Edit tour
Windows
Analysis Report
INV.2022LB0362 FORM CO (2).exe
Overview
General Information
| Sample Name: | INV.2022LB0362 FORM CO (2).exe |
| Analysis ID: | 756310 |
| MD5: | baed30aea51e6000571219633aa745b0 |
| SHA1: | d7e3b155c00245a7f867dd2fb4c06cb7be6ec3f7 |
| SHA256: | 57520e51bb0820741b7883926800223886c491a8a5ddd517a49b0e2cc752fb18 |
| Tags: | exeLoki |
| Infos: |  |
 | |
Detection
Lokibot
| Score: | 100 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Multi AV Scanner detection for submitted file
Malicious sample detected (through community Yara rule)
Yara detected AntiVM3
Yara detected Lokibot
Antivirus detection for URL or domain
Multi AV Scanner detection for domain / URL
Snort IDS alert for network traffic
Tries to steal Mail credentials (via file / registry access)
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Yara detected aPLib compressed binary
Tries to harvest and steal ftp login credentials
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Machine Learning detection for sample
.NET source code contains potential unpacker
C2 URLs / IPs found in malware configuration
Tries to harvest and steal browser information (history, passwords, etc)
Uses 32bit PE files
Queries the volume information (name, serial number etc) of a device
Yara signature match
May sleep (evasive loops) to hinder dynamic analysis
Internet Provider seen in connection with other malware
Detected potential crypto function
Yara detected Credential Stealer
IP address seen in connection with other malware
Contains long sleeps (>= 3 min)
Enables debug privileges
Sample file is different than original file name gathered from version info
Uses a known web browser user agent for HTTP communication
Binary contains a suspicious time stamp
Creates a process in suspended mode (likely to inject code)
Classification
- System is w10x64
INV.2022LB0362 FORM CO (2).exe (PID: 6092 cmdline: C:\Users\u ser\Deskto p\INV.2022 LB0362 FOR M CO (2).e xe MD5: BAED30AEA51E6000571219633AA745B0) - INV.2022LB0362 FORM CO (2).exe (PID: 2240 cmdline:
C:\Users\u ser\Deskto p\INV.2022 LB0362 FOR M CO (2).e xe MD5: BAED30AEA51E6000571219633AA745B0) - INV.2022LB0362 FORM CO (2).exe (PID: 5164 cmdline:
C:\Users\u ser\Deskto p\INV.2022 LB0362 FOR M CO (2).e xe MD5: BAED30AEA51E6000571219633AA745B0) - INV.2022LB0362 FORM CO (2).exe (PID: 6132 cmdline:
C:\Users\u ser\Deskto p\INV.2022 LB0362 FOR M CO (2).e xe MD5: BAED30AEA51E6000571219633AA745B0)
- cleanup
{"C2 list": ["http://kbfvzoboss.bid/alien/fre.php", "http://alphastand.trade/alien/fre.php", "http://alphastand.win/alien/fre.php", "http://alphastand.top/alien/fre.php", "http://sempersim.su/gm11/fre.php"]}| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_Lokibot_1 | Yara detected Lokibot | Joe Security |
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
| JoeSecurity_aPLib_compressed_binary | Yara detected aPLib compressed binary | Joe Security | ||
| JoeSecurity_Lokibot | Yara detected Lokibot | Joe Security | ||
| Windows_Trojan_Lokibot_1f885282 | unknown | unknown |
| |
| Windows_Trojan_Lokibot_0f421617 | unknown | unknown |
| |
| Click to see the 27 entries | ||||
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| SUSP_XORed_URL_in_EXE | Detects an XORed URL in an executable | Florian Roth |
| |
| JoeSecurity_aPLib_compressed_binary | Yara detected aPLib compressed binary | Joe Security | ||
| Windows_Trojan_Lokibot_1f885282 | unknown | unknown |
| |
| Windows_Trojan_Lokibot_0f421617 | unknown | unknown |
| |
| Loki_1 | Loki Payload | kevoreilly |
| |
| Click to see the 43 entries | ||||
⊘No Sigma rule has matched
| Timestamp: | 192.168.2.395.213.216.20249705802024318 11/30/22-00:54:20.168790 |
| SID: | 2024318 |
| Source Port: | 49705 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249702802021641 11/30/22-00:54:14.871390 |
| SID: | 2021641 |
| Source Port: | 49702 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249738802024313 11/30/22-00:55:23.450513 |
| SID: | 2024313 |
| Source Port: | 49738 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249734802825766 11/30/22-00:55:16.065951 |
| SID: | 2825766 |
| Source Port: | 49734 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497272025483 11/30/22-00:55:04.982566 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49727 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249741802024313 11/30/22-00:55:29.247109 |
| SID: | 2024313 |
| Source Port: | 49741 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249701802825766 11/30/22-00:54:12.581436 |
| SID: | 2825766 |
| Source Port: | 49701 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249749802025381 11/30/22-00:55:43.976237 |
| SID: | 2025381 |
| Source Port: | 49749 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249759802825766 11/30/22-00:56:01.042444 |
| SID: | 2825766 |
| Source Port: | 49759 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249738802024318 11/30/22-00:55:23.450513 |
| SID: | 2024318 |
| Source Port: | 49738 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249735802021641 11/30/22-00:55:17.863854 |
| SID: | 2021641 |
| Source Port: | 49735 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249705802024313 11/30/22-00:54:20.168790 |
| SID: | 2024313 |
| Source Port: | 49705 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249741802024318 11/30/22-00:55:29.247109 |
| SID: | 2024318 |
| Source Port: | 49741 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497232025483 11/30/22-00:54:57.894669 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49723 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249752802025381 11/30/22-00:55:49.378987 |
| SID: | 2025381 |
| Source Port: | 49752 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249716802025381 11/30/22-00:54:43.829219 |
| SID: | 2025381 |
| Source Port: | 49716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249707802021641 11/30/22-00:54:24.716724 |
| SID: | 2021641 |
| Source Port: | 49707 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249757802025381 11/30/22-00:55:58.948901 |
| SID: | 2025381 |
| Source Port: | 49757 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249730802021641 11/30/22-00:55:08.823725 |
| SID: | 2021641 |
| Source Port: | 49730 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.861416532014169 11/30/22-00:55:12.379224 |
| SID: | 2014169 |
| Source Port: | 61416 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.38.8.8.860088532014169 11/30/22-00:55:21.529314 |
| SID: | 2014169 |
| Source Port: | 60088 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249713802024313 11/30/22-00:54:37.979213 |
| SID: | 2024313 |
| Source Port: | 49713 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249726802825766 11/30/22-00:55:01.673863 |
| SID: | 2825766 |
| Source Port: | 49726 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249713802024318 11/30/22-00:54:37.979213 |
| SID: | 2024318 |
| Source Port: | 49713 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.857743532014169 11/30/22-00:55:08.735474 |
| SID: | 2014169 |
| Source Port: | 57743 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249754802825766 11/30/22-00:55:53.496270 |
| SID: | 2825766 |
| Source Port: | 49754 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497572025483 11/30/22-00:55:59.773200 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49757 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249744802025381 11/30/22-00:55:34.401351 |
| SID: | 2025381 |
| Source Port: | 49744 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859820532014169 11/30/22-00:55:29.162121 |
| SID: | 2014169 |
| Source Port: | 59820 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.38.8.8.853305532014169 11/30/22-00:54:54.648302 |
| SID: | 2014169 |
| Source Port: | 53305 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 95.213.216.202192.168.2.380497532025483 11/30/22-00:55:52.887247 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49753 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249708802025381 11/30/22-00:54:26.803652 |
| SID: | 2025381 |
| Source Port: | 49708 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497162025483 11/30/22-00:54:45.204539 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49716 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497382025483 11/30/22-00:55:24.982216 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49738 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249758802024313 11/30/22-00:56:00.034214 |
| SID: | 2024313 |
| Source Port: | 49758 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249755802021641 11/30/22-00:55:55.653974 |
| SID: | 2021641 |
| Source Port: | 49755 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497302025483 11/30/22-00:55:10.337695 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49730 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497342025483 11/30/22-00:55:17.565495 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49734 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249758802024318 11/30/22-00:56:00.034214 |
| SID: | 2024318 |
| Source Port: | 49758 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.852387532014169 11/30/22-00:54:14.412323 |
| SID: | 2014169 |
| Source Port: | 52387 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249721802024318 11/30/22-00:54:53.572062 |
| SID: | 2024318 |
| Source Port: | 49721 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249727802021641 11/30/22-00:55:03.486766 |
| SID: | 2021641 |
| Source Port: | 49727 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249750802021641 11/30/22-00:55:45.758418 |
| SID: | 2021641 |
| Source Port: | 49750 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497122025483 11/30/22-00:54:37.552263 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49712 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249718802825766 11/30/22-00:54:47.592007 |
| SID: | 2825766 |
| Source Port: | 49718 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.851992532014169 11/30/22-00:55:36.286012 |
| SID: | 2014169 |
| Source Port: | 51992 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.38.8.8.860625532014169 11/30/22-00:54:18.863516 |
| SID: | 2014169 |
| Source Port: | 60625 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249736802025381 11/30/22-00:55:19.643476 |
| SID: | 2025381 |
| Source Port: | 49736 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249721802024313 11/30/22-00:54:53.572062 |
| SID: | 2024313 |
| Source Port: | 49721 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249746802825766 11/30/22-00:55:38.275174 |
| SID: | 2825766 |
| Source Port: | 49746 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249722802021641 11/30/22-00:54:54.732179 |
| SID: | 2021641 |
| Source Port: | 49722 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249699802025381 11/30/22-00:54:07.324934 |
| SID: | 2025381 |
| Source Port: | 49699 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249714802021641 11/30/22-00:54:39.977728 |
| SID: | 2021641 |
| Source Port: | 49714 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497492025483 11/30/22-00:55:45.483574 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49749 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249712802025381 11/30/22-00:54:35.972913 |
| SID: | 2025381 |
| Source Port: | 49712 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.857840532014169 11/30/22-00:54:09.401173 |
| SID: | 2014169 |
| Source Port: | 57840 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.38.8.8.858301532014169 11/30/22-00:55:42.001541 |
| SID: | 2014169 |
| Source Port: | 58301 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249740802025381 11/30/22-00:55:27.193434 |
| SID: | 2025381 |
| Source Port: | 49740 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497422025483 11/30/22-00:55:32.668199 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49742 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.863562532014169 11/30/22-00:55:23.368358 |
| SID: | 2014169 |
| Source Port: | 63562 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 95.213.216.202192.168.2.380497412025483 11/30/22-00:55:30.821604 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49741 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.850784532014169 11/30/22-00:55:55.557056 |
| SID: | 2014169 |
| Source Port: | 50784 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249723802021641 11/30/22-00:54:56.463103 |
| SID: | 2021641 |
| Source Port: | 49723 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249713802825766 11/30/22-00:54:37.979213 |
| SID: | 2825766 |
| Source Port: | 49713 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249726802024313 11/30/22-00:55:01.673863 |
| SID: | 2024313 |
| Source Port: | 49726 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249728802025381 11/30/22-00:55:05.285201 |
| SID: | 2025381 |
| Source Port: | 49728 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249726802024318 11/30/22-00:55:01.673863 |
| SID: | 2024318 |
| Source Port: | 49726 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249737802025381 11/30/22-00:55:21.614296 |
| SID: | 2025381 |
| Source Port: | 49737 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497112025483 11/30/22-00:54:35.462242 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49711 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.856949532014169 11/30/22-00:54:59.841953 |
| SID: | 2014169 |
| Source Port: | 56949 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249753802024318 11/30/22-00:55:51.242717 |
| SID: | 2024318 |
| Source Port: | 49753 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249753802024313 11/30/22-00:55:51.242717 |
| SID: | 2024313 |
| Source Port: | 49753 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497082025483 11/30/22-00:54:28.382639 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49708 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249714802825766 11/30/22-00:54:39.977728 |
| SID: | 2825766 |
| Source Port: | 49714 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249725802024313 11/30/22-00:54:59.930841 |
| SID: | 2024313 |
| Source Port: | 49725 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249756802025381 11/30/22-00:55:57.533680 |
| SID: | 2025381 |
| Source Port: | 49756 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.860825532014169 11/30/22-00:55:59.940841 |
| SID: | 2014169 |
| Source Port: | 60825 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249754802024313 11/30/22-00:55:53.496270 |
| SID: | 2024313 |
| Source Port: | 49754 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249748802021641 11/30/22-00:55:42.098367 |
| SID: | 2021641 |
| Source Port: | 49748 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249725802024318 11/30/22-00:54:59.930841 |
| SID: | 2024318 |
| Source Port: | 49725 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249742802021641 11/30/22-00:55:31.101064 |
| SID: | 2021641 |
| Source Port: | 49742 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249755802825766 11/30/22-00:55:55.653974 |
| SID: | 2825766 |
| Source Port: | 49755 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249754802024318 11/30/22-00:55:53.496270 |
| SID: | 2024318 |
| Source Port: | 49754 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249709802025381 11/30/22-00:54:29.164231 |
| SID: | 2025381 |
| Source Port: | 49709 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.849977532014169 11/30/22-00:54:06.875981 |
| SID: | 2014169 |
| Source Port: | 49977 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.38.8.8.856924532014169 11/30/22-00:54:16.879287 |
| SID: | 2014169 |
| Source Port: | 56924 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249700802024317 11/30/22-00:54:09.487691 |
| SID: | 2024317 |
| Source Port: | 49700 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249739802825766 11/30/22-00:55:25.267085 |
| SID: | 2825766 |
| Source Port: | 49739 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.860582532014169 11/30/22-00:54:28.778637 |
| SID: | 2014169 |
| Source Port: | 60582 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 95.213.216.202192.168.2.380497192025483 11/30/22-00:54:51.280995 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49719 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864595532014169 11/30/22-00:55:31.020256 |
| SID: | 2014169 |
| Source Port: | 64595 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249742802825766 11/30/22-00:55:31.101064 |
| SID: | 2825766 |
| Source Port: | 49742 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249700802024312 11/30/22-00:54:09.487691 |
| SID: | 2024312 |
| Source Port: | 49700 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249711802025381 11/30/22-00:54:33.859062 |
| SID: | 2025381 |
| Source Port: | 49711 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.860767532014169 11/30/22-00:54:45.460012 |
| SID: | 2014169 |
| Source Port: | 60767 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249739802021641 11/30/22-00:55:25.267085 |
| SID: | 2021641 |
| Source Port: | 49739 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249724802025381 11/30/22-00:54:58.184483 |
| SID: | 2025381 |
| Source Port: | 49724 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249751802021641 11/30/22-00:55:47.279515 |
| SID: | 2021641 |
| Source Port: | 49751 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249758802825766 11/30/22-00:56:00.034214 |
| SID: | 2825766 |
| Source Port: | 49758 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249710802021641 11/30/22-00:54:31.910937 |
| SID: | 2021641 |
| Source Port: | 49710 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249711802021641 11/30/22-00:54:33.859062 |
| SID: | 2021641 |
| Source Port: | 49711 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.849201532014169 11/30/22-00:56:00.958664 |
| SID: | 2014169 |
| Source Port: | 49201 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249729802024313 11/30/22-00:55:07.068054 |
| SID: | 2024313 |
| Source Port: | 49729 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249758802025381 11/30/22-00:56:00.034214 |
| SID: | 2025381 |
| Source Port: | 49758 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497262025483 11/30/22-00:55:03.204141 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49726 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249743802025381 11/30/22-00:55:32.962709 |
| SID: | 2025381 |
| Source Port: | 49743 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249729802024318 11/30/22-00:55:07.068054 |
| SID: | 2024318 |
| Source Port: | 49729 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249744802021641 11/30/22-00:55:34.401351 |
| SID: | 2021641 |
| Source Port: | 49744 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249726802021641 11/30/22-00:55:01.673863 |
| SID: | 2021641 |
| Source Port: | 49726 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249750802024313 11/30/22-00:55:45.758418 |
| SID: | 2024313 |
| Source Port: | 49750 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249710802825766 11/30/22-00:54:31.910937 |
| SID: | 2825766 |
| Source Port: | 49710 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497222025483 11/30/22-00:54:56.166551 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49722 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249750802024318 11/30/22-00:55:45.758418 |
| SID: | 2024318 |
| Source Port: | 49750 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249699802021641 11/30/22-00:54:07.324934 |
| SID: | 2021641 |
| Source Port: | 49699 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497202025483 11/30/22-00:54:53.259308 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49720 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249701802021641 11/30/22-00:54:12.581436 |
| SID: | 2021641 |
| Source Port: | 49701 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853623532014169 11/30/22-00:55:10.547934 |
| SID: | 2014169 |
| Source Port: | 53623 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249754802021641 11/30/22-00:55:53.496270 |
| SID: | 2021641 |
| Source Port: | 49754 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249715802025381 11/30/22-00:54:42.060768 |
| SID: | 2025381 |
| Source Port: | 49715 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.852955532014169 11/30/22-00:54:26.705694 |
| SID: | 2014169 |
| Source Port: | 52955 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249740802024313 11/30/22-00:55:27.193434 |
| SID: | 2024313 |
| Source Port: | 49740 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249740802024318 11/30/22-00:55:27.193434 |
| SID: | 2024318 |
| Source Port: | 49740 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249738802025381 11/30/22-00:55:23.450513 |
| SID: | 2025381 |
| Source Port: | 49738 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249731802021641 11/30/22-00:55:10.632751 |
| SID: | 2021641 |
| Source Port: | 49731 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249752802021641 11/30/22-00:55:49.378987 |
| SID: | 2021641 |
| Source Port: | 49752 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249703802021641 11/30/22-00:54:16.960834 |
| SID: | 2021641 |
| Source Port: | 49703 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249712802024313 11/30/22-00:54:35.972913 |
| SID: | 2024313 |
| Source Port: | 49712 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249727802825766 11/30/22-00:55:03.486766 |
| SID: | 2825766 |
| Source Port: | 49727 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249717802025381 11/30/22-00:54:45.540558 |
| SID: | 2025381 |
| Source Port: | 49717 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859581532014169 11/30/22-00:55:17.784201 |
| SID: | 2014169 |
| Source Port: | 59581 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249712802024318 11/30/22-00:54:35.972913 |
| SID: | 2024318 |
| Source Port: | 49712 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497312025483 11/30/22-00:55:12.166821 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49731 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249739802024313 11/30/22-00:55:25.267085 |
| SID: | 2024313 |
| Source Port: | 49739 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249725802025381 11/30/22-00:54:59.930841 |
| SID: | 2025381 |
| Source Port: | 49725 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.849166532014169 11/30/22-00:55:40.126118 |
| SID: | 2014169 |
| Source Port: | 49166 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.38.8.8.860749532014169 11/30/22-00:54:58.103973 |
| SID: | 2014169 |
| Source Port: | 60749 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 95.213.216.202192.168.2.380497052025483 11/30/22-00:54:21.783216 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49705 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853975532014169 11/30/22-00:54:22.160619 |
| SID: | 2014169 |
| Source Port: | 53975 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249753802025381 11/30/22-00:55:51.242717 |
| SID: | 2025381 |
| Source Port: | 49753 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249757802021641 11/30/22-00:55:58.948901 |
| SID: | 2021641 |
| Source Port: | 49757 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249716802021641 11/30/22-00:54:43.829219 |
| SID: | 2021641 |
| Source Port: | 49716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249739802024318 11/30/22-00:55:25.267085 |
| SID: | 2024318 |
| Source Port: | 49739 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249741802825766 11/30/22-00:55:29.247109 |
| SID: | 2825766 |
| Source Port: | 49741 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249700802825766 11/30/22-00:54:09.487691 |
| SID: | 2825766 |
| Source Port: | 49700 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249720802024313 11/30/22-00:54:51.608521 |
| SID: | 2024313 |
| Source Port: | 49720 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249708802024318 11/30/22-00:54:26.803652 |
| SID: | 2024318 |
| Source Port: | 49708 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497482025483 11/30/22-00:55:43.661913 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49748 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249731802825766 11/30/22-00:55:10.632751 |
| SID: | 2825766 |
| Source Port: | 49731 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249702802024313 11/30/22-00:54:14.871390 |
| SID: | 2024313 |
| Source Port: | 49702 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249720802024318 11/30/22-00:54:51.608521 |
| SID: | 2024318 |
| Source Port: | 49720 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249737802825766 11/30/22-00:55:21.614296 |
| SID: | 2825766 |
| Source Port: | 49737 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249702802024318 11/30/22-00:54:14.871390 |
| SID: | 2024318 |
| Source Port: | 49702 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249719802825766 11/30/22-00:54:49.641508 |
| SID: | 2825766 |
| Source Port: | 49719 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.863446532014169 11/30/22-00:55:43.898414 |
| SID: | 2014169 |
| Source Port: | 63446 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 95.213.216.202192.168.2.380497092025483 11/30/22-00:54:30.691043 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49709 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497432025483 11/30/22-00:55:34.122250 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49743 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249708802024313 11/30/22-00:54:26.803652 |
| SID: | 2024313 |
| Source Port: | 49708 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.858119532014169 11/30/22-00:55:38.197046 |
| SID: | 2014169 |
| Source Port: | 58119 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.38.8.8.857990532014169 11/30/22-00:54:11.706174 |
| SID: | 2014169 |
| Source Port: | 57990 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249759802024318 11/30/22-00:56:01.042444 |
| SID: | 2024318 |
| Source Port: | 49759 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249709802825766 11/30/22-00:54:29.164231 |
| SID: | 2825766 |
| Source Port: | 49709 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249730802024313 11/30/22-00:55:08.823725 |
| SID: | 2024313 |
| Source Port: | 49730 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249745802025381 11/30/22-00:55:36.377571 |
| SID: | 2025381 |
| Source Port: | 49745 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249724802021641 11/30/22-00:54:58.184483 |
| SID: | 2021641 |
| Source Port: | 49724 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249759802024313 11/30/22-00:56:01.042444 |
| SID: | 2024313 |
| Source Port: | 49759 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249703802825766 11/30/22-00:54:16.960834 |
| SID: | 2825766 |
| Source Port: | 49703 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249704802025381 11/30/22-00:54:18.966132 |
| SID: | 2025381 |
| Source Port: | 49704 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497152025483 11/30/22-00:54:43.541337 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49715 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249730802024318 11/30/22-00:55:08.823725 |
| SID: | 2024318 |
| Source Port: | 49730 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249718802024318 11/30/22-00:54:47.592007 |
| SID: | 2024318 |
| Source Port: | 49718 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864121532014169 11/30/22-00:55:57.444180 |
| SID: | 2014169 |
| Source Port: | 64121 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249719802021641 11/30/22-00:54:49.641508 |
| SID: | 2021641 |
| Source Port: | 49719 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249721802825766 11/30/22-00:54:53.572062 |
| SID: | 2825766 |
| Source Port: | 49721 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497042025483 11/30/22-00:54:19.714505 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49704 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249747802021641 11/30/22-00:55:40.214633 |
| SID: | 2021641 |
| Source Port: | 49747 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.849874532014169 11/30/22-00:55:45.675021 |
| SID: | 2014169 |
| Source Port: | 49874 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249722802025381 11/30/22-00:54:54.732179 |
| SID: | 2025381 |
| Source Port: | 49722 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249718802024313 11/30/22-00:54:47.592007 |
| SID: | 2024313 |
| Source Port: | 49718 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853428532014169 11/30/22-00:55:25.189214 |
| SID: | 2014169 |
| Source Port: | 53428 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249736802024318 11/30/22-00:55:19.643476 |
| SID: | 2024318 |
| Source Port: | 49736 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249736802024313 11/30/22-00:55:19.643476 |
| SID: | 2024313 |
| Source Port: | 49736 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249732802025381 11/30/22-00:55:12.457821 |
| SID: | 2025381 |
| Source Port: | 49732 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497592025483 11/30/22-00:56:01.793951 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49759 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249746802024318 11/30/22-00:55:38.275174 |
| SID: | 2024318 |
| Source Port: | 49746 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249749802024318 11/30/22-00:55:43.976237 |
| SID: | 2024318 |
| Source Port: | 49749 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249737802021641 11/30/22-00:55:21.614296 |
| SID: | 2021641 |
| Source Port: | 49737 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249746802024313 11/30/22-00:55:38.275174 |
| SID: | 2024313 |
| Source Port: | 49746 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497542025483 11/30/22-00:55:55.161061 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49754 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249735802025381 11/30/22-00:55:17.863854 |
| SID: | 2025381 |
| Source Port: | 49735 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249706802021641 11/30/22-00:54:22.484255 |
| SID: | 2021641 |
| Source Port: | 49706 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249734802021641 11/30/22-00:55:16.065951 |
| SID: | 2021641 |
| Source Port: | 49734 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249699802825766 11/30/22-00:54:07.324934 |
| SID: | 2825766 |
| Source Port: | 49699 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497322025483 11/30/22-00:55:13.950022 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49732 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497372025483 11/30/22-00:55:23.147009 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49737 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249749802024313 11/30/22-00:55:43.976237 |
| SID: | 2024313 |
| Source Port: | 49749 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249748802025381 11/30/22-00:55:42.098367 |
| SID: | 2025381 |
| Source Port: | 49748 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497212025483 11/30/22-00:54:54.418787 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49721 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497102025483 11/30/22-00:54:33.459515 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49710 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249733802024313 11/30/22-00:55:14.244291 |
| SID: | 2024313 |
| Source Port: | 49733 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249707802025381 11/30/22-00:54:24.716724 |
| SID: | 2025381 |
| Source Port: | 49707 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249733802024318 11/30/22-00:55:14.244291 |
| SID: | 2024318 |
| Source Port: | 49733 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.851139532014169 11/30/22-00:54:24.370686 |
| SID: | 2014169 |
| Source Port: | 51139 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249721802021641 11/30/22-00:54:53.572062 |
| SID: | 2021641 |
| Source Port: | 49721 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249747802825766 11/30/22-00:55:40.214633 |
| SID: | 2825766 |
| Source Port: | 49747 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249706802825766 11/30/22-00:54:22.484255 |
| SID: | 2825766 |
| Source Port: | 49706 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249709802021641 11/30/22-00:54:29.164231 |
| SID: | 2021641 |
| Source Port: | 49709 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.855638532014169 11/30/22-00:54:39.891168 |
| SID: | 2014169 |
| Source Port: | 55638 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.38.8.8.853466532014169 11/30/22-00:55:06.970990 |
| SID: | 2014169 |
| Source Port: | 53466 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249717802021641 11/30/22-00:54:45.540558 |
| SID: | 2021641 |
| Source Port: | 49717 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864823532014169 11/30/22-00:55:34.318234 |
| SID: | 2014169 |
| Source Port: | 64823 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249706802025381 11/30/22-00:54:22.484255 |
| SID: | 2025381 |
| Source Port: | 49706 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249716802825766 11/30/22-00:54:43.829219 |
| SID: | 2825766 |
| Source Port: | 49716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249720802021641 11/30/22-00:54:51.608521 |
| SID: | 2021641 |
| Source Port: | 49720 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865017532014169 11/30/22-00:55:05.186135 |
| SID: | 2014169 |
| Source Port: | 65017 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249734802025381 11/30/22-00:55:16.065951 |
| SID: | 2025381 |
| Source Port: | 49734 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249723802024318 11/30/22-00:54:56.463103 |
| SID: | 2024318 |
| Source Port: | 49723 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.864602532014169 11/30/22-00:55:53.393350 |
| SID: | 2014169 |
| Source Port: | 64602 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 95.213.216.202192.168.2.380497252025483 11/30/22-00:55:01.390776 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49725 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497292025483 11/30/22-00:55:08.539654 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49729 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249723802024313 11/30/22-00:54:56.463103 |
| SID: | 2024313 |
| Source Port: | 49723 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853848532014169 11/30/22-00:54:49.539403 |
| SID: | 2014169 |
| Source Port: | 53848 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249744802825766 11/30/22-00:55:34.401351 |
| SID: | 2825766 |
| Source Port: | 49744 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865107532014169 11/30/22-00:54:47.470066 |
| SID: | 2014169 |
| Source Port: | 65107 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249739802025381 11/30/22-00:55:25.267085 |
| SID: | 2025381 |
| Source Port: | 49739 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249712802021641 11/30/22-00:54:35.972913 |
| SID: | 2021641 |
| Source Port: | 49712 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249753802021641 11/30/22-00:55:51.242717 |
| SID: | 2021641 |
| Source Port: | 49753 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249725802021641 11/30/22-00:54:59.930841 |
| SID: | 2021641 |
| Source Port: | 49725 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249748802024318 11/30/22-00:55:42.098367 |
| SID: | 2024318 |
| Source Port: | 49748 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249731802024313 11/30/22-00:55:10.632751 |
| SID: | 2024313 |
| Source Port: | 49731 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249748802024313 11/30/22-00:55:42.098367 |
| SID: | 2024313 |
| Source Port: | 49748 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865196532014169 11/30/22-00:55:14.166464 |
| SID: | 2014169 |
| Source Port: | 65196 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249731802024318 11/30/22-00:55:10.632751 |
| SID: | 2024318 |
| Source Port: | 49731 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249708802825766 11/30/22-00:54:26.803652 |
| SID: | 2825766 |
| Source Port: | 49708 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249749802825766 11/30/22-00:55:43.976237 |
| SID: | 2825766 |
| Source Port: | 49749 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249743802024313 11/30/22-00:55:32.962709 |
| SID: | 2024313 |
| Source Port: | 49743 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249757802825766 11/30/22-00:55:58.948901 |
| SID: | 2825766 |
| Source Port: | 49757 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249743802024318 11/30/22-00:55:32.962709 |
| SID: | 2024318 |
| Source Port: | 49743 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249728802024318 11/30/22-00:55:05.285201 |
| SID: | 2024318 |
| Source Port: | 49728 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249750802025381 11/30/22-00:55:45.758418 |
| SID: | 2025381 |
| Source Port: | 49750 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249700802021641 11/30/22-00:54:09.487691 |
| SID: | 2021641 |
| Source Port: | 49700 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249728802024313 11/30/22-00:55:05.285201 |
| SID: | 2024313 |
| Source Port: | 49728 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249714802025381 11/30/22-00:54:39.977728 |
| SID: | 2025381 |
| Source Port: | 49714 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249724802825766 11/30/22-00:54:58.184483 |
| SID: | 2825766 |
| Source Port: | 49724 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249719802025381 11/30/22-00:54:49.641508 |
| SID: | 2025381 |
| Source Port: | 49719 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249756802024318 11/30/22-00:55:57.533680 |
| SID: | 2024318 |
| Source Port: | 49756 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249742802025381 11/30/22-00:55:31.101064 |
| SID: | 2025381 |
| Source Port: | 49742 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249733802021641 11/30/22-00:55:14.244291 |
| SID: | 2021641 |
| Source Port: | 49733 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249729802825766 11/30/22-00:55:07.068054 |
| SID: | 2825766 |
| Source Port: | 49729 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.857704532014169 11/30/22-00:54:41.979608 |
| SID: | 2014169 |
| Source Port: | 57704 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249715802024318 11/30/22-00:54:42.060768 |
| SID: | 2024318 |
| Source Port: | 49715 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249752802825766 11/30/22-00:55:49.378987 |
| SID: | 2825766 |
| Source Port: | 49752 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249756802024313 11/30/22-00:55:57.533680 |
| SID: | 2024313 |
| Source Port: | 49756 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249715802024313 11/30/22-00:54:42.060768 |
| SID: | 2024313 |
| Source Port: | 49715 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249751802024313 11/30/22-00:55:47.279515 |
| SID: | 2024313 |
| Source Port: | 49751 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249711802825766 11/30/22-00:54:33.859062 |
| SID: | 2825766 |
| Source Port: | 49711 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249751802024318 11/30/22-00:55:47.279515 |
| SID: | 2024318 |
| Source Port: | 49751 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249710802024318 11/30/22-00:54:31.910937 |
| SID: | 2024318 |
| Source Port: | 49710 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249710802024313 11/30/22-00:54:31.910937 |
| SID: | 2024313 |
| Source Port: | 49710 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249747802025381 11/30/22-00:55:40.214633 |
| SID: | 2025381 |
| Source Port: | 49747 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249701802025381 11/30/22-00:54:12.581436 |
| SID: | 2025381 |
| Source Port: | 49701 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249755802025381 11/30/22-00:55:55.653974 |
| SID: | 2025381 |
| Source Port: | 49755 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249729802021641 11/30/22-00:55:07.068054 |
| SID: | 2021641 |
| Source Port: | 49729 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497442025483 11/30/22-00:55:36.086250 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49744 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249735802024318 11/30/22-00:55:17.863854 |
| SID: | 2024318 |
| Source Port: | 49735 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.853049532014169 11/30/22-00:55:19.563471 |
| SID: | 2014169 |
| Source Port: | 53049 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249735802024313 11/30/22-00:55:17.863854 |
| SID: | 2024313 |
| Source Port: | 49735 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249744802024313 11/30/22-00:55:34.401351 |
| SID: | 2024313 |
| Source Port: | 49744 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497472025483 11/30/22-00:55:41.771804 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49747 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249744802024318 11/30/22-00:55:34.401351 |
| SID: | 2024318 |
| Source Port: | 49744 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249741802021641 11/30/22-00:55:29.247109 |
| SID: | 2021641 |
| Source Port: | 49741 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249704802825766 11/30/22-00:54:18.966132 |
| SID: | 2825766 |
| Source Port: | 49704 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249746802025381 11/30/22-00:55:38.275174 |
| SID: | 2025381 |
| Source Port: | 49746 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249732802021641 11/30/22-00:55:12.457821 |
| SID: | 2021641 |
| Source Port: | 49732 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249699802024312 11/30/22-00:54:07.324934 |
| SID: | 2024312 |
| Source Port: | 49699 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249707802024313 11/30/22-00:54:24.716724 |
| SID: | 2024313 |
| Source Port: | 49707 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497062025483 11/30/22-00:54:24.053489 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49706 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497502025483 11/30/22-00:55:46.963833 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49750 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249699802024317 11/30/22-00:54:07.324934 |
| SID: | 2024317 |
| Source Port: | 49699 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249727802025381 11/30/22-00:55:03.486766 |
| SID: | 2025381 |
| Source Port: | 49727 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865511532014169 11/30/22-00:55:27.103034 |
| SID: | 2014169 |
| Source Port: | 65511 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.38.8.8.864967532014169 11/30/22-00:55:58.869049 |
| SID: | 2014169 |
| Source Port: | 64967 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249721802025381 11/30/22-00:54:53.572062 |
| SID: | 2025381 |
| Source Port: | 49721 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249707802024318 11/30/22-00:54:24.716724 |
| SID: | 2024318 |
| Source Port: | 49707 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249713802021641 11/30/22-00:54:37.979213 |
| SID: | 2021641 |
| Source Port: | 49713 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249732802825766 11/30/22-00:55:12.457821 |
| SID: | 2825766 |
| Source Port: | 49732 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249751802825766 11/30/22-00:55:47.279515 |
| SID: | 2825766 |
| Source Port: | 49751 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497552025483 11/30/22-00:55:57.270722 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49755 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497582025483 11/30/22-00:56:00.797031 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49758 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497362025483 11/30/22-00:55:21.118367 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49736 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249703802024318 11/30/22-00:54:16.960834 |
| SID: | 2024318 |
| Source Port: | 49703 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249702802025381 11/30/22-00:54:14.871390 |
| SID: | 2025381 |
| Source Port: | 49702 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249703802024313 11/30/22-00:54:16.960834 |
| SID: | 2024313 |
| Source Port: | 49703 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.857134532014169 11/30/22-00:54:31.820802 |
| SID: | 2014169 |
| Source Port: | 57134 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249758802021641 11/30/22-00:56:00.034214 |
| SID: | 2021641 |
| Source Port: | 49758 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.858691532014169 11/30/22-00:54:53.455722 |
| SID: | 2014169 |
| Source Port: | 58691 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249736802825766 11/30/22-00:55:19.643476 |
| SID: | 2825766 |
| Source Port: | 49736 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249705802025381 11/30/22-00:54:20.168790 |
| SID: | 2025381 |
| Source Port: | 49705 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497332025483 11/30/22-00:55:15.751744 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49733 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249745802825766 11/30/22-00:55:36.377571 |
| SID: | 2825766 |
| Source Port: | 49745 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497032025483 11/30/22-00:54:18.541620 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49703 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497142025483 11/30/22-00:54:41.602416 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49714 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249716802024313 11/30/22-00:54:43.829219 |
| SID: | 2024313 |
| Source Port: | 49716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859433532014169 11/30/22-00:54:56.376062 |
| SID: | 2014169 |
| Source Port: | 59433 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249757802024313 11/30/22-00:55:58.948901 |
| SID: | 2024313 |
| Source Port: | 49757 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249717802825766 11/30/22-00:54:45.540558 |
| SID: | 2825766 |
| Source Port: | 49717 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249722802024313 11/30/22-00:54:54.732179 |
| SID: | 2024313 |
| Source Port: | 49722 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249716802024318 11/30/22-00:54:43.829219 |
| SID: | 2024318 |
| Source Port: | 49716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249759802025381 11/30/22-00:56:01.042444 |
| SID: | 2025381 |
| Source Port: | 49759 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249757802024318 11/30/22-00:55:58.948901 |
| SID: | 2024318 |
| Source Port: | 49757 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249723802825766 11/30/22-00:54:56.463103 |
| SID: | 2825766 |
| Source Port: | 49723 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249718802025381 11/30/22-00:54:47.592007 |
| SID: | 2025381 |
| Source Port: | 49718 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249730802025381 11/30/22-00:55:08.823725 |
| SID: | 2025381 |
| Source Port: | 49730 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249704802021641 11/30/22-00:54:18.966132 |
| SID: | 2021641 |
| Source Port: | 49704 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249722802024318 11/30/22-00:54:54.732179 |
| SID: | 2024318 |
| Source Port: | 49722 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249745802021641 11/30/22-00:55:36.377571 |
| SID: | 2021641 |
| Source Port: | 49745 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249714802024313 11/30/22-00:54:39.977728 |
| SID: | 2024313 |
| Source Port: | 49714 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249725802825766 11/30/22-00:54:59.930841 |
| SID: | 2825766 |
| Source Port: | 49725 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249700802025381 11/30/22-00:54:09.487691 |
| SID: | 2025381 |
| Source Port: | 49700 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249714802024318 11/30/22-00:54:39.977728 |
| SID: | 2024318 |
| Source Port: | 49714 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.858708532014169 11/30/22-00:55:15.985743 |
| SID: | 2014169 |
| Source Port: | 58708 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 95.213.216.202192.168.2.380497282025483 11/30/22-00:55:06.759571 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49728 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249732802024318 11/30/22-00:55:12.457821 |
| SID: | 2024318 |
| Source Port: | 49732 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249707802825766 11/30/22-00:54:24.716724 |
| SID: | 2825766 |
| Source Port: | 49707 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497242025483 11/30/22-00:54:59.594972 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49724 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249732802024313 11/30/22-00:55:12.457821 |
| SID: | 2024313 |
| Source Port: | 49732 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249708802021641 11/30/22-00:54:26.803652 |
| SID: | 2021641 |
| Source Port: | 49708 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249724802024318 11/30/22-00:54:58.184483 |
| SID: | 2024318 |
| Source Port: | 49724 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249759802021641 11/30/22-00:56:01.042444 |
| SID: | 2021641 |
| Source Port: | 49759 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249751802025381 11/30/22-00:55:47.279515 |
| SID: | 2025381 |
| Source Port: | 49751 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249724802024313 11/30/22-00:54:58.184483 |
| SID: | 2024313 |
| Source Port: | 49724 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249710802025381 11/30/22-00:54:31.910937 |
| SID: | 2025381 |
| Source Port: | 49710 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249715802825766 11/30/22-00:54:42.060768 |
| SID: | 2825766 |
| Source Port: | 49715 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249747802024318 11/30/22-00:55:40.214633 |
| SID: | 2024318 |
| Source Port: | 49747 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249747802024313 11/30/22-00:55:40.214633 |
| SID: | 2024313 |
| Source Port: | 49747 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249719802024313 11/30/22-00:54:49.641508 |
| SID: | 2024313 |
| Source Port: | 49719 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249743802825766 11/30/22-00:55:32.962709 |
| SID: | 2825766 |
| Source Port: | 49743 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.857571532014169 11/30/22-00:54:51.528645 |
| SID: | 2014169 |
| Source Port: | 57571 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249719802024318 11/30/22-00:54:49.641508 |
| SID: | 2024318 |
| Source Port: | 49719 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249742802024318 11/30/22-00:55:31.101064 |
| SID: | 2024318 |
| Source Port: | 49742 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.859636532014169 11/30/22-00:54:37.879679 |
| SID: | 2014169 |
| Source Port: | 59636 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249720802825766 11/30/22-00:54:51.608521 |
| SID: | 2825766 |
| Source Port: | 49720 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249742802024313 11/30/22-00:55:31.101064 |
| SID: | 2024313 |
| Source Port: | 49742 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249718802021641 11/30/22-00:54:47.592007 |
| SID: | 2021641 |
| Source Port: | 49718 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249733802025381 11/30/22-00:55:14.244291 |
| SID: | 2025381 |
| Source Port: | 49733 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249736802021641 11/30/22-00:55:19.643476 |
| SID: | 2021641 |
| Source Port: | 49736 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249746802021641 11/30/22-00:55:38.275174 |
| SID: | 2021641 |
| Source Port: | 49746 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249734802024318 11/30/22-00:55:16.065951 |
| SID: | 2024318 |
| Source Port: | 49734 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249723802025381 11/30/22-00:54:56.463103 |
| SID: | 2025381 |
| Source Port: | 49723 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249748802825766 11/30/22-00:55:42.098367 |
| SID: | 2825766 |
| Source Port: | 49748 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249737802024313 11/30/22-00:55:21.614296 |
| SID: | 2024313 |
| Source Port: | 49737 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497562025483 11/30/22-00:55:58.723099 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49756 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249702802825766 11/30/22-00:54:14.871390 |
| SID: | 2825766 |
| Source Port: | 49702 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249737802024318 11/30/22-00:55:21.614296 |
| SID: | 2024318 |
| Source Port: | 49737 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249730802825766 11/30/22-00:55:08.823725 |
| SID: | 2825766 |
| Source Port: | 49730 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249706802024313 11/30/22-00:54:22.484255 |
| SID: | 2024313 |
| Source Port: | 49706 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249734802024313 11/30/22-00:55:16.065951 |
| SID: | 2024313 |
| Source Port: | 49734 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497352025483 11/30/22-00:55:19.347023 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49735 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249706802024318 11/30/22-00:54:22.484255 |
| SID: | 2024318 |
| Source Port: | 49706 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497522025483 11/30/22-00:55:50.930381 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49752 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497172025483 11/30/22-00:54:47.032787 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49717 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249733802825766 11/30/22-00:55:14.244291 |
| SID: | 2825766 |
| Source Port: | 49733 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497392025483 11/30/22-00:55:26.908255 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49739 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249720802025381 11/30/22-00:54:51.608521 |
| SID: | 2025381 |
| Source Port: | 49720 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249749802021641 11/30/22-00:55:43.976237 |
| SID: | 2021641 |
| Source Port: | 49749 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865320532014169 11/30/22-00:54:43.751689 |
| SID: | 2014169 |
| Source Port: | 65320 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249735802825766 11/30/22-00:55:17.863854 |
| SID: | 2825766 |
| Source Port: | 49735 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.852079532014169 11/30/22-00:55:32.870195 |
| SID: | 2014169 |
| Source Port: | 52079 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 95.213.216.202192.168.2.380497012025483 11/30/22-00:54:14.085146 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49701 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249731802025381 11/30/22-00:55:10.632751 |
| SID: | 2025381 |
| Source Port: | 49731 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249709802024318 11/30/22-00:54:29.164231 |
| SID: | 2024318 |
| Source Port: | 49709 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249745802024318 11/30/22-00:55:36.377571 |
| SID: | 2024318 |
| Source Port: | 49745 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249709802024313 11/30/22-00:54:29.164231 |
| SID: | 2024313 |
| Source Port: | 49709 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249705802825766 11/30/22-00:54:20.168790 |
| SID: | 2825766 |
| Source Port: | 49705 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249745802024313 11/30/22-00:55:36.377571 |
| SID: | 2024313 |
| Source Port: | 49745 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249704802024318 11/30/22-00:54:18.966132 |
| SID: | 2024318 |
| Source Port: | 49704 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249704802024313 11/30/22-00:54:18.966132 |
| SID: | 2024313 |
| Source Port: | 49704 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249717802024313 11/30/22-00:54:45.540558 |
| SID: | 2024313 |
| Source Port: | 49717 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249722802825766 11/30/22-00:54:54.732179 |
| SID: | 2825766 |
| Source Port: | 49722 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249703802025381 11/30/22-00:54:16.960834 |
| SID: | 2025381 |
| Source Port: | 49703 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.849302532014169 11/30/22-00:54:20.078245 |
| SID: | 2014169 |
| Source Port: | 49302 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249711802024313 11/30/22-00:54:33.859062 |
| SID: | 2024313 |
| Source Port: | 49711 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249728802825766 11/30/22-00:55:05.285201 |
| SID: | 2825766 |
| Source Port: | 49728 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249705802021641 11/30/22-00:54:20.168790 |
| SID: | 2021641 |
| Source Port: | 49705 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249711802024318 11/30/22-00:54:33.859062 |
| SID: | 2024318 |
| Source Port: | 49711 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249738802021641 11/30/22-00:55:23.450513 |
| SID: | 2021641 |
| Source Port: | 49738 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865385532014169 11/30/22-00:55:49.289719 |
| SID: | 2014169 |
| Source Port: | 65385 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249740802825766 11/30/22-00:55:27.193434 |
| SID: | 2825766 |
| Source Port: | 49740 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497452025483 11/30/22-00:55:37.973570 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49745 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497462025483 11/30/22-00:55:39.906968 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49746 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497402025483 11/30/22-00:55:28.902821 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49740 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249717802024318 11/30/22-00:54:45.540558 |
| SID: | 2024318 |
| Source Port: | 49717 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249701802024313 11/30/22-00:54:12.581436 |
| SID: | 2024313 |
| Source Port: | 49701 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249738802825766 11/30/22-00:55:23.450513 |
| SID: | 2825766 |
| Source Port: | 49738 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497132025483 11/30/22-00:54:39.587400 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49713 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249701802024318 11/30/22-00:54:12.581436 |
| SID: | 2024318 |
| Source Port: | 49701 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249756802825766 11/30/22-00:55:57.533680 |
| SID: | 2825766 |
| Source Port: | 49756 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497022025483 11/30/22-00:54:16.469088 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49702 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249750802825766 11/30/22-00:55:45.758418 |
| SID: | 2825766 |
| Source Port: | 49750 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249743802021641 11/30/22-00:55:32.962709 |
| SID: | 2021641 |
| Source Port: | 49743 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249740802021641 11/30/22-00:55:27.193434 |
| SID: | 2021641 |
| Source Port: | 49740 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249729802025381 11/30/22-00:55:07.068054 |
| SID: | 2025381 |
| Source Port: | 49729 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249752802024313 11/30/22-00:55:49.378987 |
| SID: | 2024313 |
| Source Port: | 49752 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249741802025381 11/30/22-00:55:29.247109 |
| SID: | 2025381 |
| Source Port: | 49741 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249726802025381 11/30/22-00:55:01.673863 |
| SID: | 2025381 |
| Source Port: | 49726 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249752802024318 11/30/22-00:55:49.378987 |
| SID: | 2024318 |
| Source Port: | 49752 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.856042532014169 11/30/22-00:54:35.894646 |
| SID: | 2014169 |
| Source Port: | 56042 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.38.8.8.853844532014169 11/30/22-00:55:03.396283 |
| SID: | 2014169 |
| Source Port: | 53844 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.38.8.8.862050532014169 11/30/22-00:54:33.763792 |
| SID: | 2014169 |
| Source Port: | 62050 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249728802021641 11/30/22-00:55:05.285201 |
| SID: | 2021641 |
| Source Port: | 49728 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497512025483 11/30/22-00:55:49.068855 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49751 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249755802024318 11/30/22-00:55:55.653974 |
| SID: | 2024318 |
| Source Port: | 49755 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 95.213.216.202192.168.2.380497182025483 11/30/22-00:54:49.052316 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49718 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.852547532014169 11/30/22-00:55:01.596754 |
| SID: | 2014169 |
| Source Port: | 52547 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249755802024313 11/30/22-00:55:55.653974 |
| SID: | 2024313 |
| Source Port: | 49755 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249727802024318 11/30/22-00:55:03.486766 |
| SID: | 2024318 |
| Source Port: | 49727 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249713802025381 11/30/22-00:54:37.979213 |
| SID: | 2025381 |
| Source Port: | 49713 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249756802021641 11/30/22-00:55:57.533680 |
| SID: | 2021641 |
| Source Port: | 49756 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.865459532014169 11/30/22-00:55:47.178193 |
| SID: | 2014169 |
| Source Port: | 65459 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 95.213.216.202192.168.2.380497072025483 11/30/22-00:54:26.372322 |
| SID: | 2025483 |
| Source Port: | 80 |
| Destination Port: | 49707 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249715802021641 11/30/22-00:54:42.060768 |
| SID: | 2021641 |
| Source Port: | 49715 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249712802825766 11/30/22-00:54:35.972913 |
| SID: | 2825766 |
| Source Port: | 49712 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249753802825766 11/30/22-00:55:51.242717 |
| SID: | 2825766 |
| Source Port: | 49753 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.38.8.8.854153532014169 11/30/22-00:55:51.152832 |
| SID: | 2014169 |
| Source Port: | 54153 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | Potentially Bad Traffic |
| Timestamp: | 192.168.2.395.213.216.20249754802025381 11/30/22-00:55:53.496270 |
| SID: | 2025381 |
| Source Port: | 49754 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.395.213.216.20249727802024313 11/30/22-00:55:03.486766 |
| SID: | 2024313 |
| Source Port: | 49727 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
Click to jump to signature section
Show All Signature Results
AV Detection |   |
|---|
| Source: | ReversingLabs: | |||
| Source: | Virustotal: | Perma Link | ||
| Source: | Avira URL Cloud: | ||
| Source: | Virustotal: | Perma Link | ||
| Source: | Virustotal: | Perma Link | ||
| Source: | Joe Sandbox ML: | ||
| Source: | Malware Configuration Extractor: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
Networking | |
|---|
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | URLs: | ||
| Source: | URLs: | ||
| Source: | URLs: | ||
| Source: | URLs: | ||
| Source: | URLs: | ||
| Source: | ASN Name: | ||
| Source: | IP Address: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | HTTP traffic detected: | ||
| Source: | DNS traffic detected: | ||
System Summary | |
|---|
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Static PE information: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Code function: | 0_2_00FAC164 | |
| Source: | Code function: | 0_2_00FAE5B0 | |
| Source: | Code function: | 0_2_00FAE5A0 | |
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Static PE information: | ||
| Source: | ReversingLabs: | ||
| Source: | Virustotal: | ||
| Source: | Static PE information: | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | Classification label: | ||
| Source: | Static file information: | |||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Mutant created: | ||
| Source: | File read: | Jump to behavior | ||
| Source: | File read: | Jump to behavior | ||
| Source: | File read: | Jump to behavior | ||
| Source: | File read: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
Data Obfuscation | |
|---|
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | .Net Code: | ||
| Source: | .Net Code: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
Malware Analysis System Evasion | |
|---|
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Process information queried: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Process token adjusted: | Jump to behavior | ||
| Source: | Process token adjusted: | Jump to behavior | ||
| Source: | Memory allocated: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Key value queried: | Jump to behavior | ||
Stealing of Sensitive Information | |
|---|
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Valid Accounts | Windows Management Instrumentation | Path Interception | 11 Process Injection | 1 Masquerading | 2 OS Credential Dumping | 11 Security Software Discovery | Remote Services | 1 Email Collection | Exfiltration Over Other Network Medium | 1 Encrypted Channel | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
| Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Disable or Modify Tools | 1 Credentials in Registry | 1 Process Discovery | Remote Desktop Protocol | 1 Archive Collected Data | Exfiltration Over Bluetooth | 2 Non-Application Layer Protocol | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
| Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | 21 Virtualization/Sandbox Evasion | Security Account Manager | 21 Virtualization/Sandbox Evasion | SMB/Windows Admin Shares | 2 Data from Local System | Automated Exfiltration | 112 Application Layer Protocol | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
| Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | 11 Process Injection | NTDS | 1 Remote System Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | Protocol Impersonation | SIM Card Swap | Carrier Billing Fraud | |
| Cloud Accounts | Cron | Network Logon Script | Network Logon Script | 1 Obfuscated Files or Information | LSA Secrets | 13 System Information Discovery | SSH | Keylogging | Data Transfer Size Limits | Fallback Channels | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
| Replication Through Removable Media | Launchd | Rc.common | Rc.common | 12 Software Packing | Cached Domain Credentials | System Owner/User Discovery | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
| External Remote Services | Scheduled Task | Startup Items | Startup Items | 1 Timestomp | DCSync | Network Sniffing | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 71% | ReversingLabs | ByteCode-MSIL.Trojan.AgentTesla | ||
| 56% | Virustotal | Browse | ||
| 100% | Joe Sandbox ML |
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link | Download |
|---|---|---|---|---|---|
| 100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
| 100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
| 100% | Avira | TR/Crypt.XPACK.Gen | Download File |
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 25% | Virustotal | Browse |
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 25% | Virustotal | Browse | ||
| 100% | Avira URL Cloud | malware |
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| sempersim.su | 95.213.216.202 | true | true |
| unknown |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| true |
| unknown | |
| true |
| unknown | |
| true |
| unknown | |
| true |
| unknown | |
| true |
| unknown |
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false | high | |||
| false | high | |||
| false | high | |||
| false | high | |||
| false |
| unknown | ||
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 95.213.216.202 | sempersim.su | Russian Federation | 49505 | SELECTELRU | true |
| Joe Sandbox Version: | 36.0.0 Rainbow Opal |
| Analysis ID: | 756310 |
| Start date and time: | 2022-11-30 00:53:06 +01:00 |
| Joe Sandbox Product: | CloudBasic |
| Overall analysis duration: | 0h 5m 33s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Sample file name: | INV.2022LB0362 FORM CO (2).exe |
| Cookbook file name: | default.jbs |
| Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
| Number of analysed new started processes analysed: | 15 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Detection: | MAL |
| Classification: | mal100.troj.spyw.evad.winEXE@7/3@61/1 |
| EGA Information: |
|
| HDC Information: | Failed |
| HCA Information: |
|
| Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, SgrmBroker.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 8.238.190.126, 8.241.126.249, 8.241.121.126, 8.253.204.249, 8.253.204.120
- Excluded domains from analysis (whitelisted): fg.download.windowsupdate.com.c.footprint.net, fs.microsoft.com, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtAllocateVirtualMemory calls found.
- Report size getting too big, too many NtDeviceIoControlFile calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
| Time | Type | Description |
|---|---|---|
| 00:54:02 | API Interceptor |
| Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
|---|---|---|---|---|---|
| 95.213.216.202 | Get hash | malicious | Browse |
| |
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
|---|---|---|---|---|---|
| sempersim.su | Get hash | malicious | Browse |
| |
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
|---|---|---|---|---|---|
| SELECTELRU | Get hash | malicious | Browse |
| |
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
|
⊘No context
⊘No context
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\INV.2022LB0362 FORM CO (2).exe.log 
Download File
| Process: | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1216 |
| Entropy (8bit): | 5.355304211458859 |
| Encrypted: | false |
| SSDEEP: | 24:MLUE4K5E4Ks2E1qE4qXKDE4KhK3VZ9pKhPKIE4oKFKHKoZAE4Kzr7FE4x84j:MIHK5HKXE1qHiYHKhQnoPtHoxHhAHKzr |
| MD5: | FED34146BF2F2FA59DCF8702FCC8232E |
| SHA1: | B03BFEA175989D989850CF06FE5E7BBF56EAA00A |
| SHA-256: | 123BE4E3590609A008E85501243AF5BC53FA0C26C82A92881B8879524F8C0D5C |
| SHA-512: | 1CC89F2ED1DBD70628FA1DC41A32BA0BFA3E81EAE1A1CF3C5F6A48F2DA0BF1F21A5001B8A18B04043C5B8FE4FBE663068D86AA8C4BD8E17933F75687C3178FF6 |
| Malicious: | true |
| Reputation: | high, very likely benign file |
| Preview: |
| Process: | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:U:U |
| MD5: | C4CA4238A0B923820DCC509A6F75849B |
| SHA1: | 356A192B7913B04C54574D18C28D46E6395428AB |
| SHA-256: | 6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B |
| SHA-512: | 4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A |
| Malicious: | false |
| Reputation: | high, very likely benign file |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\414045e2d09286d5db2581e0d955d358_d06ed635-68f6-4e9a-955c-4899f5f57b9a
Download File
| Process: | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 46 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:: |
| MD5: | D898504A722BFF1524134C6AB6A5EAA5 |
| SHA1: | E0FDC90C2CA2A0219C99D2758E68C18875A3E11E |
| SHA-256: | 878F32F76B159494F5A39F9321616C6068CDB82E88DF89BCC739BBC1EA78E1F9 |
| SHA-512: | 26A4398BFFB0C0AEF9A6EC53CD3367A2D0ABF2F70097F711BBBF1E9E32FD9F1A72121691BB6A39EEB55D596EDD527934E541B4DEFB3B1426B1D1A6429804DC61 |
| Malicious: | false |
| Reputation: | high, very likely benign file |
| Preview: |
| File type: | |
| Entropy (8bit): | 7.565543571702018 |
| TrID: |
|
| File name: | INV.2022LB0362 FORM CO (2).exe |
| File size: | 865280 |
| MD5: | baed30aea51e6000571219633aa745b0 |
| SHA1: | d7e3b155c00245a7f867dd2fb4c06cb7be6ec3f7 |
| SHA256: | 57520e51bb0820741b7883926800223886c491a8a5ddd517a49b0e2cc752fb18 |
| SHA512: | 4f19e423fc1bdbba152a570e5382bd2eabdf04ca335cdc1ed286287740c153c7a34d3a661abaf01f124870f9bd3de2e9321e66114f5bedea16131bd77de2b786 |
| SSDEEP: | 24576:GM+L74mBfNUstzoB1ERZcSMI2PmVl9kiYxM9aE3r8JN:F+RiSMHmgu9HI |
| TLSH: | 91054A4F2B7FDEF0EA245CFB221457039D3651DABA8BCA7883984BC660F161C5B74864 |
| File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....k................0..*..........vH... ...`....@.. ....................................@................................ |
 | |
| Icon Hash: | 00828e8e8686b000 |
| Entrypoint: | 0x4d4876 |
| Entrypoint Section: | .text |
| Digitally signed: | false |
| Imagebase: | 0x400000 |
| Subsystem: | windows gui |
| Image File Characteristics: | EXECUTABLE_IMAGE, 32BIT_MACHINE |
| DLL Characteristics: | DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE |
| Time Stamp: | 0xDBD76B81 [Sat Nov 16 23:34:25 2086 UTC] |
| TLS Callbacks: | |
| CLR (.Net) Version: | |
| OS Version Major: | 4 |
| OS Version Minor: | 0 |
| File Version Major: | 4 |
| File Version Minor: | 0 |
| Subsystem Version Major: | 4 |
| Subsystem Version Minor: | 0 |
| Import Hash: | f34d5f2d4577ed6d9ceec516c1f5a744 |
| Instruction |
|---|
| jmp dword ptr [00402000h] |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| Name | Virtual Address | Virtual Size | Is in Section |
|---|---|---|---|
| IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IMPORT | 0xd4824 | 0x4f | .text |
| IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd6000 | 0x5cc | .rsrc |
| IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xd8000 | 0xc | .reloc |
| IMAGE_DIRECTORY_ENTRY_DEBUG | 0xd4808 | 0x1c | .text |
| IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IAT | 0x2000 | 0x8 | .text |
| IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x2008 | 0x48 | .text |
| IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
| Name | Virtual Address | Virtual Size | Raw Size | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
|---|---|---|---|---|---|---|---|---|
| .text | 0x2000 | 0xd287c | 0xd2a00 | False | 0.8132742952522255 | data | 7.568253289628953 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
| .rsrc | 0xd6000 | 0x5cc | 0x600 | False | 0.4264322916666667 | data | 4.114856973981248 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .reloc | 0xd8000 | 0xc | 0x200 | False | 0.044921875 | data | 0.10191042566270775 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
| Name | RVA | Size | Type | Language | Country |
|---|---|---|---|---|---|
| RT_VERSION | 0xd6090 | 0x33c | data | ||
| RT_MANIFEST | 0xd63dc | 0x1ea | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators |
| DLL | Import |
|---|---|
| mscoree.dll | _CorExeMain |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node| Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|---|---|---|
| 192.168.2.395.213.216.20249705802024318 11/30/22-00:54:20.168790 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249702802021641 11/30/22-00:54:14.871390 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249738802024313 11/30/22-00:55:23.450513 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249734802825766 11/30/22-00:55:16.065951 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497272025483 11/30/22-00:55:04.982566 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49727 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249741802024313 11/30/22-00:55:29.247109 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249701802825766 11/30/22-00:54:12.581436 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249749802025381 11/30/22-00:55:43.976237 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249759802825766 11/30/22-00:56:01.042444 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249738802024318 11/30/22-00:55:23.450513 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249735802021641 11/30/22-00:55:17.863854 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249705802024313 11/30/22-00:54:20.168790 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249741802024318 11/30/22-00:55:29.247109 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497232025483 11/30/22-00:54:57.894669 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49723 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249752802025381 11/30/22-00:55:49.378987 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249716802025381 11/30/22-00:54:43.829219 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249707802021641 11/30/22-00:54:24.716724 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249757802025381 11/30/22-00:55:58.948901 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249730802021641 11/30/22-00:55:08.823725 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.861416532014169 11/30/22-00:55:12.379224 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 61416 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.38.8.8.860088532014169 11/30/22-00:55:21.529314 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60088 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249713802024313 11/30/22-00:54:37.979213 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249726802825766 11/30/22-00:55:01.673863 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249713802024318 11/30/22-00:54:37.979213 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.857743532014169 11/30/22-00:55:08.735474 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57743 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249754802825766 11/30/22-00:55:53.496270 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497572025483 11/30/22-00:55:59.773200 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49757 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249744802025381 11/30/22-00:55:34.401351 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.859820532014169 11/30/22-00:55:29.162121 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 59820 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.38.8.8.853305532014169 11/30/22-00:54:54.648302 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53305 | 53 | 192.168.2.3 | 8.8.8.8 |
| 95.213.216.202192.168.2.380497532025483 11/30/22-00:55:52.887247 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49753 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249708802025381 11/30/22-00:54:26.803652 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497162025483 11/30/22-00:54:45.204539 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49716 | 95.213.216.202 | 192.168.2.3 |
| 95.213.216.202192.168.2.380497382025483 11/30/22-00:55:24.982216 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49738 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249758802024313 11/30/22-00:56:00.034214 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249755802021641 11/30/22-00:55:55.653974 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497302025483 11/30/22-00:55:10.337695 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49730 | 95.213.216.202 | 192.168.2.3 |
| 95.213.216.202192.168.2.380497342025483 11/30/22-00:55:17.565495 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49734 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249758802024318 11/30/22-00:56:00.034214 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.852387532014169 11/30/22-00:54:14.412323 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 52387 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249721802024318 11/30/22-00:54:53.572062 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249727802021641 11/30/22-00:55:03.486766 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249750802021641 11/30/22-00:55:45.758418 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497122025483 11/30/22-00:54:37.552263 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49712 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249718802825766 11/30/22-00:54:47.592007 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.851992532014169 11/30/22-00:55:36.286012 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 51992 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.38.8.8.860625532014169 11/30/22-00:54:18.863516 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60625 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249736802025381 11/30/22-00:55:19.643476 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249721802024313 11/30/22-00:54:53.572062 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249746802825766 11/30/22-00:55:38.275174 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249722802021641 11/30/22-00:54:54.732179 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249699802025381 11/30/22-00:54:07.324934 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249714802021641 11/30/22-00:54:39.977728 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497492025483 11/30/22-00:55:45.483574 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49749 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249712802025381 11/30/22-00:54:35.972913 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.857840532014169 11/30/22-00:54:09.401173 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57840 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.38.8.8.858301532014169 11/30/22-00:55:42.001541 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 58301 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249740802025381 11/30/22-00:55:27.193434 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497422025483 11/30/22-00:55:32.668199 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49742 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.38.8.8.863562532014169 11/30/22-00:55:23.368358 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 63562 | 53 | 192.168.2.3 | 8.8.8.8 |
| 95.213.216.202192.168.2.380497412025483 11/30/22-00:55:30.821604 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49741 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.38.8.8.850784532014169 11/30/22-00:55:55.557056 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 50784 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249723802021641 11/30/22-00:54:56.463103 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249713802825766 11/30/22-00:54:37.979213 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249726802024313 11/30/22-00:55:01.673863 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249728802025381 11/30/22-00:55:05.285201 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249726802024318 11/30/22-00:55:01.673863 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249737802025381 11/30/22-00:55:21.614296 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497112025483 11/30/22-00:54:35.462242 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49711 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.38.8.8.856949532014169 11/30/22-00:54:59.841953 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 56949 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249753802024318 11/30/22-00:55:51.242717 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249753802024313 11/30/22-00:55:51.242717 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497082025483 11/30/22-00:54:28.382639 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49708 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249714802825766 11/30/22-00:54:39.977728 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249725802024313 11/30/22-00:54:59.930841 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249756802025381 11/30/22-00:55:57.533680 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.860825532014169 11/30/22-00:55:59.940841 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60825 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249754802024313 11/30/22-00:55:53.496270 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249748802021641 11/30/22-00:55:42.098367 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249725802024318 11/30/22-00:54:59.930841 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249742802021641 11/30/22-00:55:31.101064 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249755802825766 11/30/22-00:55:55.653974 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249754802024318 11/30/22-00:55:53.496270 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249709802025381 11/30/22-00:54:29.164231 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.849977532014169 11/30/22-00:54:06.875981 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 49977 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.38.8.8.856924532014169 11/30/22-00:54:16.879287 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 56924 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249700802024317 11/30/22-00:54:09.487691 | TCP | 2024317 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249739802825766 11/30/22-00:55:25.267085 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.860582532014169 11/30/22-00:54:28.778637 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60582 | 53 | 192.168.2.3 | 8.8.8.8 |
| 95.213.216.202192.168.2.380497192025483 11/30/22-00:54:51.280995 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49719 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.38.8.8.864595532014169 11/30/22-00:55:31.020256 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 64595 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249742802825766 11/30/22-00:55:31.101064 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249700802024312 11/30/22-00:54:09.487691 | TCP | 2024312 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249711802025381 11/30/22-00:54:33.859062 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.860767532014169 11/30/22-00:54:45.460012 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60767 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249739802021641 11/30/22-00:55:25.267085 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249724802025381 11/30/22-00:54:58.184483 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249751802021641 11/30/22-00:55:47.279515 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249758802825766 11/30/22-00:56:00.034214 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249710802021641 11/30/22-00:54:31.910937 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249711802021641 11/30/22-00:54:33.859062 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.849201532014169 11/30/22-00:56:00.958664 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 49201 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249729802024313 11/30/22-00:55:07.068054 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249758802025381 11/30/22-00:56:00.034214 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497262025483 11/30/22-00:55:03.204141 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49726 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249743802025381 11/30/22-00:55:32.962709 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249729802024318 11/30/22-00:55:07.068054 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249744802021641 11/30/22-00:55:34.401351 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249726802021641 11/30/22-00:55:01.673863 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249750802024313 11/30/22-00:55:45.758418 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249710802825766 11/30/22-00:54:31.910937 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497222025483 11/30/22-00:54:56.166551 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49722 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249750802024318 11/30/22-00:55:45.758418 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249699802021641 11/30/22-00:54:07.324934 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497202025483 11/30/22-00:54:53.259308 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49720 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249701802021641 11/30/22-00:54:12.581436 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.853623532014169 11/30/22-00:55:10.547934 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53623 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249754802021641 11/30/22-00:55:53.496270 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249715802025381 11/30/22-00:54:42.060768 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.852955532014169 11/30/22-00:54:26.705694 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 52955 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249740802024313 11/30/22-00:55:27.193434 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249740802024318 11/30/22-00:55:27.193434 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249738802025381 11/30/22-00:55:23.450513 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249731802021641 11/30/22-00:55:10.632751 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249752802021641 11/30/22-00:55:49.378987 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249703802021641 11/30/22-00:54:16.960834 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249712802024313 11/30/22-00:54:35.972913 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249727802825766 11/30/22-00:55:03.486766 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249717802025381 11/30/22-00:54:45.540558 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.859581532014169 11/30/22-00:55:17.784201 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 59581 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249712802024318 11/30/22-00:54:35.972913 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497312025483 11/30/22-00:55:12.166821 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49731 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249739802024313 11/30/22-00:55:25.267085 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249725802025381 11/30/22-00:54:59.930841 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.849166532014169 11/30/22-00:55:40.126118 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 49166 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.38.8.8.860749532014169 11/30/22-00:54:58.103973 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60749 | 53 | 192.168.2.3 | 8.8.8.8 |
| 95.213.216.202192.168.2.380497052025483 11/30/22-00:54:21.783216 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49705 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.38.8.8.853975532014169 11/30/22-00:54:22.160619 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53975 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249753802025381 11/30/22-00:55:51.242717 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249757802021641 11/30/22-00:55:58.948901 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249716802021641 11/30/22-00:54:43.829219 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249739802024318 11/30/22-00:55:25.267085 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249741802825766 11/30/22-00:55:29.247109 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249700802825766 11/30/22-00:54:09.487691 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249720802024313 11/30/22-00:54:51.608521 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249708802024318 11/30/22-00:54:26.803652 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497482025483 11/30/22-00:55:43.661913 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49748 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249731802825766 11/30/22-00:55:10.632751 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249702802024313 11/30/22-00:54:14.871390 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249720802024318 11/30/22-00:54:51.608521 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249737802825766 11/30/22-00:55:21.614296 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249702802024318 11/30/22-00:54:14.871390 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249719802825766 11/30/22-00:54:49.641508 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.863446532014169 11/30/22-00:55:43.898414 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 63446 | 53 | 192.168.2.3 | 8.8.8.8 |
| 95.213.216.202192.168.2.380497092025483 11/30/22-00:54:30.691043 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49709 | 95.213.216.202 | 192.168.2.3 |
| 95.213.216.202192.168.2.380497432025483 11/30/22-00:55:34.122250 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49743 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249708802024313 11/30/22-00:54:26.803652 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.858119532014169 11/30/22-00:55:38.197046 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 58119 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.38.8.8.857990532014169 11/30/22-00:54:11.706174 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57990 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249759802024318 11/30/22-00:56:01.042444 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249709802825766 11/30/22-00:54:29.164231 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249730802024313 11/30/22-00:55:08.823725 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249745802025381 11/30/22-00:55:36.377571 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249724802021641 11/30/22-00:54:58.184483 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249759802024313 11/30/22-00:56:01.042444 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249703802825766 11/30/22-00:54:16.960834 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249704802025381 11/30/22-00:54:18.966132 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497152025483 11/30/22-00:54:43.541337 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49715 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249730802024318 11/30/22-00:55:08.823725 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249718802024318 11/30/22-00:54:47.592007 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.864121532014169 11/30/22-00:55:57.444180 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 64121 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249719802021641 11/30/22-00:54:49.641508 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249721802825766 11/30/22-00:54:53.572062 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497042025483 11/30/22-00:54:19.714505 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49704 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249747802021641 11/30/22-00:55:40.214633 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.849874532014169 11/30/22-00:55:45.675021 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 49874 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249722802025381 11/30/22-00:54:54.732179 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249718802024313 11/30/22-00:54:47.592007 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.853428532014169 11/30/22-00:55:25.189214 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53428 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249736802024318 11/30/22-00:55:19.643476 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249736802024313 11/30/22-00:55:19.643476 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249732802025381 11/30/22-00:55:12.457821 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497592025483 11/30/22-00:56:01.793951 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49759 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249746802024318 11/30/22-00:55:38.275174 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249749802024318 11/30/22-00:55:43.976237 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249737802021641 11/30/22-00:55:21.614296 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249746802024313 11/30/22-00:55:38.275174 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497542025483 11/30/22-00:55:55.161061 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49754 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249735802025381 11/30/22-00:55:17.863854 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249706802021641 11/30/22-00:54:22.484255 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249734802021641 11/30/22-00:55:16.065951 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249699802825766 11/30/22-00:54:07.324934 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497322025483 11/30/22-00:55:13.950022 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49732 | 95.213.216.202 | 192.168.2.3 |
| 95.213.216.202192.168.2.380497372025483 11/30/22-00:55:23.147009 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49737 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249749802024313 11/30/22-00:55:43.976237 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249748802025381 11/30/22-00:55:42.098367 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497212025483 11/30/22-00:54:54.418787 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49721 | 95.213.216.202 | 192.168.2.3 |
| 95.213.216.202192.168.2.380497102025483 11/30/22-00:54:33.459515 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49710 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249733802024313 11/30/22-00:55:14.244291 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249707802025381 11/30/22-00:54:24.716724 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249733802024318 11/30/22-00:55:14.244291 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.851139532014169 11/30/22-00:54:24.370686 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 51139 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249721802021641 11/30/22-00:54:53.572062 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249747802825766 11/30/22-00:55:40.214633 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249706802825766 11/30/22-00:54:22.484255 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249709802021641 11/30/22-00:54:29.164231 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.855638532014169 11/30/22-00:54:39.891168 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 55638 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.38.8.8.853466532014169 11/30/22-00:55:06.970990 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53466 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249717802021641 11/30/22-00:54:45.540558 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.864823532014169 11/30/22-00:55:34.318234 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 64823 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249706802025381 11/30/22-00:54:22.484255 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249716802825766 11/30/22-00:54:43.829219 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249720802021641 11/30/22-00:54:51.608521 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.865017532014169 11/30/22-00:55:05.186135 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65017 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249734802025381 11/30/22-00:55:16.065951 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249723802024318 11/30/22-00:54:56.463103 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.864602532014169 11/30/22-00:55:53.393350 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 64602 | 53 | 192.168.2.3 | 8.8.8.8 |
| 95.213.216.202192.168.2.380497252025483 11/30/22-00:55:01.390776 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49725 | 95.213.216.202 | 192.168.2.3 |
| 95.213.216.202192.168.2.380497292025483 11/30/22-00:55:08.539654 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49729 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249723802024313 11/30/22-00:54:56.463103 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.853848532014169 11/30/22-00:54:49.539403 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53848 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249744802825766 11/30/22-00:55:34.401351 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.865107532014169 11/30/22-00:54:47.470066 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65107 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249739802025381 11/30/22-00:55:25.267085 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249712802021641 11/30/22-00:54:35.972913 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249753802021641 11/30/22-00:55:51.242717 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249725802021641 11/30/22-00:54:59.930841 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249748802024318 11/30/22-00:55:42.098367 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249731802024313 11/30/22-00:55:10.632751 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249748802024313 11/30/22-00:55:42.098367 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.865196532014169 11/30/22-00:55:14.166464 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65196 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249731802024318 11/30/22-00:55:10.632751 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249708802825766 11/30/22-00:54:26.803652 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249749802825766 11/30/22-00:55:43.976237 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249743802024313 11/30/22-00:55:32.962709 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249757802825766 11/30/22-00:55:58.948901 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249743802024318 11/30/22-00:55:32.962709 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249728802024318 11/30/22-00:55:05.285201 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249750802025381 11/30/22-00:55:45.758418 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249700802021641 11/30/22-00:54:09.487691 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249728802024313 11/30/22-00:55:05.285201 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249714802025381 11/30/22-00:54:39.977728 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249724802825766 11/30/22-00:54:58.184483 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249719802025381 11/30/22-00:54:49.641508 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249756802024318 11/30/22-00:55:57.533680 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249742802025381 11/30/22-00:55:31.101064 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249733802021641 11/30/22-00:55:14.244291 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249729802825766 11/30/22-00:55:07.068054 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.857704532014169 11/30/22-00:54:41.979608 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57704 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249715802024318 11/30/22-00:54:42.060768 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249752802825766 11/30/22-00:55:49.378987 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249756802024313 11/30/22-00:55:57.533680 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249715802024313 11/30/22-00:54:42.060768 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249751802024313 11/30/22-00:55:47.279515 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249711802825766 11/30/22-00:54:33.859062 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249751802024318 11/30/22-00:55:47.279515 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249710802024318 11/30/22-00:54:31.910937 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249710802024313 11/30/22-00:54:31.910937 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249747802025381 11/30/22-00:55:40.214633 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249701802025381 11/30/22-00:54:12.581436 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249755802025381 11/30/22-00:55:55.653974 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249729802021641 11/30/22-00:55:07.068054 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497442025483 11/30/22-00:55:36.086250 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49744 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249735802024318 11/30/22-00:55:17.863854 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.853049532014169 11/30/22-00:55:19.563471 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53049 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249735802024313 11/30/22-00:55:17.863854 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249744802024313 11/30/22-00:55:34.401351 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497472025483 11/30/22-00:55:41.771804 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49747 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249744802024318 11/30/22-00:55:34.401351 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249741802021641 11/30/22-00:55:29.247109 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249704802825766 11/30/22-00:54:18.966132 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249746802025381 11/30/22-00:55:38.275174 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249732802021641 11/30/22-00:55:12.457821 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249699802024312 11/30/22-00:54:07.324934 | TCP | 2024312 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249707802024313 11/30/22-00:54:24.716724 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497062025483 11/30/22-00:54:24.053489 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49706 | 95.213.216.202 | 192.168.2.3 |
| 95.213.216.202192.168.2.380497502025483 11/30/22-00:55:46.963833 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49750 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249699802024317 11/30/22-00:54:07.324934 | TCP | 2024317 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249727802025381 11/30/22-00:55:03.486766 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.865511532014169 11/30/22-00:55:27.103034 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65511 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.38.8.8.864967532014169 11/30/22-00:55:58.869049 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 64967 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249721802025381 11/30/22-00:54:53.572062 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249707802024318 11/30/22-00:54:24.716724 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249713802021641 11/30/22-00:54:37.979213 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249732802825766 11/30/22-00:55:12.457821 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249751802825766 11/30/22-00:55:47.279515 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497552025483 11/30/22-00:55:57.270722 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49755 | 95.213.216.202 | 192.168.2.3 |
| 95.213.216.202192.168.2.380497582025483 11/30/22-00:56:00.797031 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49758 | 95.213.216.202 | 192.168.2.3 |
| 95.213.216.202192.168.2.380497362025483 11/30/22-00:55:21.118367 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49736 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249703802024318 11/30/22-00:54:16.960834 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249702802025381 11/30/22-00:54:14.871390 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249703802024313 11/30/22-00:54:16.960834 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.857134532014169 11/30/22-00:54:31.820802 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57134 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249758802021641 11/30/22-00:56:00.034214 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.858691532014169 11/30/22-00:54:53.455722 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 58691 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249736802825766 11/30/22-00:55:19.643476 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249705802025381 11/30/22-00:54:20.168790 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497332025483 11/30/22-00:55:15.751744 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49733 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249745802825766 11/30/22-00:55:36.377571 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497032025483 11/30/22-00:54:18.541620 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49703 | 95.213.216.202 | 192.168.2.3 |
| 95.213.216.202192.168.2.380497142025483 11/30/22-00:54:41.602416 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49714 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249716802024313 11/30/22-00:54:43.829219 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.859433532014169 11/30/22-00:54:56.376062 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 59433 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249757802024313 11/30/22-00:55:58.948901 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249717802825766 11/30/22-00:54:45.540558 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249722802024313 11/30/22-00:54:54.732179 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249716802024318 11/30/22-00:54:43.829219 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249759802025381 11/30/22-00:56:01.042444 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249757802024318 11/30/22-00:55:58.948901 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249723802825766 11/30/22-00:54:56.463103 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249718802025381 11/30/22-00:54:47.592007 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249730802025381 11/30/22-00:55:08.823725 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249704802021641 11/30/22-00:54:18.966132 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249722802024318 11/30/22-00:54:54.732179 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249745802021641 11/30/22-00:55:36.377571 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249714802024313 11/30/22-00:54:39.977728 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249725802825766 11/30/22-00:54:59.930841 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249700802025381 11/30/22-00:54:09.487691 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249714802024318 11/30/22-00:54:39.977728 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.858708532014169 11/30/22-00:55:15.985743 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 58708 | 53 | 192.168.2.3 | 8.8.8.8 |
| 95.213.216.202192.168.2.380497282025483 11/30/22-00:55:06.759571 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49728 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249732802024318 11/30/22-00:55:12.457821 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249707802825766 11/30/22-00:54:24.716724 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497242025483 11/30/22-00:54:59.594972 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49724 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249732802024313 11/30/22-00:55:12.457821 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249708802021641 11/30/22-00:54:26.803652 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249724802024318 11/30/22-00:54:58.184483 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249759802021641 11/30/22-00:56:01.042444 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249751802025381 11/30/22-00:55:47.279515 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249724802024313 11/30/22-00:54:58.184483 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249710802025381 11/30/22-00:54:31.910937 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249715802825766 11/30/22-00:54:42.060768 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249747802024318 11/30/22-00:55:40.214633 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249747802024313 11/30/22-00:55:40.214633 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249719802024313 11/30/22-00:54:49.641508 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249743802825766 11/30/22-00:55:32.962709 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.857571532014169 11/30/22-00:54:51.528645 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57571 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249719802024318 11/30/22-00:54:49.641508 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249742802024318 11/30/22-00:55:31.101064 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.859636532014169 11/30/22-00:54:37.879679 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 59636 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249720802825766 11/30/22-00:54:51.608521 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249742802024313 11/30/22-00:55:31.101064 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249718802021641 11/30/22-00:54:47.592007 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249733802025381 11/30/22-00:55:14.244291 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249736802021641 11/30/22-00:55:19.643476 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249746802021641 11/30/22-00:55:38.275174 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249734802024318 11/30/22-00:55:16.065951 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249723802025381 11/30/22-00:54:56.463103 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249748802825766 11/30/22-00:55:42.098367 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249737802024313 11/30/22-00:55:21.614296 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497562025483 11/30/22-00:55:58.723099 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49756 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249702802825766 11/30/22-00:54:14.871390 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249737802024318 11/30/22-00:55:21.614296 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249730802825766 11/30/22-00:55:08.823725 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249706802024313 11/30/22-00:54:22.484255 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249734802024313 11/30/22-00:55:16.065951 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497352025483 11/30/22-00:55:19.347023 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49735 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249706802024318 11/30/22-00:54:22.484255 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497522025483 11/30/22-00:55:50.930381 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49752 | 95.213.216.202 | 192.168.2.3 |
| 95.213.216.202192.168.2.380497172025483 11/30/22-00:54:47.032787 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49717 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249733802825766 11/30/22-00:55:14.244291 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497392025483 11/30/22-00:55:26.908255 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49739 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249720802025381 11/30/22-00:54:51.608521 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249749802021641 11/30/22-00:55:43.976237 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.865320532014169 11/30/22-00:54:43.751689 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65320 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249735802825766 11/30/22-00:55:17.863854 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.852079532014169 11/30/22-00:55:32.870195 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 52079 | 53 | 192.168.2.3 | 8.8.8.8 |
| 95.213.216.202192.168.2.380497012025483 11/30/22-00:54:14.085146 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49701 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249731802025381 11/30/22-00:55:10.632751 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249709802024318 11/30/22-00:54:29.164231 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249745802024318 11/30/22-00:55:36.377571 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249709802024313 11/30/22-00:54:29.164231 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249705802825766 11/30/22-00:54:20.168790 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249745802024313 11/30/22-00:55:36.377571 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249704802024318 11/30/22-00:54:18.966132 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249704802024313 11/30/22-00:54:18.966132 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249717802024313 11/30/22-00:54:45.540558 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249722802825766 11/30/22-00:54:54.732179 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249703802025381 11/30/22-00:54:16.960834 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.849302532014169 11/30/22-00:54:20.078245 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 49302 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249711802024313 11/30/22-00:54:33.859062 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249728802825766 11/30/22-00:55:05.285201 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249705802021641 11/30/22-00:54:20.168790 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249711802024318 11/30/22-00:54:33.859062 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249738802021641 11/30/22-00:55:23.450513 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.865385532014169 11/30/22-00:55:49.289719 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65385 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249740802825766 11/30/22-00:55:27.193434 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497452025483 11/30/22-00:55:37.973570 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49745 | 95.213.216.202 | 192.168.2.3 |
| 95.213.216.202192.168.2.380497462025483 11/30/22-00:55:39.906968 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49746 | 95.213.216.202 | 192.168.2.3 |
| 95.213.216.202192.168.2.380497402025483 11/30/22-00:55:28.902821 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49740 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249717802024318 11/30/22-00:54:45.540558 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249701802024313 11/30/22-00:54:12.581436 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249738802825766 11/30/22-00:55:23.450513 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497132025483 11/30/22-00:54:39.587400 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49713 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249701802024318 11/30/22-00:54:12.581436 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249756802825766 11/30/22-00:55:57.533680 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497022025483 11/30/22-00:54:16.469088 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49702 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249750802825766 11/30/22-00:55:45.758418 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249743802021641 11/30/22-00:55:32.962709 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249740802021641 11/30/22-00:55:27.193434 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249729802025381 11/30/22-00:55:07.068054 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249752802024313 11/30/22-00:55:49.378987 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249741802025381 11/30/22-00:55:29.247109 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249726802025381 11/30/22-00:55:01.673863 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249752802024318 11/30/22-00:55:49.378987 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.856042532014169 11/30/22-00:54:35.894646 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 56042 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.38.8.8.853844532014169 11/30/22-00:55:03.396283 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53844 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.38.8.8.862050532014169 11/30/22-00:54:33.763792 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 62050 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249728802021641 11/30/22-00:55:05.285201 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497512025483 11/30/22-00:55:49.068855 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49751 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249755802024318 11/30/22-00:55:55.653974 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
| 95.213.216.202192.168.2.380497182025483 11/30/22-00:54:49.052316 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49718 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.38.8.8.852547532014169 11/30/22-00:55:01.596754 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 52547 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249755802024313 11/30/22-00:55:55.653974 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249727802024318 11/30/22-00:55:03.486766 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249713802025381 11/30/22-00:54:37.979213 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249756802021641 11/30/22-00:55:57.533680 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.865459532014169 11/30/22-00:55:47.178193 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65459 | 53 | 192.168.2.3 | 8.8.8.8 |
| 95.213.216.202192.168.2.380497072025483 11/30/22-00:54:26.372322 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49707 | 95.213.216.202 | 192.168.2.3 |
| 192.168.2.395.213.216.20249715802021641 11/30/22-00:54:42.060768 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249712802825766 11/30/22-00:54:35.972913 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249753802825766 11/30/22-00:55:51.242717 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.38.8.8.854153532014169 11/30/22-00:55:51.152832 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 54153 | 53 | 192.168.2.3 | 8.8.8.8 |
| 192.168.2.395.213.216.20249754802025381 11/30/22-00:55:53.496270 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
| 192.168.2.395.213.216.20249727802024313 11/30/22-00:55:03.486766 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Nov 30, 2022 00:54:07.252681971 CET | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:07.317872047 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:07.318666935 CET | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:07.324934006 CET | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:07.390002012 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:07.390280008 CET | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:07.454189062 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:08.932713032 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:08.932929993 CET | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:08.932929993 CET | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:08.997078896 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:09.427567959 CET | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:09.484437943 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:09.484872103 CET | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:09.487690926 CET | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:09.545456886 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:09.545732975 CET | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:09.602526903 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:11.058943987 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:11.059271097 CET | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:11.251259089 CET | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:11.308391094 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:12.515145063 CET | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:12.578533888 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:12.578650951 CET | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:12.581435919 CET | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:12.644690037 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:12.644942999 CET | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:12.708281040 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:14.085145950 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:14.085324049 CET | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:14.085324049 CET | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:14.148653984 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:14.796390057 CET | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:14.863887072 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:14.864324093 CET | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:14.871390104 CET | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:14.938833952 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:14.939245939 CET | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:15.006510973 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:16.469088078 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:16.469213009 CET | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:16.469305038 CET | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:16.536587954 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:16.901004076 CET | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:16.957978010 CET | 80 | 49703 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:16.958115101 CET | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:16.960834026 CET | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:17.017646074 CET | 80 | 49703 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:17.017842054 CET | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:17.074562073 CET | 80 | 49703 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:18.541620016 CET | 80 | 49703 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:18.541914940 CET | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:18.541914940 CET | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:18.598728895 CET | 80 | 49703 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:18.898685932 CET | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:18.963310003 CET | 80 | 49704 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:18.963515997 CET | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:18.966131926 CET | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:19.030903101 CET | 80 | 49704 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:19.031228065 CET | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:19.095748901 CET | 80 | 49704 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:19.714504957 CET | 80 | 49704 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:19.714649916 CET | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:19.722553015 CET | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:19.787149906 CET | 80 | 49704 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:20.097837925 CET | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:20.161624908 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:20.161886930 CET | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:20.168790102 CET | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:20.232583046 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:20.232693911 CET | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:20.296284914 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:21.783216000 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:21.783595085 CET | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:21.783595085 CET | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:21.847395897 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:22.417725086 CET | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:22.481591940 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:22.481817961 CET | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:22.484255075 CET | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:22.547919989 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:22.548185110 CET | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:22.611813068 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:24.053488970 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:24.053700924 CET | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:24.053700924 CET | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:24.117465019 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:24.644469023 CET | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:24.708810091 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:24.709328890 CET | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:24.716723919 CET | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:24.780909061 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:24.781121969 CET | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:24.845062971 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:26.372322083 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:26.372553110 CET | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:26.372901917 CET | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:26.436924934 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:26.735404968 CET | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:26.800751925 CET | 80 | 49708 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:26.800952911 CET | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:26.803652048 CET | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:26.868796110 CET | 80 | 49708 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:26.868957043 CET | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:26.933984041 CET | 80 | 49708 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:28.382638931 CET | 80 | 49708 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:28.382777929 CET | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:28.382778883 CET | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:28.448436022 CET | 80 | 49708 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:29.066101074 CET | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:29.122601986 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:29.122786045 CET | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:29.164231062 CET | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:29.220624924 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:29.220927000 CET | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:29.277586937 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:30.691042900 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:30.691278934 CET | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:30.691428900 CET | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:30.747807980 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:31.844077110 CET | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:31.908207893 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:31.908368111 CET | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:31.910937071 CET | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:31.975022078 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:31.975130081 CET | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:32.039067984 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:33.459515095 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:33.459865093 CET | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:33.459933043 CET | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:33.525604010 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:33.782614946 CET | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:33.839637041 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:33.839822054 CET | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:33.859061956 CET | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:33.916126013 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:33.916356087 CET | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:33.973261118 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:35.462241888 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:35.462493896 CET | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:35.462584972 CET | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:35.519414902 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:35.913698912 CET | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:35.970079899 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:35.970185041 CET | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:35.972913027 CET | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:36.029299974 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:36.032005072 CET | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:36.088288069 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:37.552263021 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:37.552381992 CET | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:37.552381992 CET | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:37.609476089 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:37.898960114 CET | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:37.965244055 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:37.965348959 CET | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:37.979212999 CET | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:38.045309067 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:38.045681953 CET | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:38.111735106 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:39.587399960 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:39.587636948 CET | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:39.588252068 CET | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:39.653244972 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:39.909919024 CET | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:39.974522114 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:39.974756002 CET | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:39.977727890 CET | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:40.042501926 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:40.042785883 CET | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:40.107534885 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:41.602416039 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:41.604454994 CET | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:41.604455948 CET | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:41.669280052 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:41.998399973 CET | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:42.055399895 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:42.056597948 CET | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:42.060767889 CET | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:42.117670059 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:42.120702982 CET | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:42.177629948 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:43.541337013 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:43.541443110 CET | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:43.541507006 CET | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:43.598397970 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:43.769913912 CET | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:43.826594114 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:43.826715946 CET | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:43.829219103 CET | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:43.885807037 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:43.885901928 CET | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:43.942477942 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:45.204539061 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:45.204745054 CET | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:45.204745054 CET | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:45.261375904 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:45.480798960 CET | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:45.537395954 CET | 80 | 49717 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:45.537679911 CET | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:45.540558100 CET | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:45.597280979 CET | 80 | 49717 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:45.597480059 CET | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:45.654186964 CET | 80 | 49717 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:47.032787085 CET | 80 | 49717 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:47.032946110 CET | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:47.058496952 CET | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:47.115341902 CET | 80 | 49717 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:47.489988089 CET | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:47.553695917 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:47.553802013 CET | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:47.592006922 CET | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:47.655783892 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:47.657054901 CET | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:47.720890045 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:49.052315950 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:49.052567005 CET | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:49.052567959 CET | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:49.116251945 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:49.560311079 CET | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:49.624638081 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:49.624974012 CET | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:49.641508102 CET | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:49.705724955 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:49.705965042 CET | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:49.772209883 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:51.280994892 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:51.281199932 CET | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:51.281199932 CET | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:51.345415115 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:51.548526049 CET | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:51.605362892 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:51.605673075 CET | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:51.608520985 CET | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:51.665606022 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:51.668618917 CET | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:51.725402117 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:53.259308100 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:53.259599924 CET | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:53.260018110 CET | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:53.316739082 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:53.497282982 CET | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:53.561186075 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:53.561407089 CET | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:53.572062016 CET | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:53.635884047 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:53.635982037 CET | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:53.699680090 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:54.418787003 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:54.419008017 CET | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:54.419059038 CET | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:54.482815981 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:54.670505047 CET | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:54.727052927 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:54.729609966 CET | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:54.732178926 CET | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:54.788742065 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:54.789618969 CET | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:54.845973015 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:56.166551113 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:56.166851044 CET | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:56.167161942 CET | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:56.223620892 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:56.396608114 CET | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:56.460263014 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:56.460342884 CET | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:56.463103056 CET | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:56.526700020 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:56.526835918 CET | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:56.590533972 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:57.894669056 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:57.895031929 CET | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:57.895031929 CET | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:57.958792925 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:58.125056028 CET | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:58.181525946 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:58.181694031 CET | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:58.184483051 CET | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:58.240962029 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:58.242203951 CET | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:58.298794031 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:59.594971895 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:59.595192909 CET | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:59.597685099 CET | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:59.654140949 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:59.862596035 CET | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:59.927382946 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:59.927499056 CET | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:59.930840969 CET | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:54:59.996124983 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:54:59.996385098 CET | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:00.061088085 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:01.390775919 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:01.390856981 CET | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:01.390960932 CET | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:01.455671072 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:01.614711046 CET | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:01.671113014 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:01.671252012 CET | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:01.673862934 CET | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:01.730237961 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:01.730465889 CET | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:01.786848068 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:03.204140902 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:03.204266071 CET | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:03.204340935 CET | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:03.260652065 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:03.414943933 CET | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:03.479100943 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:03.479541063 CET | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:03.486766100 CET | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:03.551842928 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:03.552114010 CET | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:03.617244959 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:04.982566118 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:04.982990980 CET | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:04.983076096 CET | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:05.047188044 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:05.207638979 CET | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:05.278845072 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:05.278989077 CET | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:05.285201073 CET | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:05.356693029 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:05.356775045 CET | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:05.428106070 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:06.759571075 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:06.760262966 CET | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:06.760387897 CET | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:06.831724882 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:06.989644051 CET | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:07.060533047 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:07.060817003 CET | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:07.068053961 CET | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:07.139190912 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:07.142729998 CET | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:07.213907003 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:08.539654016 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:08.539772987 CET | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:08.539851904 CET | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:08.610599041 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:08.755198956 CET | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:08.818732023 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:08.818875074 CET | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:08.823724985 CET | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:08.887221098 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:08.887696981 CET | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:08.952023983 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:10.337694883 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:10.338476896 CET | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:10.338607073 CET | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:10.402264118 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:10.566430092 CET | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:10.630012035 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:10.630254030 CET | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:10.632750988 CET | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:10.696681976 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:10.697035074 CET | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:10.760850906 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:12.166821003 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:12.166995049 CET | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:12.166995049 CET | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:12.230671883 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:12.397857904 CET | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:12.454653978 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:12.454866886 CET | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:12.457820892 CET | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:12.515181065 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:12.519223928 CET | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:12.576708078 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:13.950021982 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:13.950387955 CET | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:13.951273918 CET | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:14.008239985 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:14.185133934 CET | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:14.241457939 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:14.241565943 CET | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:14.244291067 CET | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:14.300695896 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:14.300803900 CET | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:14.356933117 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:15.751744032 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:15.755505085 CET | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:15.755600929 CET | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:15.812007904 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:16.004370928 CET | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:16.061487913 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:16.063473940 CET | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:16.065951109 CET | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:16.122412920 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:16.123481035 CET | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:16.180047989 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:17.565495014 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:17.565593004 CET | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:17.565663099 CET | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:17.622051001 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:17.802988052 CET | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:17.859404087 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:17.859607935 CET | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:17.863853931 CET | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:17.920332909 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:17.920523882 CET | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:17.976902008 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:19.347023010 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:19.347120047 CET | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:19.347496986 CET | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:19.403734922 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:19.583940029 CET | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:19.640748024 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:19.640861988 CET | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:19.643476009 CET | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:19.700324059 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:19.700479031 CET | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:19.757318020 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:21.118366957 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:21.118597984 CET | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:21.235958099 CET | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:21.292860031 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:21.548213959 CET | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:21.611660957 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:21.611757994 CET | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:21.614295959 CET | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:21.677872896 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:21.678060055 CET | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:21.741621017 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:23.147008896 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:23.147200108 CET | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:23.150054932 CET | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:23.213816881 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:23.390598059 CET | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:23.447422981 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:23.447587013 CET | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:23.450512886 CET | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:23.507425070 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:23.507752895 CET | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:23.564448118 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:24.982215881 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:24.982362986 CET | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:24.982462883 CET | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:25.039313078 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:25.207818985 CET | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:25.264349937 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:25.264487028 CET | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:25.267085075 CET | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:25.324078083 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:25.324280977 CET | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:25.380676985 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:26.908255100 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:26.908451080 CET | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:26.908452034 CET | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:26.965130091 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:27.123436928 CET | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:27.187022924 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:27.187329054 CET | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:27.193434000 CET | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:27.257107019 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:27.257441998 CET | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:27.321250916 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:28.902821064 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:28.903115034 CET | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:28.903115034 CET | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:28.966690063 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:29.181029081 CET | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:29.244118929 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:29.244323015 CET | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:29.247108936 CET | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:29.310338974 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:29.312683105 CET | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:29.376096964 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:30.821604013 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:30.821768045 CET | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:30.821768045 CET | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:30.885057926 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:31.041150093 CET | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:31.098012924 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:31.098140955 CET | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:31.101063967 CET | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:31.158945084 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:31.159028053 CET | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:31.215954065 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:32.668199062 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:32.668359041 CET | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:32.668557882 CET | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:32.725229979 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:32.891294956 CET | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:32.955029964 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:32.955296993 CET | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:32.962708950 CET | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:33.026671886 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:33.026784897 CET | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:33.090379953 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:34.122250080 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:34.122378111 CET | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:34.122379065 CET | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:34.186547995 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:34.336832047 CET | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:34.393754959 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:34.394207001 CET | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:34.401350975 CET | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:34.458348989 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:34.458682060 CET | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:34.515522957 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:36.086250067 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:36.086574078 CET | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:36.086646080 CET | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:36.143685102 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:36.305556059 CET | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:36.369642019 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:36.370085955 CET | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:36.377571106 CET | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:36.441842079 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:36.442002058 CET | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:36.506124020 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:37.973570108 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:37.977447033 CET | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:37.994298935 CET | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:38.058605909 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:38.215667009 CET | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:38.272118092 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:38.272234917 CET | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:38.275173903 CET | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:38.331401110 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:38.333534956 CET | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:38.390136957 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:39.906968117 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:39.907114983 CET | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:39.907172918 CET | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:39.963509083 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:40.151000023 CET | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:40.207727909 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:40.207912922 CET | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:40.214632988 CET | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:40.271559000 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:40.271949053 CET | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:40.328738928 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:41.771804094 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:41.772068977 CET | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:41.772069931 CET | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:41.828773022 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:42.022281885 CET | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:42.087943077 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:42.088301897 CET | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:42.098366976 CET | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:42.164235115 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:42.166110039 CET | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:42.232266903 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:43.661912918 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:43.662535906 CET | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:43.664011002 CET | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:43.729532957 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:43.916825056 CET | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:43.973140001 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:43.973423958 CET | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:43.976237059 CET | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:44.032557964 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:44.034007072 CET | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:44.090533018 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:45.483573914 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:45.483691931 CET | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:45.483772993 CET | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:45.540266037 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:45.696420908 CET | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:45.753129959 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:45.753353119 CET | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:45.758418083 CET | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:45.815217972 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:45.815349102 CET | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:45.872066975 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:46.963833094 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:46.966191053 CET | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:46.966192007 CET | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:47.023200035 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:47.199429989 CET | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:47.270355940 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:47.274290085 CET | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:47.279515028 CET | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:47.352221012 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:47.352607965 CET | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:47.423551083 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:49.068855047 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:49.069000959 CET | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:49.069001913 CET | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:49.139884949 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:49.310100079 CET | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:49.374298096 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:49.376203060 CET | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:49.378987074 CET | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:49.443128109 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:49.446521044 CET | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:49.510756016 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:50.930381060 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:50.930756092 CET | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:50.930757046 CET | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:50.995115995 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:51.174263954 CET | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:51.231029034 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:51.231292009 CET | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:51.242717028 CET | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:51.299602032 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:51.299818039 CET | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:51.356714964 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:52.887247086 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:52.887528896 CET | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:52.887574911 CET | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:52.945564032 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:53.413743973 CET | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:53.470174074 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:53.470912933 CET | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:53.496269941 CET | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:53.552856922 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:53.554918051 CET | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:53.611341953 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:55.161061049 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:55.161240101 CET | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:55.161240101 CET | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:55.217797995 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:55.587070942 CET | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:55.650820971 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:55.650958061 CET | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:55.653974056 CET | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:55.717514992 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:55.717783928 CET | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:55.781785011 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:57.270721912 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:57.271272898 CET | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:57.273473024 CET | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:57.337918997 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:57.465915918 CET | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:57.529999018 CET | 80 | 49756 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:57.530544996 CET | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:57.533679962 CET | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:57.597755909 CET | 80 | 49756 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:57.599260092 CET | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:57.663528919 CET | 80 | 49756 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:58.723098993 CET | 80 | 49756 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:58.723207951 CET | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:58.723279953 CET | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:58.788446903 CET | 80 | 49756 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:58.887741089 CET | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:58.946193933 CET | 80 | 49757 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:58.946315050 CET | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:58.948900938 CET | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:59.005773067 CET | 80 | 49757 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:59.005871058 CET | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:59.065747976 CET | 80 | 49757 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:59.773200035 CET | 80 | 49757 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:59.779139042 CET | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:59.779177904 CET | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:55:59.835975885 CET | 80 | 49757 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:55:59.959078074 CET | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:56:00.022310019 CET | 80 | 49758 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:56:00.022512913 CET | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:56:00.034214020 CET | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:56:00.097515106 CET | 80 | 49758 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:56:00.097791910 CET | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:56:00.161053896 CET | 80 | 49758 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:56:00.797030926 CET | 80 | 49758 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:56:00.797266006 CET | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:56:00.797266006 CET | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:56:00.860564947 CET | 80 | 49758 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:56:00.980782986 CET | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:56:01.037372112 CET | 80 | 49759 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:56:01.037604094 CET | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:56:01.042443991 CET | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:56:01.098797083 CET | 80 | 49759 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:56:01.099145889 CET | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:56:01.155508995 CET | 80 | 49759 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:56:01.793951035 CET | 80 | 49759 | 95.213.216.202 | 192.168.2.3 |
| Nov 30, 2022 00:56:01.794126987 CET | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:56:01.794150114 CET | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
| Nov 30, 2022 00:56:01.850579977 CET | 80 | 49759 | 95.213.216.202 | 192.168.2.3 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Nov 30, 2022 00:54:06.875981092 CET | 49977 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:07.240958929 CET | 53 | 49977 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:09.401173115 CET | 57840 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:09.420834064 CET | 53 | 57840 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:11.706173897 CET | 57990 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:12.468837023 CET | 53 | 57990 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:14.412322998 CET | 52387 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:14.780765057 CET | 53 | 52387 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:16.879287004 CET | 56924 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:16.898757935 CET | 53 | 56924 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:18.863516092 CET | 60625 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:18.881309032 CET | 53 | 60625 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:20.078244925 CET | 49302 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:20.096685886 CET | 53 | 49302 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:22.160619020 CET | 53975 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:22.415709972 CET | 53 | 53975 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:24.370686054 CET | 51139 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:24.639362097 CET | 53 | 51139 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:26.705693960 CET | 52955 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:26.723373890 CET | 53 | 52955 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:28.778636932 CET | 60582 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:29.064884901 CET | 53 | 60582 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:31.820801973 CET | 57134 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:31.840390921 CET | 53 | 57134 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:33.763792038 CET | 62050 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:33.781332970 CET | 53 | 62050 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:35.894645929 CET | 56042 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:35.912352085 CET | 53 | 56042 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:37.879678965 CET | 59636 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:37.897547007 CET | 53 | 59636 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:39.891168118 CET | 55638 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:39.908864975 CET | 53 | 55638 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:41.979608059 CET | 57704 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:41.997195005 CET | 53 | 57704 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:43.751688957 CET | 65320 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:43.768886089 CET | 53 | 65320 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:45.460011959 CET | 60767 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:45.479480982 CET | 53 | 60767 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:47.470066071 CET | 65107 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:47.487802982 CET | 53 | 65107 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:49.539402962 CET | 53848 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:49.559163094 CET | 53 | 53848 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:51.528645039 CET | 57571 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:51.546144009 CET | 53 | 57571 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:53.455722094 CET | 58691 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:53.473742008 CET | 53 | 58691 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:54.648302078 CET | 53305 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:54.668741941 CET | 53 | 53305 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:56.376061916 CET | 59433 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:56.395571947 CET | 53 | 59433 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:58.103972912 CET | 60749 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:58.123743057 CET | 53 | 60749 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:54:59.841953039 CET | 56949 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:54:59.861439943 CET | 53 | 56949 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:01.596754074 CET | 52547 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:01.613591909 CET | 53 | 52547 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:03.396282911 CET | 53844 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:03.413459063 CET | 53 | 53844 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:05.186135054 CET | 65017 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:05.205918074 CET | 53 | 65017 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:06.970989943 CET | 53466 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:06.988650084 CET | 53 | 53466 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:08.735474110 CET | 57743 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:08.753017902 CET | 53 | 57743 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:10.547934055 CET | 53623 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:10.565411091 CET | 53 | 53623 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:12.379224062 CET | 61416 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:12.396709919 CET | 53 | 61416 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:14.166464090 CET | 65196 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:14.183665037 CET | 53 | 65196 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:15.985743046 CET | 58708 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:16.003206015 CET | 53 | 58708 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:17.784200907 CET | 59581 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:17.801747084 CET | 53 | 59581 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:19.563471079 CET | 53049 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:19.582814932 CET | 53 | 53049 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:21.529314041 CET | 60088 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:21.547068119 CET | 53 | 60088 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:23.368357897 CET | 63562 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:23.385291100 CET | 53 | 63562 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:25.189213991 CET | 53428 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:25.206536055 CET | 53 | 53428 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:27.103034019 CET | 65511 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:27.120949030 CET | 53 | 65511 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:29.162121058 CET | 59820 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:29.179055929 CET | 53 | 59820 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:31.020256042 CET | 64595 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:31.039771080 CET | 53 | 64595 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:32.870194912 CET | 52079 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:32.889683008 CET | 53 | 52079 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:34.318233967 CET | 64823 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:34.335309029 CET | 53 | 64823 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:36.286011934 CET | 51992 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:36.303749084 CET | 53 | 51992 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:38.197046041 CET | 58119 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:38.214360952 CET | 53 | 58119 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:40.126117945 CET | 49166 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:40.145720959 CET | 53 | 49166 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:42.001540899 CET | 58301 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:42.019203901 CET | 53 | 58301 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:43.898413897 CET | 63446 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:43.915456057 CET | 53 | 63446 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:45.675020933 CET | 49874 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:45.694405079 CET | 53 | 49874 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:47.178193092 CET | 65459 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:47.198072910 CET | 53 | 65459 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:49.289719105 CET | 65385 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:49.307233095 CET | 53 | 65385 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:51.152832031 CET | 54153 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:51.172306061 CET | 53 | 54153 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:53.393349886 CET | 64602 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:53.412369013 CET | 53 | 64602 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:55.557055950 CET | 50784 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:55.574852943 CET | 53 | 50784 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:57.444180012 CET | 64121 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:57.463988066 CET | 53 | 64121 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:58.869049072 CET | 64967 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:58.886452913 CET | 53 | 64967 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:55:59.940840960 CET | 60825 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:55:59.957931995 CET | 53 | 60825 | 8.8.8.8 | 192.168.2.3 |
| Nov 30, 2022 00:56:00.958663940 CET | 49201 | 53 | 192.168.2.3 | 8.8.8.8 |
| Nov 30, 2022 00:56:00.977658987 CET | 53 | 49201 | 8.8.8.8 | 192.168.2.3 |
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|
| Nov 30, 2022 00:54:06.875981092 CET | 192.168.2.3 | 8.8.8.8 | 0x6188 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:09.401173115 CET | 192.168.2.3 | 8.8.8.8 | 0x5d3b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:11.706173897 CET | 192.168.2.3 | 8.8.8.8 | 0xb7e8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:14.412322998 CET | 192.168.2.3 | 8.8.8.8 | 0x4082 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:16.879287004 CET | 192.168.2.3 | 8.8.8.8 | 0x22b9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:18.863516092 CET | 192.168.2.3 | 8.8.8.8 | 0xeaac | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:20.078244925 CET | 192.168.2.3 | 8.8.8.8 | 0x28fb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:22.160619020 CET | 192.168.2.3 | 8.8.8.8 | 0xee98 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:24.370686054 CET | 192.168.2.3 | 8.8.8.8 | 0x2624 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:26.705693960 CET | 192.168.2.3 | 8.8.8.8 | 0x5477 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:28.778636932 CET | 192.168.2.3 | 8.8.8.8 | 0xdecc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:31.820801973 CET | 192.168.2.3 | 8.8.8.8 | 0x1c2d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:33.763792038 CET | 192.168.2.3 | 8.8.8.8 | 0xf2e6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:35.894645929 CET | 192.168.2.3 | 8.8.8.8 | 0x1fc5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:37.879678965 CET | 192.168.2.3 | 8.8.8.8 | 0xbad | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:39.891168118 CET | 192.168.2.3 | 8.8.8.8 | 0x785c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:41.979608059 CET | 192.168.2.3 | 8.8.8.8 | 0xabaf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:43.751688957 CET | 192.168.2.3 | 8.8.8.8 | 0x692b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:45.460011959 CET | 192.168.2.3 | 8.8.8.8 | 0x4377 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:47.470066071 CET | 192.168.2.3 | 8.8.8.8 | 0xbe7a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:49.539402962 CET | 192.168.2.3 | 8.8.8.8 | 0x9c9a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:51.528645039 CET | 192.168.2.3 | 8.8.8.8 | 0xb58 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:53.455722094 CET | 192.168.2.3 | 8.8.8.8 | 0xdac7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:54.648302078 CET | 192.168.2.3 | 8.8.8.8 | 0xaacd | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:56.376061916 CET | 192.168.2.3 | 8.8.8.8 | 0x479c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:58.103972912 CET | 192.168.2.3 | 8.8.8.8 | 0xea9f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:54:59.841953039 CET | 192.168.2.3 | 8.8.8.8 | 0x16e7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:01.596754074 CET | 192.168.2.3 | 8.8.8.8 | 0x35c4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:03.396282911 CET | 192.168.2.3 | 8.8.8.8 | 0x8db7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:05.186135054 CET | 192.168.2.3 | 8.8.8.8 | 0xa497 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:06.970989943 CET | 192.168.2.3 | 8.8.8.8 | 0x67db | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:08.735474110 CET | 192.168.2.3 | 8.8.8.8 | 0x7db5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:10.547934055 CET | 192.168.2.3 | 8.8.8.8 | 0x1fa1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:12.379224062 CET | 192.168.2.3 | 8.8.8.8 | 0x4f02 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:14.166464090 CET | 192.168.2.3 | 8.8.8.8 | 0x4ab6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:15.985743046 CET | 192.168.2.3 | 8.8.8.8 | 0x3921 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:17.784200907 CET | 192.168.2.3 | 8.8.8.8 | 0xc7dc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:19.563471079 CET | 192.168.2.3 | 8.8.8.8 | 0x46b9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:21.529314041 CET | 192.168.2.3 | 8.8.8.8 | 0x213 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:23.368357897 CET | 192.168.2.3 | 8.8.8.8 | 0x1d07 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:25.189213991 CET | 192.168.2.3 | 8.8.8.8 | 0x6e37 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:27.103034019 CET | 192.168.2.3 | 8.8.8.8 | 0xea01 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:29.162121058 CET | 192.168.2.3 | 8.8.8.8 | 0x4235 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:31.020256042 CET | 192.168.2.3 | 8.8.8.8 | 0xa106 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:32.870194912 CET | 192.168.2.3 | 8.8.8.8 | 0x86ee | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:34.318233967 CET | 192.168.2.3 | 8.8.8.8 | 0x2d83 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:36.286011934 CET | 192.168.2.3 | 8.8.8.8 | 0xbdf8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:38.197046041 CET | 192.168.2.3 | 8.8.8.8 | 0x23f4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:40.126117945 CET | 192.168.2.3 | 8.8.8.8 | 0x856e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:42.001540899 CET | 192.168.2.3 | 8.8.8.8 | 0x3a49 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:43.898413897 CET | 192.168.2.3 | 8.8.8.8 | 0x4c7e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:45.675020933 CET | 192.168.2.3 | 8.8.8.8 | 0xd354 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:47.178193092 CET | 192.168.2.3 | 8.8.8.8 | 0x8af6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:49.289719105 CET | 192.168.2.3 | 8.8.8.8 | 0xc369 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:51.152832031 CET | 192.168.2.3 | 8.8.8.8 | 0xe950 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:53.393349886 CET | 192.168.2.3 | 8.8.8.8 | 0x9913 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:55.557055950 CET | 192.168.2.3 | 8.8.8.8 | 0x2074 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:57.444180012 CET | 192.168.2.3 | 8.8.8.8 | 0x2543 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:58.869049072 CET | 192.168.2.3 | 8.8.8.8 | 0x92c3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:55:59.940840960 CET | 192.168.2.3 | 8.8.8.8 | 0x3488 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Nov 30, 2022 00:56:00.958663940 CET | 192.168.2.3 | 8.8.8.8 | 0x58c4 | Standard query (0) | A (IP address) | IN (0x0001) | false |
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|---|---|
| Nov 30, 2022 00:54:07.240958929 CET | 8.8.8.8 | 192.168.2.3 | 0x6188 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:09.420834064 CET | 8.8.8.8 | 192.168.2.3 | 0x5d3b | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:12.468837023 CET | 8.8.8.8 | 192.168.2.3 | 0xb7e8 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:14.780765057 CET | 8.8.8.8 | 192.168.2.3 | 0x4082 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:16.898757935 CET | 8.8.8.8 | 192.168.2.3 | 0x22b9 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:18.881309032 CET | 8.8.8.8 | 192.168.2.3 | 0xeaac | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:20.096685886 CET | 8.8.8.8 | 192.168.2.3 | 0x28fb | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:22.415709972 CET | 8.8.8.8 | 192.168.2.3 | 0xee98 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:24.639362097 CET | 8.8.8.8 | 192.168.2.3 | 0x2624 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:26.723373890 CET | 8.8.8.8 | 192.168.2.3 | 0x5477 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:29.064884901 CET | 8.8.8.8 | 192.168.2.3 | 0xdecc | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:31.840390921 CET | 8.8.8.8 | 192.168.2.3 | 0x1c2d | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:33.781332970 CET | 8.8.8.8 | 192.168.2.3 | 0xf2e6 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:35.912352085 CET | 8.8.8.8 | 192.168.2.3 | 0x1fc5 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:37.897547007 CET | 8.8.8.8 | 192.168.2.3 | 0xbad | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:39.908864975 CET | 8.8.8.8 | 192.168.2.3 | 0x785c | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:41.997195005 CET | 8.8.8.8 | 192.168.2.3 | 0xabaf | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:43.768886089 CET | 8.8.8.8 | 192.168.2.3 | 0x692b | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:45.479480982 CET | 8.8.8.8 | 192.168.2.3 | 0x4377 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:47.487802982 CET | 8.8.8.8 | 192.168.2.3 | 0xbe7a | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:49.559163094 CET | 8.8.8.8 | 192.168.2.3 | 0x9c9a | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:51.546144009 CET | 8.8.8.8 | 192.168.2.3 | 0xb58 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:53.473742008 CET | 8.8.8.8 | 192.168.2.3 | 0xdac7 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:54.668741941 CET | 8.8.8.8 | 192.168.2.3 | 0xaacd | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:56.395571947 CET | 8.8.8.8 | 192.168.2.3 | 0x479c | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:58.123743057 CET | 8.8.8.8 | 192.168.2.3 | 0xea9f | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:54:59.861439943 CET | 8.8.8.8 | 192.168.2.3 | 0x16e7 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:01.613591909 CET | 8.8.8.8 | 192.168.2.3 | 0x35c4 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:03.413459063 CET | 8.8.8.8 | 192.168.2.3 | 0x8db7 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:05.205918074 CET | 8.8.8.8 | 192.168.2.3 | 0xa497 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:06.988650084 CET | 8.8.8.8 | 192.168.2.3 | 0x67db | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:08.753017902 CET | 8.8.8.8 | 192.168.2.3 | 0x7db5 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:10.565411091 CET | 8.8.8.8 | 192.168.2.3 | 0x1fa1 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:12.396709919 CET | 8.8.8.8 | 192.168.2.3 | 0x4f02 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:14.183665037 CET | 8.8.8.8 | 192.168.2.3 | 0x4ab6 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:16.003206015 CET | 8.8.8.8 | 192.168.2.3 | 0x3921 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:17.801747084 CET | 8.8.8.8 | 192.168.2.3 | 0xc7dc | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:19.582814932 CET | 8.8.8.8 | 192.168.2.3 | 0x46b9 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:21.547068119 CET | 8.8.8.8 | 192.168.2.3 | 0x213 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:23.385291100 CET | 8.8.8.8 | 192.168.2.3 | 0x1d07 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:25.206536055 CET | 8.8.8.8 | 192.168.2.3 | 0x6e37 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:27.120949030 CET | 8.8.8.8 | 192.168.2.3 | 0xea01 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:29.179055929 CET | 8.8.8.8 | 192.168.2.3 | 0x4235 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:31.039771080 CET | 8.8.8.8 | 192.168.2.3 | 0xa106 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:32.889683008 CET | 8.8.8.8 | 192.168.2.3 | 0x86ee | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:34.335309029 CET | 8.8.8.8 | 192.168.2.3 | 0x2d83 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:36.303749084 CET | 8.8.8.8 | 192.168.2.3 | 0xbdf8 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:38.214360952 CET | 8.8.8.8 | 192.168.2.3 | 0x23f4 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:40.145720959 CET | 8.8.8.8 | 192.168.2.3 | 0x856e | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:42.019203901 CET | 8.8.8.8 | 192.168.2.3 | 0x3a49 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:43.915456057 CET | 8.8.8.8 | 192.168.2.3 | 0x4c7e | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:45.694405079 CET | 8.8.8.8 | 192.168.2.3 | 0xd354 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:47.198072910 CET | 8.8.8.8 | 192.168.2.3 | 0x8af6 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:49.307233095 CET | 8.8.8.8 | 192.168.2.3 | 0xc369 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:51.172306061 CET | 8.8.8.8 | 192.168.2.3 | 0xe950 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:53.412369013 CET | 8.8.8.8 | 192.168.2.3 | 0x9913 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:55.574852943 CET | 8.8.8.8 | 192.168.2.3 | 0x2074 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:57.463988066 CET | 8.8.8.8 | 192.168.2.3 | 0x2543 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:58.886452913 CET | 8.8.8.8 | 192.168.2.3 | 0x92c3 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:55:59.957931995 CET | 8.8.8.8 | 192.168.2.3 | 0x3488 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
| Nov 30, 2022 00:56:00.977658987 CET | 8.8.8.8 | 192.168.2.3 | 0x58c4 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 0 | 192.168.2.3 | 49699 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:07.324934006 CET | 121 | OUT | |
| Nov 30, 2022 00:54:07.390280008 CET | 121 | OUT | |
| Nov 30, 2022 00:54:08.932713032 CET | 122 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 1 | 192.168.2.3 | 49700 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:09.487690926 CET | 123 | OUT | |
| Nov 30, 2022 00:54:09.545732975 CET | 123 | OUT | |
| Nov 30, 2022 00:54:11.058943987 CET | 123 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 10 | 192.168.2.3 | 49709 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:29.164231062 CET | 135 | OUT | |
| Nov 30, 2022 00:54:29.220927000 CET | 135 | OUT | |
| Nov 30, 2022 00:54:30.691042900 CET | 136 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 11 | 192.168.2.3 | 49710 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:31.910937071 CET | 137 | OUT | |
| Nov 30, 2022 00:54:31.975130081 CET | 137 | OUT | |
| Nov 30, 2022 00:54:33.459515095 CET | 137 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 12 | 192.168.2.3 | 49711 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:33.859061956 CET | 138 | OUT | |
| Nov 30, 2022 00:54:33.916356087 CET | 138 | OUT | |
| Nov 30, 2022 00:54:35.462241888 CET | 139 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 13 | 192.168.2.3 | 49712 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:35.972913027 CET | 139 | OUT | |
| Nov 30, 2022 00:54:36.032005072 CET | 140 | OUT | |
| Nov 30, 2022 00:54:37.552263021 CET | 140 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 14 | 192.168.2.3 | 49713 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:37.979212999 CET | 141 | OUT | |
| Nov 30, 2022 00:54:38.045681953 CET | 141 | OUT | |
| Nov 30, 2022 00:54:39.587399960 CET | 141 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 15 | 192.168.2.3 | 49714 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:39.977727890 CET | 142 | OUT | |
| Nov 30, 2022 00:54:40.042785883 CET | 143 | OUT | |
| Nov 30, 2022 00:54:41.602416039 CET | 143 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 16 | 192.168.2.3 | 49715 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:42.060767889 CET | 144 | OUT | |
| Nov 30, 2022 00:54:42.120702982 CET | 144 | OUT | |
| Nov 30, 2022 00:54:43.541337013 CET | 144 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 17 | 192.168.2.3 | 49716 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:43.829219103 CET | 145 | OUT | |
| Nov 30, 2022 00:54:43.885901928 CET | 146 | OUT | |
| Nov 30, 2022 00:54:45.204539061 CET | 146 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 18 | 192.168.2.3 | 49717 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:45.540558100 CET | 147 | OUT | |
| Nov 30, 2022 00:54:45.597480059 CET | 147 | OUT | |
| Nov 30, 2022 00:54:47.032787085 CET | 147 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 19 | 192.168.2.3 | 49718 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:47.592006922 CET | 148 | OUT | |
| Nov 30, 2022 00:54:47.657054901 CET | 148 | OUT | |
| Nov 30, 2022 00:54:49.052315950 CET | 149 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 2 | 192.168.2.3 | 49701 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:12.581435919 CET | 124 | OUT | |
| Nov 30, 2022 00:54:12.644942999 CET | 124 | OUT | |
| Nov 30, 2022 00:54:14.085145950 CET | 125 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 20 | 192.168.2.3 | 49719 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:49.641508102 CET | 149 | OUT | |
| Nov 30, 2022 00:54:49.705965042 CET | 150 | OUT | |
| Nov 30, 2022 00:54:51.280994892 CET | 151 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 21 | 192.168.2.3 | 49720 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:51.608520985 CET | 152 | OUT | |
| Nov 30, 2022 00:54:51.668618917 CET | 152 | OUT | |
| Nov 30, 2022 00:54:53.259308100 CET | 152 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 22 | 192.168.2.3 | 49721 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:53.572062016 CET | 153 | OUT | |
| Nov 30, 2022 00:54:53.635982037 CET | 154 | OUT | |
| Nov 30, 2022 00:54:54.418787003 CET | 154 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 23 | 192.168.2.3 | 49722 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:54.732178926 CET | 155 | OUT | |
| Nov 30, 2022 00:54:54.789618969 CET | 155 | OUT | |
| Nov 30, 2022 00:54:56.166551113 CET | 155 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 24 | 192.168.2.3 | 49723 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:56.463103056 CET | 156 | OUT | |
| Nov 30, 2022 00:54:56.526835918 CET | 156 | OUT | |
| Nov 30, 2022 00:54:57.894669056 CET | 157 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 25 | 192.168.2.3 | 49724 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:58.184483051 CET | 157 | OUT | |
| Nov 30, 2022 00:54:58.242203951 CET | 158 | OUT | |
| Nov 30, 2022 00:54:59.594971895 CET | 158 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 26 | 192.168.2.3 | 49725 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:59.930840969 CET | 159 | OUT | |
| Nov 30, 2022 00:54:59.996385098 CET | 159 | OUT | |
| Nov 30, 2022 00:55:01.390775919 CET | 159 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 27 | 192.168.2.3 | 49726 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:01.673862934 CET | 160 | OUT | |
| Nov 30, 2022 00:55:01.730465889 CET | 161 | OUT | |
| Nov 30, 2022 00:55:03.204140902 CET | 161 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 28 | 192.168.2.3 | 49727 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:03.486766100 CET | 162 | OUT | |
| Nov 30, 2022 00:55:03.552114010 CET | 162 | OUT | |
| Nov 30, 2022 00:55:04.982566118 CET | 162 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 29 | 192.168.2.3 | 49728 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:05.285201073 CET | 163 | OUT | |
| Nov 30, 2022 00:55:05.356775045 CET | 163 | OUT | |
| Nov 30, 2022 00:55:06.759571075 CET | 164 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 3 | 192.168.2.3 | 49702 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:14.871390104 CET | 125 | OUT | |
| Nov 30, 2022 00:54:14.939245939 CET | 126 | OUT | |
| Nov 30, 2022 00:54:16.469088078 CET | 126 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 30 | 192.168.2.3 | 49729 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:07.068053961 CET | 164 | OUT | |
| Nov 30, 2022 00:55:07.142729998 CET | 165 | OUT | |
| Nov 30, 2022 00:55:08.539654016 CET | 165 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 31 | 192.168.2.3 | 49730 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:08.823724985 CET | 166 | OUT | |
| Nov 30, 2022 00:55:08.887696981 CET | 166 | OUT | |
| Nov 30, 2022 00:55:10.337694883 CET | 166 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 32 | 192.168.2.3 | 49731 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:10.632750988 CET | 167 | OUT | |
| Nov 30, 2022 00:55:10.697035074 CET | 168 | OUT | |
| Nov 30, 2022 00:55:12.166821003 CET | 168 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 33 | 192.168.2.3 | 49732 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:12.457820892 CET | 169 | OUT | |
| Nov 30, 2022 00:55:12.519223928 CET | 169 | OUT | |
| Nov 30, 2022 00:55:13.950021982 CET | 169 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 34 | 192.168.2.3 | 49733 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:14.244291067 CET | 170 | OUT | |
| Nov 30, 2022 00:55:14.300803900 CET | 170 | OUT | |
| Nov 30, 2022 00:55:15.751744032 CET | 171 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 35 | 192.168.2.3 | 49734 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:16.065951109 CET | 171 | OUT | |
| Nov 30, 2022 00:55:16.123481035 CET | 172 | OUT | |
| Nov 30, 2022 00:55:17.565495014 CET | 172 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 36 | 192.168.2.3 | 49735 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:17.863853931 CET | 173 | OUT | |
| Nov 30, 2022 00:55:17.920523882 CET | 173 | OUT | |
| Nov 30, 2022 00:55:19.347023010 CET | 173 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 37 | 192.168.2.3 | 49736 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:19.643476009 CET | 174 | OUT | |
| Nov 30, 2022 00:55:19.700479031 CET | 175 | OUT | |
| Nov 30, 2022 00:55:21.118366957 CET | 175 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 38 | 192.168.2.3 | 49737 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:21.614295959 CET | 176 | OUT | |
| Nov 30, 2022 00:55:21.678060055 CET | 176 | OUT | |
| Nov 30, 2022 00:55:23.147008896 CET | 177 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 39 | 192.168.2.3 | 49738 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:23.450512886 CET | 177 | OUT | |
| Nov 30, 2022 00:55:23.507752895 CET | 178 | OUT | |
| Nov 30, 2022 00:55:24.982215881 CET | 178 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 4 | 192.168.2.3 | 49703 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:16.960834026 CET | 127 | OUT | |
| Nov 30, 2022 00:54:17.017842054 CET | 127 | OUT | |
| Nov 30, 2022 00:54:18.541620016 CET | 127 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 40 | 192.168.2.3 | 49739 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:25.267085075 CET | 179 | OUT | |
| Nov 30, 2022 00:55:25.324280977 CET | 179 | OUT | |
| Nov 30, 2022 00:55:26.908255100 CET | 179 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 41 | 192.168.2.3 | 49740 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:27.193434000 CET | 180 | OUT | |
| Nov 30, 2022 00:55:27.257441998 CET | 180 | OUT | |
| Nov 30, 2022 00:55:28.902821064 CET | 181 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 42 | 192.168.2.3 | 49741 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:29.247108936 CET | 182 | OUT | |
| Nov 30, 2022 00:55:29.312683105 CET | 182 | OUT | |
| Nov 30, 2022 00:55:30.821604013 CET | 182 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 43 | 192.168.2.3 | 49742 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:31.101063967 CET | 183 | OUT | |
| Nov 30, 2022 00:55:31.159028053 CET | 183 | OUT | |
| Nov 30, 2022 00:55:32.668199062 CET | 184 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 44 | 192.168.2.3 | 49743 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:32.962708950 CET | 184 | OUT | |
| Nov 30, 2022 00:55:33.026784897 CET | 185 | OUT | |
| Nov 30, 2022 00:55:34.122250080 CET | 185 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 45 | 192.168.2.3 | 49744 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:34.401350975 CET | 186 | OUT | |
| Nov 30, 2022 00:55:34.458682060 CET | 186 | OUT | |
| Nov 30, 2022 00:55:36.086250067 CET | 186 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 46 | 192.168.2.3 | 49745 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:36.377571106 CET | 187 | OUT | |
| Nov 30, 2022 00:55:36.442002058 CET | 187 | OUT | |
| Nov 30, 2022 00:55:37.973570108 CET | 188 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 47 | 192.168.2.3 | 49746 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:38.275173903 CET | 189 | OUT | |
| Nov 30, 2022 00:55:38.333534956 CET | 189 | OUT | |
| Nov 30, 2022 00:55:39.906968117 CET | 189 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 48 | 192.168.2.3 | 49747 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:40.214632988 CET | 190 | OUT | |
| Nov 30, 2022 00:55:40.271949053 CET | 191 | OUT | |
| Nov 30, 2022 00:55:41.771804094 CET | 191 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 49 | 192.168.2.3 | 49748 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:42.098366976 CET | 192 | OUT | |
| Nov 30, 2022 00:55:42.166110039 CET | 192 | OUT | |
| Nov 30, 2022 00:55:43.661912918 CET | 192 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 5 | 192.168.2.3 | 49704 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:18.966131926 CET | 128 | OUT | |
| Nov 30, 2022 00:54:19.031228065 CET | 128 | OUT | |
| Nov 30, 2022 00:54:19.714504957 CET | 129 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 50 | 192.168.2.3 | 49749 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:43.976237059 CET | 193 | OUT | |
| Nov 30, 2022 00:55:44.034007072 CET | 193 | OUT | |
| Nov 30, 2022 00:55:45.483573914 CET | 194 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 51 | 192.168.2.3 | 49750 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:45.758418083 CET | 194 | OUT | |
| Nov 30, 2022 00:55:45.815349102 CET | 195 | OUT | |
| Nov 30, 2022 00:55:46.963833094 CET | 195 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 52 | 192.168.2.3 | 49751 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:47.279515028 CET | 196 | OUT | |
| Nov 30, 2022 00:55:47.352607965 CET | 196 | OUT | |
| Nov 30, 2022 00:55:49.068855047 CET | 196 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 53 | 192.168.2.3 | 49752 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:49.378987074 CET | 197 | OUT | |
| Nov 30, 2022 00:55:49.446521044 CET | 198 | OUT | |
| Nov 30, 2022 00:55:50.930381060 CET | 198 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 54 | 192.168.2.3 | 49753 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:51.242717028 CET | 199 | OUT | |
| Nov 30, 2022 00:55:51.299818039 CET | 199 | OUT | |
| Nov 30, 2022 00:55:52.887247086 CET | 199 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 55 | 192.168.2.3 | 49754 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:53.496269941 CET | 200 | OUT | |
| Nov 30, 2022 00:55:53.554918051 CET | 200 | OUT | |
| Nov 30, 2022 00:55:55.161061049 CET | 201 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 56 | 192.168.2.3 | 49755 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:55.653974056 CET | 201 | OUT | |
| Nov 30, 2022 00:55:55.717783928 CET | 202 | OUT | |
| Nov 30, 2022 00:55:57.270721912 CET | 202 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 57 | 192.168.2.3 | 49756 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:57.533679962 CET | 203 | OUT | |
| Nov 30, 2022 00:55:57.599260092 CET | 203 | OUT | |
| Nov 30, 2022 00:55:58.723098993 CET | 203 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 58 | 192.168.2.3 | 49757 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:55:58.948900938 CET | 204 | OUT | |
| Nov 30, 2022 00:55:59.005871058 CET | 205 | OUT | |
| Nov 30, 2022 00:55:59.773200035 CET | 205 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 59 | 192.168.2.3 | 49758 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:56:00.034214020 CET | 206 | OUT | |
| Nov 30, 2022 00:56:00.097791910 CET | 206 | OUT | |
| Nov 30, 2022 00:56:00.797030926 CET | 206 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 6 | 192.168.2.3 | 49705 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:20.168790102 CET | 130 | OUT | |
| Nov 30, 2022 00:54:20.232693911 CET | 130 | OUT | |
| Nov 30, 2022 00:54:21.783216000 CET | 130 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 60 | 192.168.2.3 | 49759 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:56:01.042443991 CET | 207 | OUT | |
| Nov 30, 2022 00:56:01.099145889 CET | 207 | OUT | |
| Nov 30, 2022 00:56:01.793951035 CET | 208 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 7 | 192.168.2.3 | 49706 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:22.484255075 CET | 131 | OUT | |
| Nov 30, 2022 00:54:22.548185110 CET | 131 | OUT | |
| Nov 30, 2022 00:54:24.053488970 CET | 132 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 8 | 192.168.2.3 | 49707 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:24.716723919 CET | 132 | OUT | |
| Nov 30, 2022 00:54:24.781121969 CET | 133 | OUT | |
| Nov 30, 2022 00:54:26.372322083 CET | 133 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 9 | 192.168.2.3 | 49708 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Nov 30, 2022 00:54:26.803652048 CET | 134 | OUT | |
| Nov 30, 2022 00:54:26.868957043 CET | 134 | OUT | |
| Nov 30, 2022 00:54:28.382638931 CET | 134 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
| Target ID: | 0 |
| Start time: | 00:53:56 |
| Start date: | 30/11/2022 |
| Path: | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x3d0000 |
| File size: | 865280 bytes |
| MD5 hash: | BAED30AEA51E6000571219633AA745B0 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | .Net C# or VB.NET |
| Yara matches: |
|
| Reputation: | low |
| Target ID: | 1 |
| Start time: | 00:54:03 |
| Start date: | 30/11/2022 |
| Path: | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x1d0000 |
| File size: | 865280 bytes |
| MD5 hash: | BAED30AEA51E6000571219633AA745B0 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 2 |
| Start time: | 00:54:03 |
| Start date: | 30/11/2022 |
| Path: | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x360000 |
| File size: | 865280 bytes |
| MD5 hash: | BAED30AEA51E6000571219633AA745B0 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 3 |
| Start time: | 00:54:03 |
| Start date: | 30/11/2022 |
| Path: | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xc70000 |
| File size: | 865280 bytes |
| MD5 hash: | BAED30AEA51E6000571219633AA745B0 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Yara matches: |
|
| Reputation: | low |
Execution Graph
| Execution Coverage: | 11.4% |
| Dynamic/Decrypted Code Coverage: | 100% |
| Signature Coverage: | 0% |
| Total number of Nodes: | 105 |
| Total number of Limit Nodes: | 9 |
Graph
Function 00FAB6C9 Relevance: 6.1, APIs: 4, Instructions: 122threadCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAB6D0 Relevance: 6.1, APIs: 4, Instructions: 120threadCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAFD2E Relevance: 1.6, APIs: 1, Instructions: 117COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAFD38 Relevance: 1.6, APIs: 1, Instructions: 113COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FA5365 Relevance: 1.6, APIs: 1, Instructions: 100COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FA3DE4 Relevance: 1.6, APIs: 1, Instructions: 96COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FA9B32 Relevance: 1.6, APIs: 1, Instructions: 73libraryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAB8F2 Relevance: 1.6, APIs: 1, Instructions: 70COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FA9841 Relevance: 1.6, APIs: 1, Instructions: 67COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAB8F8 Relevance: 1.6, APIs: 1, Instructions: 62COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FA94B8 Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FA98B0 Relevance: 1.5, APIs: 1, Instructions: 47COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAE5B0 Relevance: .3, Instructions: 315COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAC164 Relevance: .3, Instructions: 265COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAE5A0 Relevance: .2, Instructions: 222COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |