:34.897313 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49738 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497322025483 11/24/22-19:55:22.836179 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49732 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249739802021641 11/24/22-19:55:35.259290 |
SID: | 2021641 |
Source Port: | 49739 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249741802825766 11/24/22-19:55:39.990050 |
SID: | 2825766 |
Source Port: | 49741 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249728802025381 11/24/22-19:55:11.780324 |
SID: | 2025381 |
Source Port: | 49728 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249745802024313 11/24/22-19:55:47.082758 |
SID: | 2024313 |
Source Port: | 49745 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249713802825766 11/24/22-19:54:43.021097 |
SID: | 2825766 |
Source Port: | 49713 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249746802025381 11/24/22-19:55:49.078874 |
SID: | 2025381 |
Source Port: | 49746 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.853731532014169 11/24/22-19:54:11.254500 |
SID: | 2014169 |
Source Port: | 53731 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249702802024318 11/24/22-19:54:25.054966 |
SID: | 2024318 |
Source Port: | 49702 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249713802025381 11/24/22-19:54:43.021097 |
SID: | 2025381 |
Source Port: | 49713 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249738802825766 11/24/22-19:55:33.192742 |
SID: | 2825766 |
Source Port: | 49738 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.861089532014169 11/24/22-19:55:53.045222 |
SID: | 2014169 |
Source Port: | 61089 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249714802021641 11/24/22-19:54:45.091814 |
SID: | 2021641 |
Source Port: | 49714 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249720802024313 11/24/22-19:54:54.960633 |
SID: | 2024313 |
Source Port: | 49720 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249702802024313 11/24/22-19:54:25.054966 |
SID: | 2024313 |
Source Port: | 49702 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249720802024318 11/24/22-19:54:54.960633 |
SID: | 2024318 |
Source Port: | 49720 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249731802025381 11/24/22-19:55:19.158567 |
SID: | 2025381 |
Source Port: | 49731 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249735802024313 11/24/22-19:55:27.170416 |
SID: | 2024313 |
Source Port: | 49735 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249698802024317 11/24/22-19:54:13.981663 |
SID: | 2024317 |
Source Port: | 49698 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249698802024312 11/24/22-19:54:13.981663 |
SID: | 2024312 |
Source Port: | 49698 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249729802021641 11/24/22-19:55:13.852615 |
SID: | 2021641 |
Source Port: | 49729 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249721802025381 11/24/22-19:54:56.896268 |
SID: | 2025381 |
Source Port: | 49721 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249731802825766 11/24/22-19:55:19.158567 |
SID: | 2825766 |
Source Port: | 49731 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249712802024313 11/24/22-19:54:40.926341 |
SID: | 2024313 |
Source Port: | 49712 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249712802024318 11/24/22-19:54:40.926341 |
SID: | 2024318 |
Source Port: | 49712 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249735802024318 11/24/22-19:55:27.170416 |
SID: | 2024318 |
Source Port: | 49735 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249724802021641 11/24/22-19:55:03.741584 |
SID: | 2021641 |
Source Port: | 49724 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249748802825766 11/24/22-19:55:53.130311 |
SID: | 2825766 |
Source Port: | 49748 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249753802024318 11/24/22-19:56:03.443038 |
SID: | 2024318 |
Source Port: | 49753 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249753802024313 11/24/22-19:56:03.443038 |
SID: | 2024313 |
Source Port: | 49753 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249730802024318 11/24/22-19:55:16.067382 |
SID: | 2024318 |
Source Port: | 49730 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249747802021641 11/24/22-19:55:51.131718 |
SID: | 2021641 |
Source Port: | 49747 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249738802025381 11/24/22-19:55:33.192742 |
SID: | 2025381 |
Source Port: | 49738 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249730802024313 11/24/22-19:55:16.067382 |
SID: | 2024313 |
Source Port: | 49730 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249706802021641 11/24/22-19:54:29.062049 |
SID: | 2021641 |
Source Port: | 49706 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249705802025381 11/24/22-19:54:27.228813 |
SID: | 2025381 |
Source Port: | 49705 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.863229532014169 11/24/22-19:54:48.619009 |
SID: | 2014169 |
Source Port: | 63229 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249721802825766 11/24/22-19:54:56.896268 |
SID: | 2825766 |
Source Port: | 49721 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249722802024313 11/24/22-19:54:59.769485 |
SID: | 2024313 |
Source Port: | 49722 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497432025483 11/24/22-19:55:44.744520 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49743 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.849786532014169 11/24/22-19:54:27.135932 |
SID: | 2014169 |
Source Port: | 49786 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249725802024313 11/24/22-19:55:05.694279 |
SID: | 2024313 |
Source Port: | 49725 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249719802024318 11/24/22-19:54:53.033944 |
SID: | 2024318 |
Source Port: | 49719 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249722802024318 11/24/22-19:54:59.769485 |
SID: | 2024318 |
Source Port: | 49722 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249725802024318 11/24/22-19:55:05.694279 |
SID: | 2024318 |
Source Port: | 49725 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.856123532014169 11/24/22-19:55:33.111651 |
SID: | 2014169 |
Source Port: | 56123 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249697802021641 11/24/22-19:54:11.348011 |
SID: | 2021641 |
Source Port: | 49697 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249711802025381 11/24/22-19:54:38.624655 |
SID: | 2025381 |
Source Port: | 49711 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249736802825766 11/24/22-19:55:29.163584 |
SID: | 2825766 |
Source Port: | 49736 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497292025483 11/24/22-19:55:15.362841 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49729 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497252025483 11/24/22-19:55:07.447890 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49725 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497212025483 11/24/22-19:54:58.247548 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49721 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249750802024318 11/24/22-19:55:57.329298 |
SID: | 2024318 |
Source Port: | 49750 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249737802021641 11/24/22-19:55:31.199874 |
SID: | 2021641 |
Source Port: | 49737 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249751802825766 11/24/22-19:55:59.376338 |
SID: | 2825766 |
Source Port: | 49751 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249740802021641 11/24/22-19:55:37.776321 |
SID: | 2021641 |
Source Port: | 49740 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497022025483 11/24/22-19:54:26.773719 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49702 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497062025483 11/24/22-19:54:30.867234 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49706 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249754802025381 11/24/22-19:56:04.818902 |
SID: | 2025381 |
Source Port: | 49754 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249699802825766 11/24/22-19:54:15.956073 |
SID: | 2825766 |
Source Port: | 49699 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249719802024313 11/24/22-19:54:53.033944 |
SID: | 2024313 |
Source Port: | 49719 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249734802021641 11/24/22-19:55:25.189583 |
SID: | 2021641 |
Source Port: | 49734 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249748802025381 11/24/22-19:55:53.130311 |
SID: | 2025381 |
Source Port: | 49748 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249715802825766 11/24/22-19:54:47.405096 |
SID: | 2825766 |
Source Port: | 49715 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249732802021641 11/24/22-19:55:21.169470 |
SID: | 2021641 |
Source Port: | 49732 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249709802021641 11/24/22-19:54:33.518227 |
SID: | 2021641 |
Source Port: | 49709 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249755802024318 11/24/22-19:56:06.881877 |
SID: | 2024318 |
Source Port: | 49755 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249741802025381 11/24/22-19:55:39.990050 |
SID: | 2025381 |
Source Port: | 49741 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249755802024313 11/24/22-19:56:06.881877 |
SID: | 2024313 |
Source Port: | 49755 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249723802825766 11/24/22-19:55:01.692450 |
SID: | 2825766 |
Source Port: | 49723 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.865044532014169 11/24/22-19:55:27.077654 |
SID: | 2014169 |
Source Port: | 65044 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249726802021641 11/24/22-19:55:07.738200 |
SID: | 2021641 |
Source Port: | 49726 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249718802025381 11/24/22-19:54:50.807735 |
SID: | 2025381 |
Source Port: | 49718 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249727802024313 11/24/22-19:55:09.788187 |
SID: | 2024313 |
Source Port: | 49727 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249750802024313 11/24/22-19:55:57.329298 |
SID: | 2024313 |
Source Port: | 49750 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249727802024318 11/24/22-19:55:09.788187 |
SID: | 2024318 |
Source Port: | 49727 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249700802025381 11/24/22-19:54:18.249997 |
SID: | 2025381 |
Source Port: | 49700 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249733802024313 11/24/22-19:55:23.201569 |
SID: | 2024313 |
Source Port: | 49733 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497472025483 11/24/22-19:55:52.860690 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49747 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.856086532014169 11/24/22-19:55:05.605111 |
SID: | 2014169 |
Source Port: | 56086 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249728802825766 11/24/22-19:55:11.780324 |
SID: | 2825766 |
Source Port: | 49728 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249733802024318 11/24/22-19:55:23.201569 |
SID: | 2024318 |
Source Port: | 49733 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497502025483 11/24/22-19:55:59.104900 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49750 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249734802025381 11/24/22-19:55:25.189583 |
SID: | 2025381 |
Source Port: | 49734 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249742802024318 11/24/22-19:55:40.973542 |
SID: | 2024318 |
Source Port: | 49742 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497532025483 11/24/22-19:56:04.545301 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49753 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497182025483 11/24/22-19:54:52.477982 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49718 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249751802024313 11/24/22-19:55:59.376338 |
SID: | 2024313 |
Source Port: | 49751 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.860690532014169 11/24/22-19:56:01.353337 |
SID: | 2014169 |
Source Port: | 60690 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249748802024313 11/24/22-19:55:53.130311 |
SID: | 2024313 |
Source Port: | 49748 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249701802825766 11/24/22-19:54:22.087876 |
SID: | 2825766 |
Source Port: | 49701 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.854903532014169 11/24/22-19:54:50.721248 |
SID: | 2014169 |
Source Port: | 54903 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249743802025381 11/24/22-19:55:42.875605 |
SID: | 2025381 |
Source Port: | 49743 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249742802024313 11/24/22-19:55:40.973542 |
SID: | 2024313 |
Source Port: | 49742 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497152025483 11/24/22-19:54:48.216785 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49715 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249736802021641 11/24/22-19:55:29.163584 |
SID: | 2021641 |
Source Port: | 49736 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249739802024313 11/24/22-19:55:35.259290 |
SID: | 2024313 |
Source Port: | 49739 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249739802024318 11/24/22-19:55:35.259290 |
SID: | 2024318 |
Source Port: | 49739 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249745802021641 11/24/22-19:55:47.082758 |
SID: | 2021641 |
Source Port: | 49745 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249748802024318 11/24/22-19:55:53.130311 |
SID: | 2024318 |
Source Port: | 49748 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680496992025483 11/24/22-19:54:17.569674 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49699 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497102025483 11/24/22-19:54:37.501776 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49710 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497122025483 11/24/22-19:54:42.610242 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49712 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.856547532014169 11/24/22-19:55:07.655761 |
SID: | 2014169 |
Source Port: | 56547 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249714802024313 11/24/22-19:54:45.091814 |
SID: | 2024313 |
Source Port: | 49714 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249720802021641 11/24/22-19:54:54.960633 |
SID: | 2021641 |
Source Port: | 49720 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249714802024318 11/24/22-19:54:45.091814 |
SID: | 2024318 |
Source Port: | 49714 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249725802025381 11/24/22-19:55:05.694279 |
SID: | 2025381 |
Source Port: | 49725 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249702802021641 11/24/22-19:54:25.054966 |
SID: | 2021641 |
Source Port: | 49702 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249711802021641 11/24/22-19:54:38.624655 |
SID: | 2021641 |
Source Port: | 49711 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.859504532014169 11/24/22-19:54:40.838615 |
SID: | 2014169 |
Source Port: | 59504 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249716802025381 11/24/22-19:54:48.704817 |
SID: | 2025381 |
Source Port: | 49716 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249698802021641 11/24/22-19:54:13.981663 |
SID: | 2021641 |
Source Port: | 49698 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249729802024318 11/24/22-19:55:13.852615 |
SID: | 2024318 |
Source Port: | 49729 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249700802024318 11/24/22-19:54:18.249997 |
SID: | 2024318 |
Source Port: | 49700 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249715802025381 11/24/22-19:54:47.405096 |
SID: | 2025381 |
Source Port: | 49715 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249723802024318 11/24/22-19:55:01.692450 |
SID: | 2024318 |
Source Port: | 49723 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249729802024313 11/24/22-19:55:13.852615 |
SID: | 2024313 |
Source Port: | 49729 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249723802024313 11/24/22-19:55:01.692450 |
SID: | 2024313 |
Source Port: | 49723 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.852556532014169 11/24/22-19:54:56.722023 |
SID: | 2014169 |
Source Port: | 52556 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249741802024318 11/24/22-19:55:39.990050 |
SID: | 2024318 |
Source Port: | 49741 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249749802825766 11/24/22-19:55:55.139215 |
SID: | 2825766 |
Source Port: | 49749 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249741802024313 11/24/22-19:55:39.990050 |
SID: | 2024313 |
Source Port: | 49741 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249700802024313 11/24/22-19:54:18.249997 |
SID: | 2024313 |
Source Port: | 49700 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497202025483 11/24/22-19:54:56.488535 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49720 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249718802021641 11/24/22-19:54:50.807735 |
SID: | 2021641 |
Source Port: | 49718 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249701802021641 11/24/22-19:54:22.087876 |
SID: | 2021641 |
Source Port: | 49701 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497482025483 11/24/22-19:55:54.888388 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49748 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249720802825766 11/24/22-19:54:54.960633 |
SID: | 2825766 |
Source Port: | 49720 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.853107532014169 11/24/22-19:54:21.991089 |
SID: | 2014169 |
Source Port: | 53107 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249702802825766 11/24/22-19:54:25.054966 |
SID: | 2825766 |
Source Port: | 49702 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249744802025381 11/24/22-19:55:45.028740 |
SID: | 2025381 |
Source Port: | 49744 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497512025483 11/24/22-19:56:01.147373 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49751 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249730802021641 11/24/22-19:55:16.067382 |
SID: | 2021641 |
Source Port: | 49730 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249743802825766 11/24/22-19:55:42.875605 |
SID: | 2825766 |
Source Port: | 49743 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249710802024318 11/24/22-19:54:35.914327 |
SID: | 2024318 |
Source Port: | 49710 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249724802825766 11/24/22-19:55:03.741584 |
SID: | 2825766 |
Source Port: | 49724 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249727802825766 11/24/22-19:55:09.788187 |
SID: | 2825766 |
Source Port: | 49727 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497452025483 11/24/22-19:55:48.824554 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49745 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249713802024318 11/24/22-19:54:43.021097 |
SID: | 2024318 |
Source Port: | 49713 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249710802024313 11/24/22-19:54:35.914327 |
SID: | 2024313 |
Source Port: | 49710 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249718802825766 11/24/22-19:54:50.807735 |
SID: | 2825766 |
Source Port: | 49718 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497092025483 11/24/22-19:54:35.412652 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49709 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497232025483 11/24/22-19:55:03.460307 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49723 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249697802024312 11/24/22-19:54:11.348011 |
SID: | 2024312 |
Source Port: | 49697 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249707802024313 11/24/22-19:54:31.276699 |
SID: | 2024313 |
Source Port: | 49707 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.862520532014169 11/24/22-19:55:15.969759 |
SID: | 2014169 |
Source Port: | 62520 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.68.8.8.857322532014169 11/24/22-19:55:39.901358 |
SID: | 2014169 |
Source Port: | 57322 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249713802024313 11/24/22-19:54:43.021097 |
SID: | 2024313 |
Source Port: | 49713 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249697802024317 11/24/22-19:54:11.348011 |
SID: | 2024317 |
Source Port: | 49697 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497262025483 11/24/22-19:55:09.535230 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49726 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249707802024318 11/24/22-19:54:31.276699 |
SID: | 2024318 |
Source Port: | 49707 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249746802021641 11/24/22-19:55:49.078874 |
SID: | 2021641 |
Source Port: | 49746 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.680497012025483 11/24/22-19:54:23.783923 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49701 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249733802825766 11/24/22-19:55:23.201569 |
SID: | 2825766 |
Source Port: | 49733 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249752802021641 11/24/22-19:56:01.434635 |
SID: | 2021641 |
Source Port: | 49752 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249730802825766 11/24/22-19:55:16.067382 |
SID: | 2825766 |
Source Port: | 49730 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249732802024313 11/24/22-19:55:21.169470 |
SID: | 2024313 |
Source Port: | 49732 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249726802024318 11/24/22-19:55:07.738200 |
SID: | 2024318 |
Source Port: | 49726 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249753802025381 11/24/22-19:56:03.443038 |
SID: | 2025381 |
Source Port: | 49753 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249732802024318 11/24/22-19:55:21.169470 |
SID: | 2024318 |
Source Port: | 49732 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249705802825766 11/24/22-19:54:27.228813 |
SID: | 2825766 |
Source Port: | 49705 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249746802825766 11/24/22-19:55:49.078874 |
SID: | 2825766 |
Source Port: | 49746 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249755802021641 11/24/22-19:56:06.881877 |
SID: | 2021641 |
Source Port: | 49755 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249747802025381 11/24/22-19:55:51.131718 |
SID: | 2025381 |
Source Port: | 49747 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249699802025381 11/24/22-19:54:15.956073 |
SID: | 2025381 |
Source Port: | 49699 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249726802024313 11/24/22-19:55:07.738200 |
SID: | 2024313 |
Source Port: | 49726 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249749802021641 11/24/22-19:55:55.139215 |
SID: | 2021641 |
Source Port: | 49749 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249698802825766 11/24/22-19:54:13.981663 |
SID: | 2825766 |
Source Port: | 49698 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249727802021641 11/24/22-19:55:09.788187 |
SID: | 2021641 |
Source Port: | 49727 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.68.8.8.852715532014169 11/24/22-19:56:06.802187 |
SID: | 2014169 |
Source Port: | 52715 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.68.8.8.852079532014169 11/24/22-19:55:21.075805 |
SID: | 2014169 |
Source Port: | 52079 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.68.8.8.861833532014169 11/24/22-19:55:25.100624 |
SID: | 2014169 |
Source Port: | 61833 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.695.213.216.20249706802025381 11/24/22-19:54:29.062049 |
SID: | 2025381 |
Source Port: | 49706 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249733802021641 11/24/22-19:55:23.201569 |
SID: | 2021641 |
Source Port: | 49733 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249751802024318 11/24/22-19:55:59.376338 |
SID: | 2024318 |
Source Port: | 49751 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249752802825766 11/24/22-19:56:01.434635 |
SID: | 2825766 |
Source Port: | 49752 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249712802025381 11/24/22-19:54:40.926341 |
SID: | 2025381 |
Source Port: | 49712 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.695.213.216.20249711802825766 11/24/22-19:54:38.624655 |
SID: | 2825766 |
Source Port: | 49711 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
AV Detection |
---|
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link |
Source: | Avira URL Cloud: |
Source: | Virustotal: | Perma Link | ||
Source: | Virustotal: | Perma Link |
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link |
Source: | Joe Sandbox ML: |
Source: | Malware Configuration Extractor: |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: |
Source: | Code function: | 0_2_00405620 | |
Source: | Code function: | 0_2_00405FF6 | |
Source: | Code function: | 0_2_00402654 | |
Source: | Code function: | 1_2_004049D0 | |
Source: | Code function: | 1_2_00405030 | |
Source: | Code function: | 1_2_00431227 | |
Source: | Code function: | 1_2_004315E3 | |
Source: | Code function: | 3_2_00403D74 |
Networking |
---|
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | URLs: | ||
Source: | URLs: | ||
Source: | URLs: | ||
Source: | URLs: |
Source: | ASN Name: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | Code function: | 3_2_00404ED4 |
Source: | Code function: | 0_2_00405125 |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Static PE information: |
Source: | Static file information: |
Source: | Static PE information: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Code function: | 0_2_0040324F |
Source: | Code function: | 0_2_00406333 | |
Source: | Code function: | 0_2_00404936 | |
Source: | Code function: | 1_2_004064B0 | |
Source: | Code function: | 1_2_00420069 | |
Source: | Code function: | 1_2_004420D3 | |
Source: | Code function: | 1_2_004202DD | |
Source: | Code function: | 1_2_00420542 | |
Source: | Code function: | 1_2_0043A760 | |
Source: | Code function: | 1_2_004027E0 | |
Source: | Code function: | 1_2_004207A7 | |
Source: | Code function: | 1_2_00420A1B | |
Source: | Code function: | 1_2_0043AC80 | |
Source: | Code function: | 1_2_0040CD62 | |
Source: | Code function: | 1_2_0043B0B0 | |
Source: | Code function: | 1_2_0041F0BA | |
Source: | Code function: | 1_2_0040B201 | |
Source: | Code function: | 1_2_0041F2EC | |
Source: | Code function: | 1_2_00439397 | |
Source: | Code function: | 1_2_0041F52D | |
Source: | Code function: | 1_2_0041F75F | |
Source: | Code function: | 1_2_0043B776 | |
Source: | Code function: | 1_2_0041F991 | |
Source: | Code function: | 1_2_00443AF2 | |
Source: | Code function: | 1_2_0041FBD2 | |
Source: | Code function: | 1_2_00435BDC | |
Source: | Code function: | 1_2_0041FE04 | |
Source: | Code function: | 1_2_00441FB3 | |
Source: | Code function: | 3_2_0040549C | |
Source: | Code function: | 3_2_004029D4 |
Source: | ReversingLabs: | ||
Source: | Virustotal: |
Source: | File read: | Jump to behavior |
Source: | Static PE information: |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Code function: | 3_2_0040650A |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Classification label: |
Source: | Code function: | 0_2_00402036 |
Source: | File read: | Jump to behavior |
Source: | Code function: | 0_2_004043F5 |
Source: | Binary or memory string: |
Source: | Code function: | 1_2_00404110 |
Source: | Mutant created: | ||
Source: | Mutant created: |
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Binary string: | ||
Source: | Binary string: |
Data Obfuscation |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Code function: | 1_2_0042E035 | |
Source: | Code function: | 1_2_00408263 | |
Source: | Code function: | 1_2_00444D6E | |
Source: | Code function: | 1_2_0042943E | |
Source: | Code function: | 3_2_00402AD4 | |
Source: | Code function: | 3_2_00402AFC |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | Thread sleep time: | Jump to behavior |
Source: | Last function: |
Source: | API coverage: |
Source: | Code function: | 0_2_00405620 | |
Source: | Code function: | 0_2_00405FF6 | |
Source: | Code function: | 0_2_00402654 | |
Source: | Code function: | 1_2_004049D0 | |
Source: | Code function: | 1_2_00405030 | |
Source: | Code function: | 1_2_00431227 | |
Source: | Code function: | 1_2_004315E3 | |
Source: | Code function: | 3_2_00403D74 |
Source: | Thread delayed: | Jump to behavior |
Source: | API call chain: | graph_0-3335 | ||
Source: | API call chain: | graph_1-37775 |
Source: | Code function: | 1_2_00430A14 |
Source: | Code function: | 1_2_00436D8B |
Source: | Process token adjusted: | Jump to behavior |
Source: | Code function: | 1_2_00428A12 | |
Source: | Code function: | 1_2_00428AA0 | |
Source: | Code function: | 1_2_00433950 | |
Source: | Code function: | 1_2_0043390D | |
Source: | Code function: | 1_2_004339EE | |
Source: | Code function: | 1_2_00433993 | |
Source: | Code function: | 1_2_00433AF8 | |
Source: | Code function: | 1_2_00433AB4 | |
Source: | Code function: | 1_2_00433B6D | |
Source: | Code function: | 1_2_00433B3C | |
Source: | Code function: | 3_2_0040317B |
Source: | Code function: | 1_2_0040812D | |
Source: | Code function: | 1_2_004085D0 | |
Source: | Code function: | 1_2_0042BE3E | |
Source: | Code function: | 1_2_00407F97 |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | Section loaded: | Jump to behavior |
Source: | Process created: | Jump to behavior |
Source: | Code function: | 1_2_00436171 | |
Source: | Code function: | 1_2_0042C1E7 | |
Source: | Code function: | 1_2_0042C370 | |
Source: | Code function: | 1_2_0042C378 | |
Source: | Code function: | 1_2_0042C33E | |
Source: | Code function: | 1_2_0043647C | |
Source: | Code function: | 1_2_00436413 | |
Source: | Code function: | 1_2_00436517 | |
Source: | Code function: | 1_2_004365A2 | |
Source: | Code function: | 1_2_004367F5 | |
Source: | Code function: | 1_2_0043691B | |
Source: | Code function: | 1_2_00436A21 | |
Source: | Code function: | 1_2_00436AF0 | |
Source: | Code function: | 1_2_0042CC9F |
Source: | Code function: | 1_2_004083E2 |
Source: | Key value queried: | Jump to behavior |
Source: | Code function: | 1_2_0042CCDE |
Source: | Code function: | 0_2_0040324F |
Source: | Code function: | 3_2_00406069 |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Code function: | 3_2_0040D069 | |
Source: | Code function: | 3_2_0040D069 |
Source: | File opened: | Jump to behavior |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Access Token Manipulation | 1 Masquerading | 2 OS Credential Dumping | 1 System Time Discovery | Remote Services | 1 Email Collection | Exfiltration Over Other Network Medium | 1 Encrypted Channel | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | 1 System Shutdown/Reboot |
Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 111 Process Injection | 11 Virtualization/Sandbox Evasion | 2 Credentials in Registry | 12 Security Software Discovery | Remote Desktop Protocol | 1 Archive Collected Data | Exfiltration Over Bluetooth | 1 Ingress Tool Transfer | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | 1 Access Token Manipulation | Security Account Manager | 11 Virtualization/Sandbox Evasion | SMB/Windows Admin Shares | 2 Data from Local System | Automated Exfiltration | 2 Non-Application Layer Protocol | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | 111 Process Injection | NTDS | 1 Account Discovery | Distributed Component Object Model | 1 Clipboard Data | Scheduled Transfer | 112 Application Layer Protocol | SIM Card Swap | Carrier Billing Fraud | |
Cloud Accounts | Cron | Network Logon Script | Network Logon Script | 1 Deobfuscate/Decode Files or Information | LSA Secrets | 1 System Owner/User Discovery | SSH | Keylogging | Data Transfer Size Limits | Fallback Channels | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
Replication Through Removable Media | Launchd | Rc.common | Rc.common | 2 Obfuscated Files or Information | Cached Domain Credentials | 1 Remote System Discovery | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
External Remote Services | Scheduled Task | Startup Items | Startup Items | Compile After Delivery | DCSync | 2 File and Directory Discovery | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact | |
Drive-by Compromise | Command and Scripting Interpreter | Scheduled Task/Job | Scheduled Task/Job | Indicator Removal from Tools | Proc Filesystem | 26 System Information Discovery | Shared Webroot | Credential API Hooking | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Application Layer Protocol | Downgrade to Insecure Protocols | Generate Fraudulent Advertising Revenue |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
35% | ReversingLabs | Win32.Trojan.FormBook | ||
42% | Virustotal | Browse | ||
100% | Joe Sandbox ML |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
50% | ReversingLabs | Win32.Trojan.FormBook | ||
23% | Virustotal | Browse | ||
50% | ReversingLabs | Win32.Trojan.FormBook | ||
23% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link | Download |
---|---|---|---|---|---|
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | HEUR/AGEN.1223491 | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | HEUR/AGEN.1223491 | Download File |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
25% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
100% | Avira URL Cloud | malware | ||
26% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
sempersim.su | 95.213.216.202 | true | true |
| unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
95.213.216.202 | sempersim.su | Russian Federation | 49505 | SELECTELRU | true |
IP |
---|
192.168.2.1 |
Joe Sandbox Version: | 36.0.0 Rainbow Opal |
Analysis ID: | 753423 |
Start date and time: | 2022-11-24 19:53:07 +01:00 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 7m 6s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | Payment_copy28476450.exe |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Number of analysed new started processes analysed: | 15 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal100.troj.spyw.evad.winEXE@6/7@55/2 |
EGA Information: |
|
HDC Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SgrmBroker.exe, conhost.exe, svchost.exe
- Excluded domains from analysis (whitelisted): www.bing.com, fs.microsoft.com, ctldl.windowsupdate.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtDeviceIoControlFile calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
Time | Type | Description |
---|---|---|
19:54:17 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
95.213.216.202 | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
sempersim.su | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
SELECTELRU | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
Process: | C:\Users\user\Desktop\Payment_copy28476450.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 459450 |
Entropy (8bit): | 7.057848521690541 |
Encrypted: | false |
SSDEEP: | 12288:JxcTxTkKZ9roe9deAwRxFMCgRlXXLRLh7mgb1xuuu9toBdmqQGMZRUuJ5:ATxTkQEweAwbqD7vb1xuuu9Edmdl |
MD5: | DAEA903CE6FBB92BF4BE14AEC7489613 |
SHA1: | 21872C93628D5B4715A9876332090C3D0EE03E66 |
SHA-256: | 97CE6EB441A34EBEE7864B4B0E99939D7D773AC7FC416B27F1F72413061944B3 |
SHA-512: | 9D6B3DAEC38C534A73F91BD26D71D77E3FAD8A21CED7817D9A9CDC5F991503AE348B728D6D9E1257D2D85B9137D33E59D2592EE1E9CABD920BB64FFE8F88D3D5 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Users\user\Desktop\Payment_copy28476450.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 106496 |
Entropy (8bit): | 7.955523846750811 |
Encrypted: | false |
SSDEEP: | 3072:wjajJkiH9OPjfkivvicRevZjOqhaMItCzjriqZTa5apaaaaaaaaaaaaaaaaaaaal:Q7fk2evZCqhadZqZ1 |
MD5: | B12381A247D8454C152B69D13B35EC05 |
SHA1: | 347BDD9D8F6E96C6912DC56198BD5038969C41AC |
SHA-256: | 1B9C40C7751E34B3A3DD0658B3F1DAC5AA39D85D50D3F02CDAA555220228193E |
SHA-512: | AD79AC16823D14CD07EF1C74C2933B3D1FB15D4C1F22416FCBC0F25E6C087E8C5F3BBD63E393D9B07DCAD185A51D3457F818C56B95CAD074365D8B2CA11D64D8 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Users\user\Desktop\Payment_copy28476450.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 5655 |
Entropy (8bit): | 6.234833362351721 |
Encrypted: | false |
SSDEEP: | 96:4HXF/taUEVYCVmNFHILHl95DTMQUTPENeG2O3VyKbaj9XPlP:w1/tNECRKZTtkG2W8fP |
MD5: | 8C23AB33C072F31910D8126FE29420D7 |
SHA1: | 19752AC35C502F4CD5BB55D3DB4ACE8FD00C0767 |
SHA-256: | 0C6033793464A7C0D79F2A402CC4DCF821B8C633371B4D676BA18F21FCB3376F |
SHA-512: | 612E97ABC1D02F74E9334D2D37A0193C974D6BEFB86E3A578AC2BE71AA6B56331F3F24F69EC9953B525AAD39EFE6376563C8BDAFAA552A936582613BDBCC7099 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Users\user\Desktop\Payment_copy28476450.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 340992 |
Entropy (8bit): | 6.549726242729774 |
Encrypted: | false |
SSDEEP: | 6144:Qoe9deNmwPG6xFMCgRlXXLRLh7mzMb1iRWuuu9toDVdmqQL17EMRvM/gRUuJ5dX:Qoe9deAwRxFMCgRlXXLRLh7mgb1xuuuz |
MD5: | 3182BEF520A1E9F52BE3755C25E4C3B0 |
SHA1: | 1829DD90A63BF67DCEB3F6CC41C8AACE8E7E31AD |
SHA-256: | E7ECA366A9467420BA42645AAC451E02D0F009C6F6DFE3A47349510DE0BBFB96 |
SHA-512: | BDC8E908D5BCDD52CCF880D11D863D76EE28D9201C51972CD547E94887E32BA986329D5C7615FBB1F01E8E2AF5123E419A411DFAADD8B9B5A2D8E586C947E962 |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 340992 |
Entropy (8bit): | 6.549726242729774 |
Encrypted: | false |
SSDEEP: | 6144:Qoe9deNmwPG6xFMCgRlXXLRLh7mzMb1iRWuuu9toDVdmqQL17EMRvM/gRUuJ5dX:Qoe9deAwRxFMCgRlXXLRLh7mgb1xuuuz |
MD5: | 3182BEF520A1E9F52BE3755C25E4C3B0 |
SHA1: | 1829DD90A63BF67DCEB3F6CC41C8AACE8E7E31AD |
SHA-256: | E7ECA366A9467420BA42645AAC451E02D0F009C6F6DFE3A47349510DE0BBFB96 |
SHA-512: | BDC8E908D5BCDD52CCF880D11D863D76EE28D9201C51972CD547E94887E32BA986329D5C7615FBB1F01E8E2AF5123E419A411DFAADD8B9B5A2D8E586C947E962 |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:U:U |
MD5: | C4CA4238A0B923820DCC509A6F75849B |
SHA1: | 356A192B7913B04C54574D18C28D46E6395428AB |
SHA-256: | 6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B |
SHA-512: | 4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\21c8026919fd094ab07ec3c180a9f210_d06ed635-68f6-4e9a-955c-4899f5f57b9a
Download File
Process: | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 49 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:: |
MD5: | 884BB48A55DA67B4812805CB8905277D |
SHA1: | 6B3D33E00F5B9DEAE2826F80644CB4F6E78B7401 |
SHA-256: | 78877FA898F0B4C45C9C33AE941E40617AD7C8657A307DB62BC5691F92F4F60E |
SHA-512: | 989A38778FC961EB2C79E70621EABFB4B22D6537F08A71359B27AF495646E304EE252A523769F66B75BC2FAF546ACB22A71B358B51221174AC0D964DA7A62821 |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 7.918853891717431 |
TrID: |
|
File name: | Payment_copy28476450.exe |
File size: | 247655 |
MD5: | 70e90926399154c2708801a73cf53d99 |
SHA1: | 0eaff8f1cde17a392d9e7935bae96f21c91acc3c |
SHA256: | c36de6d07a8ce4407cb59a275dbf8c04d05844903bb6d566f295ccd13a2d4ce6 |
SHA512: | a6256e11df089a3063738ca0e36eca4ca89ed89ac7530a83394aa1864ba392e87318270529d04b1c72fa0d2cb392ba8c66ebedca335af82ec8fe124814ec9cab |
SSDEEP: | 6144:QBn1WN747c5LFA0rw3gw8QXRq+/lp7q76lS:gWZ4wa8QXRq+/Pe76lS |
TLSH: | F434126B32F09476F961057099B3A657EBFA9300455813474BC7CFBBADB06C2CE8A172 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........3(..RF..RF..RF.*]...RF..RG.pRF.*]...RF..qv..RF..T@..RF.Rich.RF.........................PE..L...ly.V.................^......... |
Icon Hash: | b2a88c96b2ca6a72 |
Entrypoint: | 0x40324f |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE |
DLL Characteristics: | TERMINAL_SERVER_AWARE |
Time Stamp: | 0x567F796C [Sun Dec 27 05:38:52 2015 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | ab6770b0a8635b9d92a5838920cfe770 |
Instruction |
---|
sub esp, 00000180h |
push ebx |
push ebp |
push esi |
push edi |
xor ebx, ebx |
push 00008001h |
mov dword ptr [esp+1Ch], ebx |
mov dword ptr [esp+14h], 00409130h |
xor esi, esi |
mov byte ptr [esp+18h], 00000020h |
call dword ptr [004070B8h] |
call dword ptr [004070B4h] |
cmp ax, 00000006h |
je 00007FDE449C9A73h |
push ebx |
call 00007FDE449CC861h |
cmp eax, ebx |
je 00007FDE449C9A69h |
push 00000C00h |
call eax |
push 004091E0h |
call 00007FDE449CC7E2h |
push 004091D8h |
call 00007FDE449CC7D8h |
push 004091CCh |
call 00007FDE449CC7CEh |
push 0000000Dh |
call 00007FDE449CC831h |
push 0000000Bh |
call 00007FDE449CC82Ah |
mov dword ptr [00423F84h], eax |
call dword ptr [00407034h] |
push ebx |
call dword ptr [00407270h] |
mov dword ptr [00424038h], eax |
push ebx |
lea eax, dword ptr [esp+34h] |
push 00000160h |
push eax |
push ebx |
push 0041F538h |
call dword ptr [00407160h] |
push 004091C0h |
push 00423780h |
call 00007FDE449CC461h |
call dword ptr [004070B0h] |
mov ebp, 0042A000h |
push eax |
push ebp |
call 00007FDE449CC44Fh |
push ebx |
call dword ptr [00407144h] |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x73cc | 0xa0 | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x2d000 | 0x9e0 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x7000 | 0x280 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x5c4a | 0x5e00 | False | 0.659906914893617 | data | 6.410763775060762 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x7000 | 0x115e | 0x1200 | False | 0.4466145833333333 | data | 5.142548180775325 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0x9000 | 0x1b078 | 0x600 | False | 0.455078125 | data | 4.2252195571372315 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.ndata | 0x25000 | 0x8000 | 0x0 | False | 0 | empty | 0.0 | IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0x2d000 | 0x9e0 | 0xa00 | False | 0.45625 | data | 4.509328731926377 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country |
---|---|---|---|---|---|
RT_ICON | 0x2d190 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 640 | English | United States |
RT_DIALOG | 0x2d478 | 0x100 | data | English | United States |
RT_DIALOG | 0x2d578 | 0x11c | data | English | United States |
RT_DIALOG | 0x2d698 | 0x60 | data | English | United States |
RT_GROUP_ICON | 0x2d6f8 | 0x14 | data | English | United States |
RT_MANIFEST | 0x2d710 | 0x2cc | XML 1.0 document, ASCII text, with very long lines (716), with no line terminators | English | United States |
DLL | Import |
---|---|
KERNEL32.dll | SetFileAttributesA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CompareFileTime, SearchPathA, Sleep, GetTickCount, CreateFileA, GetFileSize, GetModuleFileNameA, GetCurrentProcess, CopyFileA, CreateDirectoryA, lstrcmpiA, GetTempPathA, GetCommandLineA, GetVersion, SetErrorMode, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, LoadLibraryA, SetFileTime, CloseHandle, GlobalFree, lstrcmpA, ExpandEnvironmentStringsA, GetExitCodeProcess, GlobalAlloc, WaitForSingleObject, ExitProcess, GetWindowsDirectoryA, GetProcAddress, FindFirstFileA, FindNextFileA, DeleteFileA, SetFilePointer, ReadFile, FindClose, GetPrivateProfileStringA, WritePrivateProfileStringA, WriteFile, MulDiv, LoadLibraryExA, GetModuleHandleA, MultiByteToWideChar, FreeLibrary |
USER32.dll | GetWindowRect, EnableMenuItem, GetSystemMenu, ScreenToClient, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetForegroundWindow, PostQuitMessage, RegisterClassA, EndDialog, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxIndirectA, CharPrevA, DispatchMessageA, PeekMessageA, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, ExitWindowsEx, DestroyWindow, OpenClipboard, TrackPopupMenu, SendMessageTimeoutA, GetDC, LoadImageA, GetDlgItem, FindWindowExA, IsWindow, SetClipboardData, SetWindowLongA, EmptyClipboard, SetTimer, CreateDialogParamA, wsprintfA, ShowWindow, SetWindowTextA |
GDI32.dll | SelectObject, SetBkMode, CreateFontIndirectA, SetTextColor, DeleteObject, GetDeviceCaps, CreateBrushIndirect, SetBkColor |
SHELL32.dll | SHGetSpecialFolderLocation, SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA |
ADVAPI32.dll | RegDeleteValueA, SetFileSecurityA, RegOpenKeyExA, RegDeleteKeyA, RegEnumValueA, RegCloseKey, RegCreateKeyExA, RegSetValueExA, RegQueryValueExA, RegEnumKeyA |
COMCTL32.dll | ImageList_Create, ImageList_Destroy, ImageList_AddMasked |
ole32.dll | OleUninitialize, OleInitialize, CoTaskMemFree, CoCreateInstance |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | United States |
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
192.168.2.695.213.216.20249737802025381 11/24/22-19:55:31.199874 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49737 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249748802021641 11/24/22-19:55:53.130311 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49748 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249750802825766 11/24/22-19:55:57.329298 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49750 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249751802021641 11/24/22-19:55:59.376338 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49751 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.859881532014169 11/24/22-19:55:09.708351 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 59881 | 53 | 192.168.2.6 | 8.8.8.8 |
95.213.216.202192.168.2.680497332025483 11/24/22-19:55:24.906100 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49733 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497352025483 11/24/22-19:55:28.867256 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49735 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249736802024318 11/24/22-19:55:29.163584 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49736 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497372025483 11/24/22-19:55:32.908191 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49737 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497392025483 11/24/22-19:55:36.924861 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49739 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249754802024318 11/24/22-19:56:04.818902 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49754 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249736802024313 11/24/22-19:55:29.163584 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49736 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.856122532014169 11/24/22-19:54:54.866804 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 56122 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249754802024313 11/24/22-19:56:04.818902 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49754 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249711802024313 11/24/22-19:54:38.624655 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49711 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249705802021641 11/24/22-19:54:27.228813 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49705 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249719802025381 11/24/22-19:54:53.033944 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49719 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249729802825766 11/24/22-19:55:13.852615 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49729 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249722802025381 11/24/22-19:54:59.769485 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49722 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249747802825766 11/24/22-19:55:51.131718 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49747 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249711802024318 11/24/22-19:54:38.624655 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49711 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249740802025381 11/24/22-19:55:37.776321 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49740 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249750802025381 11/24/22-19:55:57.329298 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49750 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249737802825766 11/24/22-19:55:31.199874 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49737 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249714802825766 11/24/22-19:54:45.091814 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49714 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.850343532014169 11/24/22-19:55:13.761219 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 50343 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249741802021641 11/24/22-19:55:39.990050 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49741 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249709802025381 11/24/22-19:54:33.518227 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49709 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249723802021641 11/24/22-19:55:01.692450 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49723 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249727802025381 11/24/22-19:55:09.788187 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49727 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249700802021641 11/24/22-19:54:18.249997 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49700 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.856569532014169 11/24/22-19:55:23.105213 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 56569 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249719802825766 11/24/22-19:54:53.033944 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49719 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249732802825766 11/24/22-19:55:21.169470 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49732 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.853943532014169 11/24/22-19:55:03.645658 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53943 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249755802025381 11/24/22-19:56:06.881877 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49755 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.855629532014169 11/24/22-19:55:19.049102 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 55629 | 53 | 192.168.2.6 | 8.8.8.8 |
95.213.216.202192.168.2.680497312025483 11/24/22-19:55:20.867899 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49731 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249755802825766 11/24/22-19:56:06.881877 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49755 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249701802024313 11/24/22-19:54:22.087876 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49701 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249732802025381 11/24/22-19:55:21.169470 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49732 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.860130532014169 11/24/22-19:55:57.225226 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60130 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249718802024313 11/24/22-19:54:50.807735 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49718 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249701802024318 11/24/22-19:54:22.087876 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49701 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249699802024318 11/24/22-19:54:15.956073 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49699 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497402025483 11/24/22-19:55:39.709470 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49740 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497422025483 11/24/22-19:55:42.590814 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49742 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249718802024318 11/24/22-19:54:50.807735 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49718 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249699802024313 11/24/22-19:54:15.956073 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49699 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249702802025381 11/24/22-19:54:25.054966 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49702 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.861609532014169 11/24/22-19:54:59.613442 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 61609 | 53 | 192.168.2.6 | 8.8.8.8 |
95.213.216.202192.168.2.680497282025483 11/24/22-19:55:13.560423 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49728 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249710802021641 11/24/22-19:54:35.914327 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49710 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249716802024318 11/24/22-19:54:48.704817 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49716 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.862958532014169 11/24/22-19:55:40.875534 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 62958 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.68.8.8.864382532014169 11/24/22-19:54:15.835585 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 64382 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249716802024313 11/24/22-19:54:48.704817 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49716 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249707802021641 11/24/22-19:54:31.276699 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49707 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249739802825766 11/24/22-19:55:35.259290 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49739 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497242025483 11/24/22-19:55:05.403255 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49724 | 95.213.216.202 | 192.168.2.6 |
192.168.2.68.8.8.849232532014169 11/24/22-19:55:31.114753 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 49232 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.68.8.8.862848532014169 11/24/22-19:55:44.925533 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 62848 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249713802021641 11/24/22-19:54:43.021097 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49713 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249745802825766 11/24/22-19:55:47.082758 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49745 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249731802024318 11/24/22-19:55:19.158567 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49731 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249706802825766 11/24/22-19:54:29.062049 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49706 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249749802024313 11/24/22-19:55:55.139215 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49749 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249709802825766 11/24/22-19:54:33.518227 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49709 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249731802024313 11/24/22-19:55:19.158567 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49731 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249746802024313 11/24/22-19:55:49.078874 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49746 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249742802825766 11/24/22-19:55:40.973542 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49742 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249749802024318 11/24/22-19:55:55.139215 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49749 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497072025483 11/24/22-19:54:33.040572 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49707 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249712802825766 11/24/22-19:54:40.926341 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49712 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249752802024313 11/24/22-19:56:01.434635 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49752 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249746802024318 11/24/22-19:55:49.078874 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49746 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249752802024318 11/24/22-19:56:01.434635 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49752 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249728802021641 11/24/22-19:55:11.780324 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49728 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249743802021641 11/24/22-19:55:42.875605 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49743 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249738802024313 11/24/22-19:55:33.192742 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49738 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.862910532014169 11/24/22-19:54:44.985895 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 62910 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249724802025381 11/24/22-19:55:03.741584 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49724 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249738802024318 11/24/22-19:55:33.192742 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49738 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249740802825766 11/24/22-19:55:37.776321 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49740 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249744802024313 11/24/22-19:55:45.028740 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49744 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249697802825766 11/24/22-19:54:11.348011 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49697 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.856331532014169 11/24/22-19:54:31.195563 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 56331 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.68.8.8.849448532014169 11/24/22-19:54:35.800639 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 49448 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249744802024318 11/24/22-19:55:45.028740 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49744 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.856750532014169 11/24/22-19:56:03.361289 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 56750 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.68.8.8.850506532014169 11/24/22-19:54:33.429766 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 50506 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.68.8.8.859752532014169 11/24/22-19:55:35.135406 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 59752 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249721802021641 11/24/22-19:54:56.896268 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49721 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249729802025381 11/24/22-19:55:13.852615 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49729 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249698802025381 11/24/22-19:54:13.981663 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49698 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249730802025381 11/24/22-19:55:16.067382 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49730 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.862732532014169 11/24/22-19:55:59.286288 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 62732 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.68.8.8.859336532014169 11/24/22-19:56:04.733170 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 59336 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249734802825766 11/24/22-19:55:25.189583 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49734 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.865198532014169 11/24/22-19:54:42.928676 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65198 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249735802025381 11/24/22-19:55:27.170416 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49735 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497542025483 11/24/22-19:56:06.628427 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49754 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249715802021641 11/24/22-19:54:47.405096 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49715 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497192025483 11/24/22-19:54:54.654090 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49719 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497522025483 11/24/22-19:56:03.175717 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49752 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249753802825766 11/24/22-19:56:03.443038 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49753 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.851321532014169 11/24/22-19:55:51.025349 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 51321 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249697802025381 11/24/22-19:54:11.348011 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49697 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249707802825766 11/24/22-19:54:31.276699 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49707 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249744802825766 11/24/22-19:55:45.028740 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49744 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249749802025381 11/24/22-19:55:55.139215 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49749 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497162025483 11/24/22-19:54:50.512832 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49716 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497142025483 11/24/22-19:54:46.656019 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49714 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249754802021641 11/24/22-19:56:04.818902 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49754 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249705802024318 11/24/22-19:54:27.228813 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49705 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249710802025381 11/24/22-19:54:35.914327 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49710 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497112025483 11/24/22-19:54:39.580169 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49711 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497132025483 11/24/22-19:54:44.610304 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49713 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249735802825766 11/24/22-19:55:27.170416 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49735 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249752802025381 11/24/22-19:56:01.434635 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49752 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.862766532014169 11/24/22-19:55:55.046216 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 62766 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249705802024313 11/24/22-19:54:27.228813 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49705 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249710802825766 11/24/22-19:54:35.914327 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49710 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249707802025381 11/24/22-19:54:31.276699 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49707 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.864601532014169 11/24/22-19:54:24.912578 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 64601 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249706802024313 11/24/22-19:54:29.062049 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49706 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249735802021641 11/24/22-19:55:27.170416 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49735 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249706802024318 11/24/22-19:54:29.062049 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49706 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.852481532014169 11/24/22-19:55:01.607307 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 52481 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249726802825766 11/24/22-19:55:07.738200 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49726 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249754802825766 11/24/22-19:56:04.818902 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49754 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249733802025381 11/24/22-19:55:23.201569 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49733 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249753802021641 11/24/22-19:56:03.443038 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49753 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249724802024313 11/24/22-19:55:03.741584 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49724 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.864404532014169 11/24/22-19:55:42.774058 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 64404 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249726802025381 11/24/22-19:55:07.738200 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49726 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249747802024318 11/24/22-19:55:51.131718 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49747 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249725802825766 11/24/22-19:55:05.694279 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49725 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249712802021641 11/24/22-19:54:40.926341 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49712 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249747802024313 11/24/22-19:55:51.131718 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49747 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.852865532014169 11/24/22-19:55:37.629169 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 52865 | 53 | 192.168.2.6 | 8.8.8.8 |
95.213.216.202192.168.2.680497462025483 11/24/22-19:55:50.859980 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49746 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249699802021641 11/24/22-19:54:15.956073 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49699 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249724802024318 11/24/22-19:55:03.741584 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49724 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497552025483 11/24/22-19:56:08.689068 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49755 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249719802021641 11/24/22-19:54:53.033944 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49719 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497442025483 11/24/22-19:55:46.796463 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49744 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497272025483 11/24/22-19:55:11.470809 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49727 | 95.213.216.202 | 192.168.2.6 |
192.168.2.68.8.8.863863532014169 11/24/22-19:54:46.995919 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 63863 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249716802021641 11/24/22-19:54:48.704817 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49716 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249751802025381 11/24/22-19:55:59.376338 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49751 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249714802025381 11/24/22-19:54:45.091814 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49714 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249722802021641 11/24/22-19:54:59.769485 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49722 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497222025483 11/24/22-19:55:01.407205 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49722 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249720802025381 11/24/22-19:54:54.960633 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49720 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.853203532014169 11/24/22-19:54:18.123294 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53203 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249700802825766 11/24/22-19:54:18.249997 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49700 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249737802024318 11/24/22-19:55:31.199874 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49737 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249740802024313 11/24/22-19:55:37.776321 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49740 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249742802025381 11/24/22-19:55:40.973542 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49742 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497052025483 11/24/22-19:54:28.634655 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49705 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249731802021641 11/24/22-19:55:19.158567 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49731 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.857686532014169 11/24/22-19:54:13.553924 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57686 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.68.8.8.858595532014169 11/24/22-19:54:28.961973 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 58595 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249736802025381 11/24/22-19:55:29.163584 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49736 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249745802025381 11/24/22-19:55:47.082758 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49745 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.857515532014169 11/24/22-19:55:48.986225 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57515 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249734802024318 11/24/22-19:55:25.189583 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49734 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497002025483 11/24/22-19:54:20.029122 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49700 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249725802021641 11/24/22-19:55:05.694279 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49725 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249734802024313 11/24/22-19:55:25.189583 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49734 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249743802024318 11/24/22-19:55:42.875605 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49743 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249728802024318 11/24/22-19:55:11.780324 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49728 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249737802024313 11/24/22-19:55:31.199874 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49737 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249728802024313 11/24/22-19:55:11.780324 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49728 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249739802025381 11/24/22-19:55:35.259290 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49739 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.855956532014169 11/24/22-19:55:46.990731 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 55956 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249743802024313 11/24/22-19:55:42.875605 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49743 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249709802024313 11/24/22-19:54:33.518227 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49709 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249738802021641 11/24/22-19:55:33.192742 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49738 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.859082532014169 11/24/22-19:54:38.013432 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 59082 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249740802024318 11/24/22-19:55:37.776321 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49740 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249722802825766 11/24/22-19:54:59.769485 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49722 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.851530532014169 11/24/22-19:54:52.685795 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 51530 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249701802025381 11/24/22-19:54:22.087876 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49701 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249723802025381 11/24/22-19:55:01.692450 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49723 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249721802024313 11/24/22-19:54:56.896268 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49721 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249750802021641 11/24/22-19:55:57.329298 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49750 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249715802024318 11/24/22-19:54:47.405096 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49715 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497302025483 11/24/22-19:55:17.735946 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49730 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249716802825766 11/24/22-19:54:48.704817 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49716 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249721802024318 11/24/22-19:54:56.896268 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49721 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.860032532014169 11/24/22-19:55:29.068969 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60032 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249744802021641 11/24/22-19:55:45.028740 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49744 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497412025483 11/24/22-19:55:40.700457 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49741 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497492025483 11/24/22-19:55:57.050677 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49749 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249709802024318 11/24/22-19:54:33.518227 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49709 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249715802024313 11/24/22-19:54:47.405096 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49715 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.858917532014169 11/24/22-19:55:11.700175 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 58917 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249745802024318 11/24/22-19:55:47.082758 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49745 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497342025483 11/24/22-19:55:26.886961 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49734 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249742802021641 11/24/22-19:55:40.973542 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49742 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497362025483 11/24/22-19:55:30.902353 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49736 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497382025483 11/24/22-19:55:34.897313 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49738 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497322025483 11/24/22-19:55:22.836179 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49732 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249739802021641 11/24/22-19:55:35.259290 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49739 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249741802825766 11/24/22-19:55:39.990050 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49741 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249728802025381 11/24/22-19:55:11.780324 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49728 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249745802024313 11/24/22-19:55:47.082758 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49745 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249713802825766 11/24/22-19:54:43.021097 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49713 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249746802025381 11/24/22-19:55:49.078874 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49746 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.853731532014169 11/24/22-19:54:11.254500 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53731 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249702802024318 11/24/22-19:54:25.054966 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49702 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249713802025381 11/24/22-19:54:43.021097 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49713 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249738802825766 11/24/22-19:55:33.192742 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49738 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.861089532014169 11/24/22-19:55:53.045222 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 61089 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249714802021641 11/24/22-19:54:45.091814 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49714 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249720802024313 11/24/22-19:54:54.960633 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49720 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249702802024313 11/24/22-19:54:25.054966 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49702 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249720802024318 11/24/22-19:54:54.960633 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49720 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249731802025381 11/24/22-19:55:19.158567 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49731 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249735802024313 11/24/22-19:55:27.170416 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49735 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249698802024317 11/24/22-19:54:13.981663 | TCP | 2024317 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 | 49698 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249698802024312 11/24/22-19:54:13.981663 | TCP | 2024312 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 | 49698 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249729802021641 11/24/22-19:55:13.852615 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49729 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249721802025381 11/24/22-19:54:56.896268 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49721 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249731802825766 11/24/22-19:55:19.158567 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49731 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249712802024313 11/24/22-19:54:40.926341 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49712 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249712802024318 11/24/22-19:54:40.926341 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49712 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249735802024318 11/24/22-19:55:27.170416 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49735 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249724802021641 11/24/22-19:55:03.741584 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49724 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249748802825766 11/24/22-19:55:53.130311 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49748 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249753802024318 11/24/22-19:56:03.443038 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49753 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249753802024313 11/24/22-19:56:03.443038 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49753 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249730802024318 11/24/22-19:55:16.067382 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49730 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249747802021641 11/24/22-19:55:51.131718 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49747 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249738802025381 11/24/22-19:55:33.192742 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49738 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249730802024313 11/24/22-19:55:16.067382 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49730 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249706802021641 11/24/22-19:54:29.062049 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49706 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249705802025381 11/24/22-19:54:27.228813 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49705 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.863229532014169 11/24/22-19:54:48.619009 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 63229 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249721802825766 11/24/22-19:54:56.896268 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49721 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249722802024313 11/24/22-19:54:59.769485 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49722 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497432025483 11/24/22-19:55:44.744520 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49743 | 95.213.216.202 | 192.168.2.6 |
192.168.2.68.8.8.849786532014169 11/24/22-19:54:27.135932 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 49786 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249725802024313 11/24/22-19:55:05.694279 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49725 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249719802024318 11/24/22-19:54:53.033944 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49719 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249722802024318 11/24/22-19:54:59.769485 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49722 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249725802024318 11/24/22-19:55:05.694279 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49725 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.856123532014169 11/24/22-19:55:33.111651 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 56123 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249697802021641 11/24/22-19:54:11.348011 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49697 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249711802025381 11/24/22-19:54:38.624655 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49711 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249736802825766 11/24/22-19:55:29.163584 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49736 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497292025483 11/24/22-19:55:15.362841 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49729 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497252025483 11/24/22-19:55:07.447890 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49725 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497212025483 11/24/22-19:54:58.247548 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49721 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249750802024318 11/24/22-19:55:57.329298 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49750 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249737802021641 11/24/22-19:55:31.199874 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49737 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249751802825766 11/24/22-19:55:59.376338 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49751 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249740802021641 11/24/22-19:55:37.776321 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49740 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497022025483 11/24/22-19:54:26.773719 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49702 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497062025483 11/24/22-19:54:30.867234 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49706 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249754802025381 11/24/22-19:56:04.818902 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49754 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249699802825766 11/24/22-19:54:15.956073 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49699 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249719802024313 11/24/22-19:54:53.033944 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49719 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249734802021641 11/24/22-19:55:25.189583 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49734 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249748802025381 11/24/22-19:55:53.130311 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49748 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249715802825766 11/24/22-19:54:47.405096 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49715 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249732802021641 11/24/22-19:55:21.169470 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49732 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249709802021641 11/24/22-19:54:33.518227 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49709 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249755802024318 11/24/22-19:56:06.881877 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49755 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249741802025381 11/24/22-19:55:39.990050 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49741 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249755802024313 11/24/22-19:56:06.881877 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49755 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249723802825766 11/24/22-19:55:01.692450 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49723 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.865044532014169 11/24/22-19:55:27.077654 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65044 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249726802021641 11/24/22-19:55:07.738200 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49726 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249718802025381 11/24/22-19:54:50.807735 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49718 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249727802024313 11/24/22-19:55:09.788187 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49727 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249750802024313 11/24/22-19:55:57.329298 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49750 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249727802024318 11/24/22-19:55:09.788187 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49727 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249700802025381 11/24/22-19:54:18.249997 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49700 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249733802024313 11/24/22-19:55:23.201569 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49733 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497472025483 11/24/22-19:55:52.860690 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49747 | 95.213.216.202 | 192.168.2.6 |
192.168.2.68.8.8.856086532014169 11/24/22-19:55:05.605111 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 56086 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249728802825766 11/24/22-19:55:11.780324 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49728 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249733802024318 11/24/22-19:55:23.201569 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49733 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497502025483 11/24/22-19:55:59.104900 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49750 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249734802025381 11/24/22-19:55:25.189583 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49734 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249742802024318 11/24/22-19:55:40.973542 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49742 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497532025483 11/24/22-19:56:04.545301 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49753 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497182025483 11/24/22-19:54:52.477982 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49718 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249751802024313 11/24/22-19:55:59.376338 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49751 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.860690532014169 11/24/22-19:56:01.353337 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60690 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249748802024313 11/24/22-19:55:53.130311 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49748 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249701802825766 11/24/22-19:54:22.087876 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49701 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.854903532014169 11/24/22-19:54:50.721248 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 54903 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249743802025381 11/24/22-19:55:42.875605 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49743 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249742802024313 11/24/22-19:55:40.973542 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49742 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497152025483 11/24/22-19:54:48.216785 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49715 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249736802021641 11/24/22-19:55:29.163584 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49736 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249739802024313 11/24/22-19:55:35.259290 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49739 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249739802024318 11/24/22-19:55:35.259290 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49739 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249745802021641 11/24/22-19:55:47.082758 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49745 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249748802024318 11/24/22-19:55:53.130311 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49748 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680496992025483 11/24/22-19:54:17.569674 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49699 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497102025483 11/24/22-19:54:37.501776 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49710 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497122025483 11/24/22-19:54:42.610242 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49712 | 95.213.216.202 | 192.168.2.6 |
192.168.2.68.8.8.856547532014169 11/24/22-19:55:07.655761 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 56547 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249714802024313 11/24/22-19:54:45.091814 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49714 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249720802021641 11/24/22-19:54:54.960633 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49720 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249714802024318 11/24/22-19:54:45.091814 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49714 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249725802025381 11/24/22-19:55:05.694279 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49725 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249702802021641 11/24/22-19:54:25.054966 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49702 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249711802021641 11/24/22-19:54:38.624655 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49711 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.859504532014169 11/24/22-19:54:40.838615 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 59504 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249716802025381 11/24/22-19:54:48.704817 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49716 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249698802021641 11/24/22-19:54:13.981663 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49698 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249729802024318 11/24/22-19:55:13.852615 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49729 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249700802024318 11/24/22-19:54:18.249997 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49700 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249715802025381 11/24/22-19:54:47.405096 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49715 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249723802024318 11/24/22-19:55:01.692450 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49723 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249729802024313 11/24/22-19:55:13.852615 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49729 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249723802024313 11/24/22-19:55:01.692450 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49723 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.852556532014169 11/24/22-19:54:56.722023 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 52556 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249741802024318 11/24/22-19:55:39.990050 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49741 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249749802825766 11/24/22-19:55:55.139215 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49749 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249741802024313 11/24/22-19:55:39.990050 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49741 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249700802024313 11/24/22-19:54:18.249997 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49700 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497202025483 11/24/22-19:54:56.488535 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49720 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249718802021641 11/24/22-19:54:50.807735 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49718 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249701802021641 11/24/22-19:54:22.087876 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49701 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497482025483 11/24/22-19:55:54.888388 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49748 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249720802825766 11/24/22-19:54:54.960633 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49720 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.853107532014169 11/24/22-19:54:21.991089 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53107 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249702802825766 11/24/22-19:54:25.054966 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49702 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249744802025381 11/24/22-19:55:45.028740 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49744 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497512025483 11/24/22-19:56:01.147373 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49751 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249730802021641 11/24/22-19:55:16.067382 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49730 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249743802825766 11/24/22-19:55:42.875605 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49743 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249710802024318 11/24/22-19:54:35.914327 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49710 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249724802825766 11/24/22-19:55:03.741584 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49724 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249727802825766 11/24/22-19:55:09.788187 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49727 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497452025483 11/24/22-19:55:48.824554 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49745 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249713802024318 11/24/22-19:54:43.021097 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49713 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249710802024313 11/24/22-19:54:35.914327 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49710 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249718802825766 11/24/22-19:54:50.807735 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49718 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497092025483 11/24/22-19:54:35.412652 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49709 | 95.213.216.202 | 192.168.2.6 |
95.213.216.202192.168.2.680497232025483 11/24/22-19:55:03.460307 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49723 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249697802024312 11/24/22-19:54:11.348011 | TCP | 2024312 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 | 49697 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249707802024313 11/24/22-19:54:31.276699 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49707 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.862520532014169 11/24/22-19:55:15.969759 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 62520 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.68.8.8.857322532014169 11/24/22-19:55:39.901358 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57322 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249713802024313 11/24/22-19:54:43.021097 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49713 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249697802024317 11/24/22-19:54:11.348011 | TCP | 2024317 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 | 49697 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497262025483 11/24/22-19:55:09.535230 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49726 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249707802024318 11/24/22-19:54:31.276699 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49707 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249746802021641 11/24/22-19:55:49.078874 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49746 | 80 | 192.168.2.6 | 95.213.216.202 |
95.213.216.202192.168.2.680497012025483 11/24/22-19:54:23.783923 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49701 | 95.213.216.202 | 192.168.2.6 |
192.168.2.695.213.216.20249733802825766 11/24/22-19:55:23.201569 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49733 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249752802021641 11/24/22-19:56:01.434635 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49752 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249730802825766 11/24/22-19:55:16.067382 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49730 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249732802024313 11/24/22-19:55:21.169470 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49732 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249726802024318 11/24/22-19:55:07.738200 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49726 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249753802025381 11/24/22-19:56:03.443038 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49753 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249732802024318 11/24/22-19:55:21.169470 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49732 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249705802825766 11/24/22-19:54:27.228813 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49705 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249746802825766 11/24/22-19:55:49.078874 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49746 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249755802021641 11/24/22-19:56:06.881877 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49755 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249747802025381 11/24/22-19:55:51.131718 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49747 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249699802025381 11/24/22-19:54:15.956073 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49699 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249726802024313 11/24/22-19:55:07.738200 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49726 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249749802021641 11/24/22-19:55:55.139215 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49749 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249698802825766 11/24/22-19:54:13.981663 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49698 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249727802021641 11/24/22-19:55:09.788187 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49727 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.68.8.8.852715532014169 11/24/22-19:56:06.802187 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 52715 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.68.8.8.852079532014169 11/24/22-19:55:21.075805 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 52079 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.68.8.8.861833532014169 11/24/22-19:55:25.100624 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 61833 | 53 | 192.168.2.6 | 8.8.8.8 |
192.168.2.695.213.216.20249706802025381 11/24/22-19:54:29.062049 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49706 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249733802021641 11/24/22-19:55:23.201569 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49733 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249751802024318 11/24/22-19:55:59.376338 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49751 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249752802825766 11/24/22-19:56:01.434635 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49752 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249712802025381 11/24/22-19:54:40.926341 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49712 | 80 | 192.168.2.6 | 95.213.216.202 |
192.168.2.695.213.216.20249711802825766 11/24/22-19:54:38.624655 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49711 | 80 | 192.168.2.6 | 95.213.216.202 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Nov 24, 2022 19:54:11.286669970 CET | 49697 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:11.345004082 CET | 80 | 49697 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:11.345129967 CET | 49697 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:11.348011017 CET | 49697 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:11.404728889 CET | 80 | 49697 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:11.404869080 CET | 49697 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:11.463299036 CET | 80 | 49697 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:13.168977976 CET | 80 | 49697 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:13.169079065 CET | 49697 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:13.169225931 CET | 49697 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:13.225949049 CET | 80 | 49697 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:13.894681931 CET | 49698 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:13.958650112 CET | 80 | 49698 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:13.958801985 CET | 49698 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:13.981662989 CET | 49698 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:14.045726061 CET | 80 | 49698 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:14.045902014 CET | 49698 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:14.110209942 CET | 80 | 49698 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:15.576119900 CET | 80 | 49698 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:15.576334953 CET | 49698 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:15.576581955 CET | 49698 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:15.640427113 CET | 80 | 49698 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:15.856637001 CET | 49699 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:15.927886963 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:15.928071022 CET | 49699 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:15.956073046 CET | 49699 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:16.027493954 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:16.027601004 CET | 49699 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:16.098913908 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:17.569674015 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:17.569780111 CET | 49699 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:17.569870949 CET | 49699 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:17.640960932 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:18.143421888 CET | 49700 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:18.200618029 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:18.200839043 CET | 49700 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:18.249996901 CET | 49700 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:18.306715012 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:18.306893110 CET | 49700 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:18.363512039 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:20.029122114 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:20.029288054 CET | 49700 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:20.981195927 CET | 49700 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:21.037904978 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:22.019980907 CET | 49701 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:22.083102942 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:22.083247900 CET | 49701 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:22.087876081 CET | 49701 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:22.151021957 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:22.151093006 CET | 49701 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:22.215147972 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:23.783922911 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:23.784240961 CET | 49701 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:23.784240961 CET | 49701 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:23.848484039 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:24.987267971 CET | 49702 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:25.051772118 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:25.051894903 CET | 49702 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:25.054965973 CET | 49702 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:25.119350910 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:25.119462013 CET | 49702 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:25.185128927 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:26.773719072 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:26.773926020 CET | 49702 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:26.774003983 CET | 49702 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:26.838639975 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:27.158658981 CET | 49705 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:27.225601912 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:27.225811958 CET | 49705 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:27.228812933 CET | 49705 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:27.296253920 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:27.296644926 CET | 49705 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:27.363353968 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:28.634654999 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:28.634825945 CET | 49705 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:28.634994030 CET | 49705 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:28.701540947 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:28.980576992 CET | 49706 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:29.043751955 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:29.043917894 CET | 49706 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:29.062048912 CET | 49706 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:29.125628948 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:29.125740051 CET | 49706 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:29.189388037 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:30.867233992 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:30.867374897 CET | 49706 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:30.867445946 CET | 49706 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:30.930533886 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:31.216176033 CET | 49707 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:31.272813082 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:31.273060083 CET | 49707 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:31.276699066 CET | 49707 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:31.333493948 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:31.333655119 CET | 49707 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:31.390275955 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:33.040571928 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:33.045016050 CET | 49707 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:33.045016050 CET | 49707 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:33.101850033 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:33.449861050 CET | 49709 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:33.506349087 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:33.509000063 CET | 49709 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:33.518227100 CET | 49709 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:33.574716091 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:33.575079918 CET | 49709 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:33.631447077 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:35.412652016 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:35.412798882 CET | 49709 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:35.420521975 CET | 49709 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:35.476921082 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:35.841902971 CET | 49710 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:35.906202078 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:35.907335043 CET | 49710 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:35.914326906 CET | 49710 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:35.978296995 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:35.978511095 CET | 49710 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:36.042346001 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:37.501775980 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:37.502013922 CET | 49710 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:37.506547928 CET | 49710 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:37.570656061 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:38.034216881 CET | 49711 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:38.097780943 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:38.098017931 CET | 49711 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:38.624655008 CET | 49711 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:38.688246965 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:38.688424110 CET | 49711 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:38.752983093 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:39.580168962 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:39.580349922 CET | 49711 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:40.125879049 CET | 49711 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:40.191663027 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:40.863483906 CET | 49712 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:40.922118902 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:40.922269106 CET | 49712 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:40.926341057 CET | 49712 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:40.984411001 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:40.984522104 CET | 49712 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:41.040863991 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:42.610241890 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:42.610479116 CET | 49712 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:42.610575914 CET | 49712 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:42.666831017 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:42.949738979 CET | 49713 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:43.018057108 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:43.018240929 CET | 49713 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:43.021096945 CET | 49713 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:43.089303970 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:43.089515924 CET | 49713 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:43.157856941 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:44.610304117 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:44.610476971 CET | 49713 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:44.610532045 CET | 49713 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:44.678621054 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:45.010751009 CET | 49714 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:45.082520008 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:45.082861900 CET | 49714 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:45.091814041 CET | 49714 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:45.165246010 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:45.168155909 CET | 49714 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:45.239954948 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:46.656018972 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:46.656297922 CET | 49714 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:46.656297922 CET | 49714 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:46.728912115 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:47.345211029 CET | 49715 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:47.402106047 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:47.402210951 CET | 49715 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:47.405096054 CET | 49715 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:47.462661982 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:47.462814093 CET | 49715 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:47.519625902 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:48.216784954 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:48.217082024 CET | 49715 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:48.217150927 CET | 49715 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:48.274569988 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:48.639847040 CET | 49716 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:48.696883917 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:48.697803020 CET | 49716 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:48.704817057 CET | 49716 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:48.761668921 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:48.762324095 CET | 49716 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:48.819097042 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:50.512831926 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:50.513175964 CET | 49716 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:50.513844967 CET | 49716 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:50.570372105 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:50.740741968 CET | 49718 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:50.804846048 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:50.805008888 CET | 49718 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:50.807734966 CET | 49718 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:50.871803045 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:50.871886015 CET | 49718 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:50.935887098 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:52.477982044 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:52.478251934 CET | 49718 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:52.478950977 CET | 49718 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:52.542900085 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:52.963342905 CET | 49719 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:53.026926994 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:53.027272940 CET | 49719 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:53.033943892 CET | 49719 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:53.097426891 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:53.097598076 CET | 49719 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:53.161052942 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:54.654089928 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:54.654256105 CET | 49719 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:54.654256105 CET | 49719 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:54.717772961 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:54.886636019 CET | 49720 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:54.951272964 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:54.951555967 CET | 49720 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:54.960633039 CET | 49720 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:55.025396109 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:55.026843071 CET | 49720 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:55.091306925 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:56.488534927 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:56.488853931 CET | 49720 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:56.488986015 CET | 49720 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:56.554642916 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:56.777586937 CET | 49721 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:56.844616890 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:56.844764948 CET | 49721 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:56.896267891 CET | 49721 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:56.963242054 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:56.963457108 CET | 49721 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:57.030400038 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:58.247548103 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:58.247638941 CET | 49721 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:58.250401020 CET | 49721 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:58.317374945 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:59.690609932 CET | 49722 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:59.757392883 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:59.757575989 CET | 49722 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:59.769484997 CET | 49722 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:59.836227894 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:54:59.836323977 CET | 49722 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:54:59.903049946 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:01.407205105 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:01.409435987 CET | 49722 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:01.409521103 CET | 49722 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:01.476908922 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:01.626220942 CET | 49723 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:01.689275980 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:01.689755917 CET | 49723 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:01.692450047 CET | 49723 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:01.755321026 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:01.759412050 CET | 49723 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:01.822660923 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:03.460306883 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:03.460474968 CET | 49723 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:03.460474968 CET | 49723 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:03.523472071 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:03.667985916 CET | 49724 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:03.731827021 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:03.731956959 CET | 49724 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:03.741584063 CET | 49724 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:03.805536985 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:03.805641890 CET | 49724 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:03.869301081 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:05.403254986 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:05.403405905 CET | 49724 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:05.403459072 CET | 49724 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:05.467228889 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:05.626239061 CET | 49725 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:05.690521002 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:05.690733910 CET | 49725 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:05.694278955 CET | 49725 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:05.758435011 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:05.758548975 CET | 49725 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:05.823070049 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:07.447890043 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:07.451889992 CET | 49725 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:07.452075958 CET | 49725 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:07.516593933 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:07.677114964 CET | 49726 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:07.733545065 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:07.735467911 CET | 49726 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:07.738199949 CET | 49726 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:07.794605970 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:07.794753075 CET | 49726 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:07.851125002 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:09.535229921 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:09.535363913 CET | 49726 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:09.535423040 CET | 49726 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:09.591619015 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:09.727186918 CET | 49727 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:09.783948898 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:09.784090996 CET | 49727 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:09.788187027 CET | 49727 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:09.844860077 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:09.844965935 CET | 49727 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:09.901648998 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:11.470808983 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:11.471012115 CET | 49727 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:11.471082926 CET | 49727 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:11.527808905 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:11.719544888 CET | 49728 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:11.776662111 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:11.776863098 CET | 49728 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:11.780323982 CET | 49728 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:11.837094069 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:11.837272882 CET | 49728 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:11.893781900 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:13.560422897 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:13.560614109 CET | 49728 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:13.561012983 CET | 49728 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:13.617378950 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:13.782181025 CET | 49729 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:13.849082947 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:13.849315882 CET | 49729 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:13.852615118 CET | 49729 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:13.920787096 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:13.923044920 CET | 49729 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:13.989809990 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:15.362840891 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:15.363018036 CET | 49729 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:15.454364061 CET | 49729 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:15.511378050 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:15.993818998 CET | 49730 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:16.051388979 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:16.051582098 CET | 49730 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:16.067382097 CET | 49730 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:16.124243975 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:16.124342918 CET | 49730 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:16.180980921 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:17.735945940 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:17.736123085 CET | 49730 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:18.752115011 CET | 49730 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:18.808902979 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:19.098514080 CET | 49731 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:19.155339003 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:19.155459881 CET | 49731 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:19.158566952 CET | 49731 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:19.215066910 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:19.215342999 CET | 49731 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:19.271960974 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:20.867898941 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:20.868088007 CET | 49731 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:20.869369984 CET | 49731 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:20.925721884 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:21.099296093 CET | 49732 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:21.166539907 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:21.166685104 CET | 49732 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:21.169470072 CET | 49732 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:21.236628056 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:21.236840963 CET | 49732 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:21.304195881 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:22.836179018 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:22.836318970 CET | 49732 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:22.836380959 CET | 49732 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:22.903603077 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:23.128885984 CET | 49733 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:23.193048000 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:23.195914984 CET | 49733 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:23.201569080 CET | 49733 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:23.265805006 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:23.265949965 CET | 49733 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:23.330027103 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:24.906100035 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:24.906245947 CET | 49733 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:24.906307936 CET | 49733 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:24.970448017 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:25.121762991 CET | 49734 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:25.186075926 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:25.186173916 CET | 49734 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:25.189583063 CET | 49734 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:25.253758907 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:25.253937960 CET | 49734 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:25.318175077 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:26.886960983 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:26.889686108 CET | 49734 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:26.889741898 CET | 49734 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:26.954076052 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:27.098373890 CET | 49735 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:27.162127018 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:27.162434101 CET | 49735 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:27.170416117 CET | 49735 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:27.234000921 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:27.234226942 CET | 49735 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:27.297744036 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:28.867255926 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:28.867419958 CET | 49735 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:28.867420912 CET | 49735 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:28.931094885 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:29.091886997 CET | 49736 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:29.157387972 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:29.157830954 CET | 49736 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:29.163583994 CET | 49736 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:29.229331970 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:29.231827974 CET | 49736 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:29.295528889 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:30.902353048 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:30.902533054 CET | 49736 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:30.902645111 CET | 49736 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:30.966079950 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:31.133526087 CET | 49737 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:31.196630955 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:31.196780920 CET | 49737 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:31.199873924 CET | 49737 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:31.262824059 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:31.262911081 CET | 49737 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:31.327142000 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:32.908190966 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:32.910219908 CET | 49737 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:32.912136078 CET | 49737 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:32.975173950 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:33.132678032 CET | 49738 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:33.189560890 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:33.189775944 CET | 49738 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:33.192742109 CET | 49738 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:33.252191067 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:33.252402067 CET | 49738 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:33.309163094 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:34.897313118 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:34.897418022 CET | 49738 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:34.898221016 CET | 49738 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:34.957077980 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:35.195801020 CET | 49739 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:35.256314993 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:35.256441116 CET | 49739 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:35.259289980 CET | 49739 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:35.319724083 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:35.319905043 CET | 49739 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:35.380667925 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:36.924860954 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:36.925076008 CET | 49739 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:37.394397974 CET | 49739 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:37.455313921 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:37.694410086 CET | 49740 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:37.755460978 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:37.756037951 CET | 49740 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:37.776320934 CET | 49740 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:37.840017080 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:37.840137959 CET | 49740 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:37.903769970 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:39.709470034 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:39.709578037 CET | 49740 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:39.710020065 CET | 49740 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:39.770124912 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:39.923321962 CET | 49741 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:39.979937077 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:39.980230093 CET | 49741 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:39.990050077 CET | 49741 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:40.046648979 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:40.046775103 CET | 49741 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:40.103503942 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:40.700457096 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:40.700611115 CET | 49741 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:40.700649977 CET | 49741 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:40.757102013 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:40.894187927 CET | 49742 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:40.951948881 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:40.952120066 CET | 49742 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:40.973541975 CET | 49742 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:41.030246019 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:41.034637928 CET | 49742 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:41.091214895 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:42.590814114 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:42.590982914 CET | 49742 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:42.591536045 CET | 49742 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:42.648880005 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:42.802078009 CET | 49743 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:42.866080046 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:42.866259098 CET | 49743 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:42.875605106 CET | 49743 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:42.938735008 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:42.938832045 CET | 49743 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:43.002091885 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:44.744519949 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:44.744945049 CET | 49743 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:44.745003939 CET | 49743 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:44.809307098 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:44.946585894 CET | 49744 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:45.010221004 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:45.010464907 CET | 49744 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:45.028739929 CET | 49744 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:45.092462063 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:45.092725039 CET | 49744 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:45.156291008 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:46.796463013 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:46.796664953 CET | 49744 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:46.796664953 CET | 49744 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:46.860275984 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:47.009479046 CET | 49745 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:47.076858044 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:47.079433918 CET | 49745 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:47.082757950 CET | 49745 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:47.149897099 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:47.150202990 CET | 49745 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:47.218303919 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:48.824553967 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:48.824661016 CET | 49745 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:48.831877947 CET | 49745 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:48.898847103 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:49.009558916 CET | 49746 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:49.074732065 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:49.074836969 CET | 49746 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:49.078874111 CET | 49746 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:49.145185947 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:49.145370960 CET | 49746 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:49.210633039 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:50.859980106 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:50.860259056 CET | 49746 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:50.860259056 CET | 49746 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:50.925399065 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:51.046344042 CET | 49747 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:51.110479116 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:51.110860109 CET | 49747 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:51.131717920 CET | 49747 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:51.195972919 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:51.196275949 CET | 49747 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:51.261482000 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:52.860690117 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:52.860846996 CET | 49747 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:52.867872000 CET | 49747 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:52.931762934 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:53.069626093 CET | 49748 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:53.126054049 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:53.126214027 CET | 49748 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:53.130311012 CET | 49748 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:53.187758923 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:53.190058947 CET | 49748 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:53.246783972 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:54.888387918 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:54.888495922 CET | 49748 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:54.888554096 CET | 49748 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:54.945060968 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:55.069120884 CET | 49749 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:55.125516891 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:55.125638008 CET | 49749 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:55.139214993 CET | 49749 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:55.195631981 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:55.195702076 CET | 49749 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:55.252516985 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:57.050677061 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:57.050853014 CET | 49749 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:57.057257891 CET | 49749 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:57.120377064 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:57.245290995 CET | 49750 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:57.312335968 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:57.312514067 CET | 49750 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:57.329298019 CET | 49750 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:57.396410942 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:57.396533012 CET | 49750 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:57.463821888 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:59.104899883 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:59.106528997 CET | 49750 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:59.106529951 CET | 49750 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:59.173890114 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:59.305999041 CET | 49751 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:59.362746000 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:59.364516020 CET | 49751 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:59.376338005 CET | 49751 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:59.433072090 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:55:59.436526060 CET | 49751 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:55:59.493936062 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:01.147372961 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:01.147507906 CET | 49751 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:01.147599936 CET | 49751 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:01.203977108 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:01.375042915 CET | 49752 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:01.431845903 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:01.431978941 CET | 49752 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:01.434634924 CET | 49752 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:01.491415977 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:01.491497040 CET | 49752 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:01.548178911 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:03.175717115 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:03.175884962 CET | 49752 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:03.175981045 CET | 49752 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:03.232578039 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:03.383239031 CET | 49753 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:03.440042973 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:03.440300941 CET | 49753 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:03.443037987 CET | 49753 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:03.499903917 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:03.500075102 CET | 49753 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:03.556749105 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:04.545300961 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:04.545376062 CET | 49753 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:04.545456886 CET | 49753 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:04.602138996 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:04.752279043 CET | 49754 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:04.815371990 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:04.815545082 CET | 49754 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:04.818902016 CET | 49754 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:04.881937981 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:04.882036924 CET | 49754 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:04.945152998 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:06.628427029 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:06.628662109 CET | 49754 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:06.628662109 CET | 49754 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:06.692765951 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:06.821671963 CET | 49755 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:06.877995014 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:06.878177881 CET | 49755 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:06.881876945 CET | 49755 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:06.938270092 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:06.938436031 CET | 49755 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:06.994699955 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:08.689068079 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.6 |
Nov 24, 2022 19:56:08.691345930 CET | 49755 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:08.697205067 CET | 49755 | 80 | 192.168.2.6 | 95.213.216.202 |
Nov 24, 2022 19:56:08.753859997 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.6 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Nov 24, 2022 19:54:11.254499912 CET | 53731 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:11.273976088 CET | 53 | 53731 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:13.553924084 CET | 57686 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:13.892705917 CET | 53 | 57686 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:15.835585117 CET | 64382 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:15.854994059 CET | 53 | 64382 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:18.123294115 CET | 53203 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:18.140840054 CET | 53 | 53203 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:21.991089106 CET | 53107 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:22.012207031 CET | 53 | 53107 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:24.912578106 CET | 64601 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:24.931736946 CET | 53 | 64601 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:27.135931969 CET | 49786 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:27.153167009 CET | 53 | 49786 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:28.961972952 CET | 58595 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:28.979187965 CET | 53 | 58595 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:31.195563078 CET | 56331 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:31.213350058 CET | 53 | 56331 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:33.429765940 CET | 50506 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:33.448172092 CET | 53 | 50506 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:35.800638914 CET | 49448 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:35.820136070 CET | 53 | 49448 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:38.013432026 CET | 59082 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:38.032367945 CET | 53 | 59082 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:40.838614941 CET | 59504 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:40.860896111 CET | 53 | 59504 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:42.928675890 CET | 65198 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:42.948046923 CET | 53 | 65198 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:44.985894918 CET | 62910 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:45.005995035 CET | 53 | 62910 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:46.995918989 CET | 63863 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:47.343003035 CET | 53 | 63863 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:48.619009018 CET | 63229 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:48.638283968 CET | 53 | 63229 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:50.721247911 CET | 54903 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:50.739190102 CET | 53 | 54903 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:52.685795069 CET | 51530 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:52.959728956 CET | 53 | 51530 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:54.866803885 CET | 56122 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:54.884646893 CET | 53 | 56122 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:56.722023010 CET | 52556 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:56.741736889 CET | 53 | 52556 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:54:59.613441944 CET | 61609 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:54:59.633409977 CET | 53 | 61609 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:01.607306957 CET | 52481 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:01.624758959 CET | 53 | 52481 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:03.645658016 CET | 53943 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:03.665380001 CET | 53 | 53943 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:05.605110884 CET | 56086 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:05.624840975 CET | 53 | 56086 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:07.655761003 CET | 56547 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:07.675786018 CET | 53 | 56547 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:09.708350897 CET | 59881 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:09.725904942 CET | 53 | 59881 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:11.700175047 CET | 58917 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:11.717746019 CET | 53 | 58917 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:13.761219025 CET | 50343 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:13.780757904 CET | 53 | 50343 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:15.969758987 CET | 62520 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:15.987411976 CET | 53 | 62520 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:19.049102068 CET | 55629 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:19.068536043 CET | 53 | 55629 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:21.075804949 CET | 52079 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:21.095380068 CET | 53 | 52079 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:23.105212927 CET | 56569 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:23.122698069 CET | 53 | 56569 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:25.100624084 CET | 61833 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:25.119568110 CET | 53 | 61833 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:27.077653885 CET | 65044 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:27.096754074 CET | 53 | 65044 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:29.068969011 CET | 60032 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:29.090148926 CET | 53 | 60032 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:31.114753008 CET | 49232 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:31.132338047 CET | 53 | 49232 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:33.111650944 CET | 56123 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:33.130673885 CET | 53 | 56123 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:35.135406017 CET | 59752 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:35.155647993 CET | 53 | 59752 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:37.629168987 CET | 52865 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:37.651962996 CET | 53 | 52865 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:39.901357889 CET | 57322 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:39.918622017 CET | 53 | 57322 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:40.875534058 CET | 62958 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:40.892956972 CET | 53 | 62958 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:42.774058104 CET | 64404 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:42.793642044 CET | 53 | 64404 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:44.925533056 CET | 62848 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:44.944977045 CET | 53 | 62848 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:46.990731001 CET | 55956 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:47.007882118 CET | 53 | 55956 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:48.986224890 CET | 57515 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:49.005459070 CET | 53 | 57515 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:51.025348902 CET | 51321 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:51.042560101 CET | 53 | 51321 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:53.045222044 CET | 61089 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:53.064853907 CET | 53 | 61089 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:55.046216011 CET | 62766 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:55.065582991 CET | 53 | 62766 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:57.225225925 CET | 60130 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:57.242645979 CET | 53 | 60130 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:55:59.286288023 CET | 62732 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:55:59.304116011 CET | 53 | 62732 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:56:01.353337049 CET | 60690 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:56:01.372248888 CET | 53 | 60690 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:56:03.361289024 CET | 56750 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:56:03.381324053 CET | 53 | 56750 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:56:04.733170033 CET | 59336 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:56:04.750690937 CET | 53 | 59336 | 8.8.8.8 | 192.168.2.6 |
Nov 24, 2022 19:56:06.802186966 CET | 52715 | 53 | 192.168.2.6 | 8.8.8.8 |
Nov 24, 2022 19:56:06.820142984 CET | 53 | 52715 | 8.8.8.8 | 192.168.2.6 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Nov 24, 2022 19:54:11.254499912 CET | 192.168.2.6 | 8.8.8.8 | 0x9d33 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:13.553924084 CET | 192.168.2.6 | 8.8.8.8 | 0xec24 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:15.835585117 CET | 192.168.2.6 | 8.8.8.8 | 0x6c3f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:18.123294115 CET | 192.168.2.6 | 8.8.8.8 | 0x9e45 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:21.991089106 CET | 192.168.2.6 | 8.8.8.8 | 0x913b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:24.912578106 CET | 192.168.2.6 | 8.8.8.8 | 0xf13b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:27.135931969 CET | 192.168.2.6 | 8.8.8.8 | 0x3278 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:28.961972952 CET | 192.168.2.6 | 8.8.8.8 | 0x88c4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:31.195563078 CET | 192.168.2.6 | 8.8.8.8 | 0x811e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:33.429765940 CET | 192.168.2.6 | 8.8.8.8 | 0x5dea | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:35.800638914 CET | 192.168.2.6 | 8.8.8.8 | 0x3818 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:38.013432026 CET | 192.168.2.6 | 8.8.8.8 | 0xbc15 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:40.838614941 CET | 192.168.2.6 | 8.8.8.8 | 0xdfe4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:42.928675890 CET | 192.168.2.6 | 8.8.8.8 | 0x467c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:44.985894918 CET | 192.168.2.6 | 8.8.8.8 | 0x8e71 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:46.995918989 CET | 192.168.2.6 | 8.8.8.8 | 0xdce6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:48.619009018 CET | 192.168.2.6 | 8.8.8.8 | 0x64a9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:50.721247911 CET | 192.168.2.6 | 8.8.8.8 | 0x44bb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:52.685795069 CET | 192.168.2.6 | 8.8.8.8 | 0x15bd | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:54.866803885 CET | 192.168.2.6 | 8.8.8.8 | 0xaf57 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:56.722023010 CET | 192.168.2.6 | 8.8.8.8 | 0x428c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:54:59.613441944 CET | 192.168.2.6 | 8.8.8.8 | 0x5781 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:01.607306957 CET | 192.168.2.6 | 8.8.8.8 | 0x5577 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:03.645658016 CET | 192.168.2.6 | 8.8.8.8 | 0xe821 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:05.605110884 CET | 192.168.2.6 | 8.8.8.8 | 0x78c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:07.655761003 CET | 192.168.2.6 | 8.8.8.8 | 0x88bf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:09.708350897 CET | 192.168.2.6 | 8.8.8.8 | 0x41dd | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:11.700175047 CET | 192.168.2.6 | 8.8.8.8 | 0x6184 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:13.761219025 CET | 192.168.2.6 | 8.8.8.8 | 0x6a56 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:15.969758987 CET | 192.168.2.6 | 8.8.8.8 | 0x5414 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:19.049102068 CET | 192.168.2.6 | 8.8.8.8 | 0x7518 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:21.075804949 CET | 192.168.2.6 | 8.8.8.8 | 0x4df8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:23.105212927 CET | 192.168.2.6 | 8.8.8.8 | 0xcd7f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:25.100624084 CET | 192.168.2.6 | 8.8.8.8 | 0x1c89 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:27.077653885 CET | 192.168.2.6 | 8.8.8.8 | 0xc1ed | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:29.068969011 CET | 192.168.2.6 | 8.8.8.8 | 0x72e9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:31.114753008 CET | 192.168.2.6 | 8.8.8.8 | 0x3b2b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:33.111650944 CET | 192.168.2.6 | 8.8.8.8 | 0xaf95 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:35.135406017 CET | 192.168.2.6 | 8.8.8.8 | 0x83f0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:37.629168987 CET | 192.168.2.6 | 8.8.8.8 | 0x7648 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:39.901357889 CET | 192.168.2.6 | 8.8.8.8 | 0x44d4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:40.875534058 CET | 192.168.2.6 | 8.8.8.8 | 0x10a4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:42.774058104 CET | 192.168.2.6 | 8.8.8.8 | 0x8c97 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:44.925533056 CET | 192.168.2.6 | 8.8.8.8 | 0xd56b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:46.990731001 CET | 192.168.2.6 | 8.8.8.8 | 0xa25f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:48.986224890 CET | 192.168.2.6 | 8.8.8.8 | 0x70ee | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:51.025348902 CET | 192.168.2.6 | 8.8.8.8 | 0x4c51 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:53.045222044 CET | 192.168.2.6 | 8.8.8.8 | 0xf711 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:55.046216011 CET | 192.168.2.6 | 8.8.8.8 | 0x6cf7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:57.225225925 CET | 192.168.2.6 | 8.8.8.8 | 0x84b4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:55:59.286288023 CET | 192.168.2.6 | 8.8.8.8 | 0xe37 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:56:01.353337049 CET | 192.168.2.6 | 8.8.8.8 | 0x9b9f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:56:03.361289024 CET | 192.168.2.6 | 8.8.8.8 | 0x8ac8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:56:04.733170033 CET | 192.168.2.6 | 8.8.8.8 | 0xb980 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 24, 2022 19:56:06.802186966 CET | 192.168.2.6 | 8.8.8.8 | 0xdf9 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Nov 24, 2022 19:54:11.273976088 CET | 8.8.8.8 | 192.168.2.6 | 0x9d33 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:13.892705917 CET | 8.8.8.8 | 192.168.2.6 | 0xec24 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:15.854994059 CET | 8.8.8.8 | 192.168.2.6 | 0x6c3f | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:18.140840054 CET | 8.8.8.8 | 192.168.2.6 | 0x9e45 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:22.012207031 CET | 8.8.8.8 | 192.168.2.6 | 0x913b | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:24.931736946 CET | 8.8.8.8 | 192.168.2.6 | 0xf13b | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:27.153167009 CET | 8.8.8.8 | 192.168.2.6 | 0x3278 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:28.979187965 CET | 8.8.8.8 | 192.168.2.6 | 0x88c4 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:31.213350058 CET | 8.8.8.8 | 192.168.2.6 | 0x811e | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:33.448172092 CET | 8.8.8.8 | 192.168.2.6 | 0x5dea | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:35.820136070 CET | 8.8.8.8 | 192.168.2.6 | 0x3818 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:38.032367945 CET | 8.8.8.8 | 192.168.2.6 | 0xbc15 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:40.860896111 CET | 8.8.8.8 | 192.168.2.6 | 0xdfe4 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:42.948046923 CET | 8.8.8.8 | 192.168.2.6 | 0x467c | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:45.005995035 CET | 8.8.8.8 | 192.168.2.6 | 0x8e71 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:47.343003035 CET | 8.8.8.8 | 192.168.2.6 | 0xdce6 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:48.638283968 CET | 8.8.8.8 | 192.168.2.6 | 0x64a9 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:50.739190102 CET | 8.8.8.8 | 192.168.2.6 | 0x44bb | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:52.959728956 CET | 8.8.8.8 | 192.168.2.6 | 0x15bd | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:54.884646893 CET | 8.8.8.8 | 192.168.2.6 | 0xaf57 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:56.741736889 CET | 8.8.8.8 | 192.168.2.6 | 0x428c | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:54:59.633409977 CET | 8.8.8.8 | 192.168.2.6 | 0x5781 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:01.624758959 CET | 8.8.8.8 | 192.168.2.6 | 0x5577 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:03.665380001 CET | 8.8.8.8 | 192.168.2.6 | 0xe821 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:05.624840975 CET | 8.8.8.8 | 192.168.2.6 | 0x78c | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:07.675786018 CET | 8.8.8.8 | 192.168.2.6 | 0x88bf | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:09.725904942 CET | 8.8.8.8 | 192.168.2.6 | 0x41dd | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:11.717746019 CET | 8.8.8.8 | 192.168.2.6 | 0x6184 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:13.780757904 CET | 8.8.8.8 | 192.168.2.6 | 0x6a56 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:15.987411976 CET | 8.8.8.8 | 192.168.2.6 | 0x5414 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:19.068536043 CET | 8.8.8.8 | 192.168.2.6 | 0x7518 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:21.095380068 CET | 8.8.8.8 | 192.168.2.6 | 0x4df8 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:23.122698069 CET | 8.8.8.8 | 192.168.2.6 | 0xcd7f | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:25.119568110 CET | 8.8.8.8 | 192.168.2.6 | 0x1c89 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:27.096754074 CET | 8.8.8.8 | 192.168.2.6 | 0xc1ed | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:29.090148926 CET | 8.8.8.8 | 192.168.2.6 | 0x72e9 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:31.132338047 CET | 8.8.8.8 | 192.168.2.6 | 0x3b2b | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:33.130673885 CET | 8.8.8.8 | 192.168.2.6 | 0xaf95 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:35.155647993 CET | 8.8.8.8 | 192.168.2.6 | 0x83f0 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:37.651962996 CET | 8.8.8.8 | 192.168.2.6 | 0x7648 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:39.918622017 CET | 8.8.8.8 | 192.168.2.6 | 0x44d4 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:40.892956972 CET | 8.8.8.8 | 192.168.2.6 | 0x10a4 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:42.793642044 CET | 8.8.8.8 | 192.168.2.6 | 0x8c97 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:44.944977045 CET | 8.8.8.8 | 192.168.2.6 | 0xd56b | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:47.007882118 CET | 8.8.8.8 | 192.168.2.6 | 0xa25f | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:49.005459070 CET | 8.8.8.8 | 192.168.2.6 | 0x70ee | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:51.042560101 CET | 8.8.8.8 | 192.168.2.6 | 0x4c51 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:53.064853907 CET | 8.8.8.8 | 192.168.2.6 | 0xf711 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:55.065582991 CET | 8.8.8.8 | 192.168.2.6 | 0x6cf7 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:57.242645979 CET | 8.8.8.8 | 192.168.2.6 | 0x84b4 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:55:59.304116011 CET | 8.8.8.8 | 192.168.2.6 | 0xe37 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:56:01.372248888 CET | 8.8.8.8 | 192.168.2.6 | 0x9b9f | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:56:03.381324053 CET | 8.8.8.8 | 192.168.2.6 | 0x8ac8 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:56:04.750690937 CET | 8.8.8.8 | 192.168.2.6 | 0xb980 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 24, 2022 19:56:06.820142984 CET | 8.8.8.8 | 192.168.2.6 | 0xdf9 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
0 | 192.168.2.6 | 49697 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:11.348011017 CET | 8 | OUT | |
Nov 24, 2022 19:54:11.404869080 CET | 9 | OUT | |
Nov 24, 2022 19:54:13.168977976 CET | 9 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
1 | 192.168.2.6 | 49698 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:13.981662989 CET | 10 | OUT | |
Nov 24, 2022 19:54:14.045902014 CET | 10 | OUT | |
Nov 24, 2022 19:54:15.576119900 CET | 11 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
10 | 192.168.2.6 | 49710 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:35.914326906 CET | 271 | OUT | |
Nov 24, 2022 19:54:35.978511095 CET | 271 | OUT | |
Nov 24, 2022 19:54:37.501775980 CET | 272 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
11 | 192.168.2.6 | 49711 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:38.624655008 CET | 273 | OUT | |
Nov 24, 2022 19:54:38.688424110 CET | 273 | OUT | |
Nov 24, 2022 19:54:39.580168962 CET | 273 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
12 | 192.168.2.6 | 49712 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:40.926341057 CET | 274 | OUT | |
Nov 24, 2022 19:54:40.984522104 CET | 274 | OUT | |
Nov 24, 2022 19:54:42.610241890 CET | 275 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
13 | 192.168.2.6 | 49713 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:43.021096945 CET | 275 | OUT | |
Nov 24, 2022 19:54:43.089515924 CET | 276 | OUT | |
Nov 24, 2022 19:54:44.610304117 CET | 276 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
14 | 192.168.2.6 | 49714 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:45.091814041 CET | 277 | OUT | |
Nov 24, 2022 19:54:45.168155909 CET | 277 | OUT | |
Nov 24, 2022 19:54:46.656018972 CET | 277 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
15 | 192.168.2.6 | 49715 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:47.405096054 CET | 278 | OUT | |
Nov 24, 2022 19:54:47.462814093 CET | 278 | OUT | |
Nov 24, 2022 19:54:48.216784954 CET | 279 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
16 | 192.168.2.6 | 49716 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:48.704817057 CET | 280 | OUT | |
Nov 24, 2022 19:54:48.762324095 CET | 280 | OUT | |
Nov 24, 2022 19:54:50.512831926 CET | 291 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
17 | 192.168.2.6 | 49718 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:50.807734966 CET | 292 | OUT | |
Nov 24, 2022 19:54:50.871886015 CET | 292 | OUT | |
Nov 24, 2022 19:54:52.477982044 CET | 292 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
18 | 192.168.2.6 | 49719 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:53.033943892 CET | 293 | OUT | |
Nov 24, 2022 19:54:53.097598076 CET | 294 | OUT | |
Nov 24, 2022 19:54:54.654089928 CET | 294 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
19 | 192.168.2.6 | 49720 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:54.960633039 CET | 295 | OUT | |
Nov 24, 2022 19:54:55.026843071 CET | 295 | OUT | |
Nov 24, 2022 19:54:56.488534927 CET | 295 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
2 | 192.168.2.6 | 49699 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:15.956073046 CET | 11 | OUT | |
Nov 24, 2022 19:54:16.027601004 CET | 12 | OUT | |
Nov 24, 2022 19:54:17.569674015 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
20 | 192.168.2.6 | 49721 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:56.896267891 CET | 296 | OUT | |
Nov 24, 2022 19:54:56.963457108 CET | 296 | OUT | |
Nov 24, 2022 19:54:58.247548103 CET | 297 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
21 | 192.168.2.6 | 49722 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:59.769484997 CET | 297 | OUT | |
Nov 24, 2022 19:54:59.836323977 CET | 298 | OUT | |
Nov 24, 2022 19:55:01.407205105 CET | 298 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
22 | 192.168.2.6 | 49723 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:01.692450047 CET | 299 | OUT | |
Nov 24, 2022 19:55:01.759412050 CET | 299 | OUT | |
Nov 24, 2022 19:55:03.460306883 CET | 299 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
23 | 192.168.2.6 | 49724 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:03.741584063 CET | 300 | OUT | |
Nov 24, 2022 19:55:03.805641890 CET | 301 | OUT | |
Nov 24, 2022 19:55:05.403254986 CET | 301 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
24 | 192.168.2.6 | 49725 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:05.694278955 CET | 302 | OUT | |
Nov 24, 2022 19:55:05.758548975 CET | 302 | OUT | |
Nov 24, 2022 19:55:07.447890043 CET | 302 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
25 | 192.168.2.6 | 49726 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:07.738199949 CET | 303 | OUT | |
Nov 24, 2022 19:55:07.794753075 CET | 303 | OUT | |
Nov 24, 2022 19:55:09.535229921 CET | 304 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
26 | 192.168.2.6 | 49727 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:09.788187027 CET | 304 | OUT | |
Nov 24, 2022 19:55:09.844965935 CET | 305 | OUT | |
Nov 24, 2022 19:55:11.470808983 CET | 305 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
27 | 192.168.2.6 | 49728 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:11.780323982 CET | 306 | OUT | |
Nov 24, 2022 19:55:11.837272882 CET | 306 | OUT | |
Nov 24, 2022 19:55:13.560422897 CET | 306 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
28 | 192.168.2.6 | 49729 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:13.852615118 CET | 307 | OUT | |
Nov 24, 2022 19:55:13.923044920 CET | 308 | OUT | |
Nov 24, 2022 19:55:15.362840891 CET | 308 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
29 | 192.168.2.6 | 49730 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:16.067382097 CET | 309 | OUT | |
Nov 24, 2022 19:55:16.124342918 CET | 309 | OUT | |
Nov 24, 2022 19:55:17.735945940 CET | 309 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
3 | 192.168.2.6 | 49700 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:18.249996901 CET | 13 | OUT | |
Nov 24, 2022 19:54:18.306893110 CET | 13 | OUT | |
Nov 24, 2022 19:54:20.029122114 CET | 13 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
30 | 192.168.2.6 | 49731 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:19.158566952 CET | 310 | OUT | |
Nov 24, 2022 19:55:19.215342999 CET | 310 | OUT | |
Nov 24, 2022 19:55:20.867898941 CET | 311 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
31 | 192.168.2.6 | 49732 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:21.169470072 CET | 312 | OUT | |
Nov 24, 2022 19:55:21.236840963 CET | 312 | OUT | |
Nov 24, 2022 19:55:22.836179018 CET | 312 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
32 | 192.168.2.6 | 49733 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:23.201569080 CET | 313 | OUT | |
Nov 24, 2022 19:55:23.265949965 CET | 313 | OUT | |
Nov 24, 2022 19:55:24.906100035 CET | 314 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
33 | 192.168.2.6 | 49734 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:25.189583063 CET | 314 | OUT | |
Nov 24, 2022 19:55:25.253937960 CET | 315 | OUT | |
Nov 24, 2022 19:55:26.886960983 CET | 315 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
34 | 192.168.2.6 | 49735 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:27.170416117 CET | 316 | OUT | |
Nov 24, 2022 19:55:27.234226942 CET | 316 | OUT | |
Nov 24, 2022 19:55:28.867255926 CET | 317 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
35 | 192.168.2.6 | 49736 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:29.163583994 CET | 317 | OUT | |
Nov 24, 2022 19:55:29.231827974 CET | 318 | OUT | |
Nov 24, 2022 19:55:30.902353048 CET | 318 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
36 | 192.168.2.6 | 49737 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:31.199873924 CET | 319 | OUT | |
Nov 24, 2022 19:55:31.262911081 CET | 319 | OUT | |
Nov 24, 2022 19:55:32.908190966 CET | 319 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
37 | 192.168.2.6 | 49738 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:33.192742109 CET | 320 | OUT | |
Nov 24, 2022 19:55:33.252402067 CET | 320 | OUT | |
Nov 24, 2022 19:55:34.897313118 CET | 321 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
38 | 192.168.2.6 | 49739 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:35.259289980 CET | 322 | OUT | |
Nov 24, 2022 19:55:35.319905043 CET | 322 | OUT | |
Nov 24, 2022 19:55:36.924860954 CET | 322 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
39 | 192.168.2.6 | 49740 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:37.776320934 CET | 323 | OUT | |
Nov 24, 2022 19:55:37.840137959 CET | 323 | OUT | |
Nov 24, 2022 19:55:39.709470034 CET | 324 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
4 | 192.168.2.6 | 49701 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:22.087876081 CET | 14 | OUT | |
Nov 24, 2022 19:54:22.151093006 CET | 14 | OUT | |
Nov 24, 2022 19:54:23.783922911 CET | 15 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
40 | 192.168.2.6 | 49741 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:39.990050077 CET | 324 | OUT | |
Nov 24, 2022 19:55:40.046775103 CET | 325 | OUT | |
Nov 24, 2022 19:55:40.700457096 CET | 325 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
41 | 192.168.2.6 | 49742 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:40.973541975 CET | 326 | OUT | |
Nov 24, 2022 19:55:41.034637928 CET | 326 | OUT | |
Nov 24, 2022 19:55:42.590814114 CET | 326 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
42 | 192.168.2.6 | 49743 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:42.875605106 CET | 327 | OUT | |
Nov 24, 2022 19:55:42.938832045 CET | 327 | OUT | |
Nov 24, 2022 19:55:44.744519949 CET | 328 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
43 | 192.168.2.6 | 49744 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:45.028739929 CET | 329 | OUT | |
Nov 24, 2022 19:55:45.092725039 CET | 329 | OUT | |
Nov 24, 2022 19:55:46.796463013 CET | 329 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
44 | 192.168.2.6 | 49745 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:47.082757950 CET | 330 | OUT | |
Nov 24, 2022 19:55:47.150202990 CET | 330 | OUT | |
Nov 24, 2022 19:55:48.824553967 CET | 331 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
45 | 192.168.2.6 | 49746 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:49.078874111 CET | 331 | OUT | |
Nov 24, 2022 19:55:49.145370960 CET | 332 | OUT | |
Nov 24, 2022 19:55:50.859980106 CET | 332 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
46 | 192.168.2.6 | 49747 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:51.131717920 CET | 333 | OUT | |
Nov 24, 2022 19:55:51.196275949 CET | 333 | OUT | |
Nov 24, 2022 19:55:52.860690117 CET | 334 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
47 | 192.168.2.6 | 49748 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:53.130311012 CET | 335 | OUT | |
Nov 24, 2022 19:55:53.190058947 CET | 335 | OUT | |
Nov 24, 2022 19:55:54.888387918 CET | 335 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
48 | 192.168.2.6 | 49749 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:55.139214993 CET | 336 | OUT | |
Nov 24, 2022 19:55:55.195702076 CET | 336 | OUT | |
Nov 24, 2022 19:55:57.050677061 CET | 337 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
49 | 192.168.2.6 | 49750 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:57.329298019 CET | 337 | OUT | |
Nov 24, 2022 19:55:57.396533012 CET | 338 | OUT | |
Nov 24, 2022 19:55:59.104899883 CET | 338 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
5 | 192.168.2.6 | 49702 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:25.054965973 CET | 16 | OUT | |
Nov 24, 2022 19:54:25.119462013 CET | 17 | OUT | |
Nov 24, 2022 19:54:26.773719072 CET | 106 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
50 | 192.168.2.6 | 49751 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:55:59.376338005 CET | 339 | OUT | |
Nov 24, 2022 19:55:59.436526060 CET | 339 | OUT | |
Nov 24, 2022 19:56:01.147372961 CET | 339 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
51 | 192.168.2.6 | 49752 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:56:01.434634924 CET | 340 | OUT | |
Nov 24, 2022 19:56:01.491497040 CET | 340 | OUT | |
Nov 24, 2022 19:56:03.175717115 CET | 341 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
52 | 192.168.2.6 | 49753 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:56:03.443037987 CET | 342 | OUT | |
Nov 24, 2022 19:56:03.500075102 CET | 342 | OUT | |
Nov 24, 2022 19:56:04.545300961 CET | 342 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
53 | 192.168.2.6 | 49754 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:56:04.818902016 CET | 343 | OUT | |
Nov 24, 2022 19:56:04.882036924 CET | 343 | OUT | |
Nov 24, 2022 19:56:06.628427029 CET | 344 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
54 | 192.168.2.6 | 49755 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:56:06.881876945 CET | 344 | OUT | |
Nov 24, 2022 19:56:06.938436031 CET | 345 | OUT | |
Nov 24, 2022 19:56:08.689068079 CET | 345 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
6 | 192.168.2.6 | 49705 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:27.228812933 CET | 198 | OUT | |
Nov 24, 2022 19:54:27.296644926 CET | 198 | OUT | |
Nov 24, 2022 19:54:28.634654999 CET | 198 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
7 | 192.168.2.6 | 49706 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:29.062048912 CET | 199 | OUT | |
Nov 24, 2022 19:54:29.125740051 CET | 200 | OUT | |
Nov 24, 2022 19:54:30.867233992 CET | 200 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
8 | 192.168.2.6 | 49707 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:31.276699066 CET | 201 | OUT | |
Nov 24, 2022 19:54:31.333655119 CET | 201 | OUT | |
Nov 24, 2022 19:54:33.040571928 CET | 269 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
9 | 192.168.2.6 | 49709 | 95.213.216.202 | 80 | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 24, 2022 19:54:33.518227100 CET | 270 | OUT | |
Nov 24, 2022 19:54:33.575079918 CET | 270 | OUT | |
Nov 24, 2022 19:54:35.412652016 CET | 270 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 19:54:02 |
Start date: | 24/11/2022 |
Path: | C:\Users\user\Desktop\Payment_copy28476450.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 247655 bytes |
MD5 hash: | 70E90926399154C2708801A73CF53D99 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Target ID: | 1 |
Start time: | 19:54:03 |
Start date: | 24/11/2022 |
Path: | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 340992 bytes |
MD5 hash: | 3182BEF520A1E9F52BE3755C25E4C3B0 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Antivirus matches: |
|
Reputation: | low |
Target ID: | 2 |
Start time: | 19:54:03 |
Start date: | 24/11/2022 |
Path: | C:\Windows\System32\conhost.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6da640000 |
File size: | 625664 bytes |
MD5 hash: | EA777DEEA782E8B4D7C7C33BBF8A4496 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Target ID: | 3 |
Start time: | 19:54:04 |
Start date: | 24/11/2022 |
Path: | C:\Users\user\AppData\Local\Temp\wcycejenv.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 340992 bytes |
MD5 hash: | 3182BEF520A1E9F52BE3755C25E4C3B0 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | low |
Execution Graph
Execution Coverage: | 15% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 22.9% |
Total number of Nodes: | 1272 |
Total number of Limit Nodes: | 22 |
Graph
Function 0040324F Relevance: 84.3, APIs: 26, Strings: 22, Instructions: 313stringfilecomCOMMON
Control-flow Graph
C-Code - Quality: 77% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405620 Relevance: 22.9, APIs: 9, Strings: 4, Instructions: 156filestringCOMMON
Control-flow Graph
C-Code - Quality: 94% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406333 Relevance: 5.4, APIs: 4, Instructions: 382COMMONCrypto
Control-flow Graph
C-Code - Quality: 98% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040374E Relevance: 49.2, APIs: 13, Strings: 15, Instructions: 215stringregistryCOMMON
Control-flow Graph
C-Code - Quality: 96% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402C88 Relevance: 26.5, APIs: 5, Strings: 10, Instructions: 203memoryCOMMON
Control-flow Graph
C-Code - Quality: 96% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401734 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 147stringtimeCOMMON
Control-flow Graph
C-Code - Quality: 75% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402F2E Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 109fileCOMMON
Control-flow Graph
C-Code - Quality: 93% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403059 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 108fileCOMMON
Control-flow Graph
C-Code - Quality: 94% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 85% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040601D Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 34libraryCOMMON
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 98% |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004058CF Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 46stringCOMMON
Control-flow Graph
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040555B Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 24processCOMMON
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406768 Relevance: 5.2, APIs: 4, Instructions: 236COMMON
C-Code - Quality: 99% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406969 Relevance: 5.2, APIs: 4, Instructions: 208COMMON
C-Code - Quality: 98% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040667F Relevance: 5.2, APIs: 4, Instructions: 205COMMON
C-Code - Quality: 98% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004065D2 Relevance: 5.2, APIs: 4, Instructions: 180COMMON
C-Code - Quality: 98% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004066F0 Relevance: 5.2, APIs: 4, Instructions: 170COMMON
C-Code - Quality: 98% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040663C Relevance: 5.2, APIs: 4, Instructions: 168COMMON
C-Code - Quality: 98% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 82% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401389 Relevance: 3.0, APIs: 2, Instructions: 43windowCOMMON
C-Code - Quality: 69% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004059D2 Relevance: 3.0, APIs: 2, Instructions: 16fileCOMMON
C-Code - Quality: 68% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405526 Relevance: 3.0, APIs: 2, Instructions: 9COMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004059B3 Relevance: 3.0, APIs: 2, Instructions: 9COMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403207 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405125 Relevance: 65.0, APIs: 36, Strings: 1, Instructions: 278windowclipboardmemoryCOMMON
C-Code - Quality: 95% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404936 Relevance: 63.5, APIs: 33, Strings: 3, Instructions: 478windowmemoryCOMMONCrypto
C-Code - Quality: 97% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004043F5 Relevance: 23.0, APIs: 10, Strings: 3, Instructions: 273stringCOMMON
C-Code - Quality: 78% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 74% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402654 Relevance: 1.5, APIs: 1, Instructions: 29fileCOMMON
C-Code - Quality: 39% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 83% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004040FF Relevance: 40.5, APIs: 20, Strings: 3, Instructions: 204windowstringCOMMON
C-Code - Quality: 93% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 90% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405A49 Relevance: 22.9, APIs: 11, Strings: 2, Instructions: 144filememoryCOMMON
C-Code - Quality: 93% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405D1D Relevance: 21.2, APIs: 8, Strings: 4, Instructions: 197stringCOMMON
C-Code - Quality: 74% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040401E Relevance: 12.1, APIs: 8, Instructions: 61COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 93% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004048B6 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48windowCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402B51 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 36timeCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 84% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401CC1 Relevance: 7.5, APIs: 5, Instructions: 39windowCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004047AC Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84stringCOMMON
C-Code - Quality: 77% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401BAD Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 76windowtimeCOMMON
C-Code - Quality: 51% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004057EE Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 16stringCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 59% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 90% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401D1B Relevance: 6.0, APIs: 4, Instructions: 34COMMON
C-Code - Quality: 67% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404F37 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 58windowCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405835 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 16stringCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405947 Relevance: 5.0, APIs: 4, Instructions: 30stringCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Execution Graph
Execution Coverage: | 0.6% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 1.3% |
Total number of Nodes: | 234 |
Total number of Limit Nodes: | 1 |
Graph
Function 004064B0 Relevance: 146.4, APIs: 43, Strings: 40, Instructions: 1194filememoryCOMMONCrypto
C-Code - Quality: 58% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040812D Relevance: 1.5, APIs: 1, Instructions: 3COMMON
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004078F0 Relevance: 7.6, APIs: 5, Instructions: 119COMMON
Control-flow Graph
C-Code - Quality: 60% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 84% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00432F7B Relevance: 4.5, APIs: 3, Instructions: 37COMMON
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 58% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00433C26 Relevance: 1.6, APIs: 1, Instructions: 52COMMON
Control-flow Graph
C-Code - Quality: 95% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00430BC8 Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMONLIBRARYCODE
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042E2FC Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 87% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404110 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 62windowCOMMON
C-Code - Quality: 63% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 94% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00436AF0 Relevance: 7.7, APIs: 5, Instructions: 183COMMON
C-Code - Quality: 90% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 70% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00407F97 Relevance: 6.1, APIs: 4, Instructions: 73COMMON
C-Code - Quality: 85% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004365A2 Relevance: 4.7, APIs: 3, Instructions: 205COMMON
C-Code - Quality: 92% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 78% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004083E2 Relevance: 1.6, APIs: 1, Instructions: 147COMMON
C-Code - Quality: 88% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004367F5 Relevance: 1.6, APIs: 1, Instructions: 83COMMON
C-Code - Quality: 68% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0043647C Relevance: 1.6, APIs: 1, Instructions: 63COMMON
C-Code - Quality: 91% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00430A14 Relevance: 1.6, APIs: 1, Instructions: 50COMMON
C-Code - Quality: 33% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00436A21 Relevance: 1.5, APIs: 1, Instructions: 45COMMON
C-Code - Quality: 93% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00436517 Relevance: 1.5, APIs: 1, Instructions: 41COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042C1E7 Relevance: 1.5, APIs: 1, Instructions: 33COMMON
C-Code - Quality: 83% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00436413 Relevance: 1.5, APIs: 1, Instructions: 31COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042CC9F Relevance: 1.5, APIs: 1, Instructions: 24COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042C370 Relevance: 1.5, APIs: 1, Instructions: 15COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042C33E Relevance: 1.5, APIs: 1, Instructions: 15COMMON
C-Code - Quality: 84% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042C378 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042CCDE Relevance: 1.3, Strings: 1, Instructions: 23COMMON
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00436D8B Relevance: 1.3, APIs: 1, Instructions: 5memoryCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00433B6D Relevance: .0, Instructions: 40COMMON
C-Code - Quality: 81% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00433993 Relevance: .0, Instructions: 38COMMON
C-Code - Quality: 78% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00433AF8 Relevance: .0, Instructions: 29COMMON
C-Code - Quality: 100% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00433AB4 Relevance: .0, Instructions: 29COMMON
C-Code - Quality: 100% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00433950 Relevance: .0, Instructions: 26COMMON
C-Code - Quality: 100% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0043390D Relevance: .0, Instructions: 26COMMON
C-Code - Quality: 100% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00433B3C Relevance: .0, Instructions: 22COMMONLIBRARYCODE
C-Code - Quality: 100% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004339EE Relevance: .0, Instructions: 18COMMON
C-Code - Quality: 100% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00428AA0 Relevance: .0, Instructions: 12COMMON
C-Code - Quality: 100% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040DF52 Relevance: 37.1, APIs: 20, Strings: 1, Instructions: 332COMMONLIBRARYCODE
Control-flow Graph
C-Code - Quality: 79% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00435712 Relevance: 24.6, APIs: 13, Strings: 1, Instructions: 113COMMONLIBRARYCODE
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00432FCB Relevance: 24.4, APIs: 16, Instructions: 411COMMON
C-Code - Quality: 86% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004342BD Relevance: 22.9, APIs: 15, Instructions: 357COMMON
C-Code - Quality: 93% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 91% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405220 Relevance: 19.5, APIs: 8, Strings: 3, Instructions: 291stringCOMMON
C-Code - Quality: 63% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004047C0 Relevance: 19.3, APIs: 8, Strings: 3, Instructions: 64stringwindowCOMMON
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00434865 Relevance: 18.4, APIs: 12, Instructions: 374COMMON
C-Code - Quality: 97% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00410E5C Relevance: 17.7, APIs: 6, Strings: 4, Instructions: 186COMMONLIBRARYCODE
C-Code - Quality: 74% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 97% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 78% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042D759 Relevance: 15.1, APIs: 10, Instructions: 69COMMON
C-Code - Quality: 77% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 98% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004121BF Relevance: 14.3, APIs: 4, Strings: 4, Instructions: 303COMMONLIBRARYCODE
C-Code - Quality: 72% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004011B0 Relevance: 14.0, APIs: 4, Strings: 4, Instructions: 41stringCOMMON
C-Code - Quality: 37% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00440E9D Relevance: 13.8, APIs: 9, Instructions: 301COMMON
C-Code - Quality: 82% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00434CBD Relevance: 13.7, APIs: 9, Instructions: 200COMMON
C-Code - Quality: 75% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 80% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042C71E Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 77COMMONLIBRARYCODE
C-Code - Quality: 100% |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404420 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 62windowCOMMON
C-Code - Quality: 63% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 87% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 68% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 61% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403E90 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 57memorywindowCOMMON
C-Code - Quality: 50% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004058B0 Relevance: 9.4, APIs: 1, Strings: 5, Instructions: 361stringCOMMON
C-Code - Quality: 68% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 67% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 85% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 82% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 58% |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040370D Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 110stringCOMMON
C-Code - Quality: 88% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042C8DE Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 35libraryCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00428AC2 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 30libraryloaderCOMMONLIBRARYCODE
C-Code - Quality: 25% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042A0D5 Relevance: 7.7, APIs: 5, Instructions: 186COMMON
C-Code - Quality: 76% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 75% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404330 Relevance: 7.6, APIs: 5, Instructions: 69COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0043FD3E Relevance: 7.6, APIs: 5, Instructions: 51COMMON
C-Code - Quality: 82% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 69% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 90% |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 80% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 69% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403FE0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 53stringCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040A8F7 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 43COMMONLIBRARYCODE
C-Code - Quality: 58% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040A957 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 41COMMONLIBRARYCODE
C-Code - Quality: 71% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00411916 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27libraryCOMMONLIBRARYCODE
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 85% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 67% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00430D07 Relevance: 6.1, APIs: 4, Instructions: 86COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 75% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 85% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042D8B8 Relevance: 6.1, APIs: 4, Instructions: 67COMMON
C-Code - Quality: 83% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402570 Relevance: 6.1, APIs: 4, Instructions: 55COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004432E1 Relevance: 6.0, APIs: 4, Instructions: 32COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042B3D4 Relevance: 6.0, APIs: 4, Instructions: 19COMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 97% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 92% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040FD7D Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 144COMMONLIBRARYCODE
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00412564 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 112COMMONLIBRARYCODE
C-Code - Quality: 64% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040DE94 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 69COMMONLIBRARYCODE
C-Code - Quality: 87% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 96% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 89% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040B06E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44COMMONLIBRARYCODE
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040DE2F Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 39COMMONLIBRARYCODE
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004041F0 Relevance: 5.1, APIs: 4, Instructions: 96stringCOMMON
C-Code - Quality: 86% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Execution Graph
Execution Coverage: | 31.2% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 2.2% |
Total number of Nodes: | 1846 |
Total number of Limit Nodes: | 92 |
Graph
Function 00403D74 Relevance: 14.2, APIs: 4, Strings: 4, Instructions: 200fileCOMMON
Control-flow Graph
C-Code - Quality: 85% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 78% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406069 Relevance: 1.5, APIs: 1, Instructions: 12COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404ED4 Relevance: 1.5, APIs: 1, Instructions: 9networkCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 75% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404E17 Relevance: 7.6, APIs: 5, Instructions: 72networkCOMMON
Control-flow Graph
C-Code - Quality: 37% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004040BB Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 129filememoryCOMMON
Control-flow Graph
C-Code - Quality: 74% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 79% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004042CF Relevance: 4.6, APIs: 3, Instructions: 60fileCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00412D31 Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 178threadCOMMON
C-Code - Quality: 34% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402C03 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 13libraryloaderCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 92% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402B7C Relevance: 3.0, APIs: 2, Instructions: 20memoryCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402BAB Relevance: 3.0, APIs: 2, Instructions: 11memoryCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004060BD Relevance: 1.6, APIs: 1, Instructions: 53COMMON
C-Code - Quality: 40% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403C62 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040642C Relevance: 1.5, APIs: 1, Instructions: 18COMMON
C-Code - Quality: 37% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404EEA Relevance: 1.5, APIs: 1, Instructions: 16networkCOMMON
C-Code - Quality: 37% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403BD0 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404DF3 Relevance: 1.5, APIs: 1, Instructions: 13networkCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040427D Relevance: 1.5, APIs: 1, Instructions: 13COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403C40 Relevance: 1.5, APIs: 1, Instructions: 12COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403C08 Relevance: 1.5, APIs: 1, Instructions: 12fileCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402C1F Relevance: 1.5, APIs: 1, Instructions: 12libraryCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403BEF Relevance: 1.5, APIs: 1, Instructions: 12COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403BB7 Relevance: 1.5, APIs: 1, Instructions: 12COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403B64 Relevance: 1.5, APIs: 1, Instructions: 11COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404DE5 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403F9E Relevance: 1.3, APIs: 1, Instructions: 16COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406472 Relevance: 1.3, APIs: 1, Instructions: 12sleepCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004058EA Relevance: 1.3, APIs: 1, Instructions: 12COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405924 Relevance: 1.3, APIs: 1, Instructions: 12COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040D069 Relevance: 12.6, Strings: 10, Instructions: 138COMMON
C-Code - Quality: 88% |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |