Windows
Analysis Report
lb64Iy4W4e.exe
Overview
General Information
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- lb64Iy4W4e.exe (PID: 4332 cmdline:
C:\Users\u ser\Deskto p\lb64Iy4W 4e.exe MD5: 4C7DF43E37814754AD1C8A97AB971AF8) - tohjyweui.exe (PID: 5884 cmdline:
"C:\Users\ user\AppDa ta\Local\T emp\tohjyw eui.exe" C :\Users\us er\AppData \Local\Tem p\fwbfw.c MD5: 64517EEC55E1F3C392B63B73D833E5F9) - tohjyweui.exe (PID: 4560 cmdline:
C:\Users\u ser\AppDat a\Local\Te mp\tohjywe ui.exe MD5: 64517EEC55E1F3C392B63B73D833E5F9)
- tpyienirbwgp.exe (PID: 5716 cmdline:
"C:\Users\ user\AppDa ta\Roaming \swschqavf bk\tpyieni rbwgp.exe" "C:\Users \user\AppD ata\Local\ Temp\tohjy weui.exe" C:\Users\u ser\A MD5: 64517EEC55E1F3C392B63B73D833E5F9) - WerFault.exe (PID: 5420 cmdline:
C:\Windows \SysWOW64\ WerFault.e xe -u -p 5 716 -s 632 MD5: 9E2B8ACAD48ECCA55C0230D63623661B)
- tpyienirbwgp.exe (PID: 5408 cmdline:
"C:\Users\ user\AppDa ta\Roaming \swschqavf bk\tpyieni rbwgp.exe" "C:\Users \user\AppD ata\Local\ Temp\tohjy weui.exe" C:\Users\u ser\A MD5: 64517EEC55E1F3C392B63B73D833E5F9) - WerFault.exe (PID: 4032 cmdline:
C:\Windows \SysWOW64\ WerFault.e xe -u -p 5 408 -s 604 MD5: 9E2B8ACAD48ECCA55C0230D63623661B)
- cleanup
{"Version": "1.2.2.0", "Mutex": "d046c01c-51f5-4c8c-b5b9-b566d533", "Group": "", "Domain1": "alertt.duckdns.org", "Domain2": "alertt.duckdns.org", "Port": 6445, "RunOnStartup": "Disable", "RequestElevation": "Disable", "BypassUAC": "Disable", "ClearZoneIdentifier": "Enable", "ClearAccessControl": "Disable", "SetCriticalProcess": "Disable", "PreventSystemSleep": "Enable", "ActivateAwayMode": "Disable", "EnableDebugMode": "Disable", "RunDelay": 0, "ConnectDelay": 4000, "RestartDelay": 5000, "TimeoutInterval": 5000, "KeepAliveTimeout": 30000, "MutexTimeout": 5000, "LanTimeout": 2500, "WanTimeout": 8000, "BufferSize": "ffff0000", "MaxPacketSize": "0000a000", "GCThreshold": "0000a000", "UseCustomDNS": "Enable", "PrimaryDNSServer": "8.8.8.8", "BackupDNSServer": "8.8.4.4"}
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
Nanocore_RAT_Gen_2 | Detetcs the Nanocore RAT | Florian Roth (Nextron Systems) |
| |
Nanocore_RAT_Feb18_1 | Detects Nanocore RAT | Florian Roth (Nextron Systems) |
| |
JoeSecurity_Nanocore | Yara detected Nanocore RAT | Joe Security | ||
MALWARE_Win_NanoCore | Detects NanoCore | ditekSHen |
| |
NanoCore | unknown | Kevin Breen <kevin@techanarchy.net> |
| |
Click to see the 5 entries |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
Nanocore_RAT_Gen_2 | Detetcs the Nanocore RAT | Florian Roth (Nextron Systems) |
| |
Nanocore_RAT_Feb18_1 | Detects Nanocore RAT | Florian Roth (Nextron Systems) |
| |
JoeSecurity_Nanocore | Yara detected Nanocore RAT | Joe Security | ||
MALWARE_Win_NanoCore | Detects NanoCore | ditekSHen |
| |
NanoCore | unknown | Kevin Breen <kevin@techanarchy.net> |
| |
Click to see the 19 entries |
AV Detection |
---|
Source: | Author: Joe Security: |
E-Banking Fraud |
---|
Source: | Author: Joe Security: |
Stealing of Sensitive Information |
---|
Source: | Author: Joe Security: |
Remote Access Functionality |
---|
Source: | Author: Joe Security: |
Timestamp: | 192.168.2.545.132.106.374971264452816766 02/06/23-14:12:55.395066 |
SID: | 2816766 |
Source Port: | 49712 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497312841753 02/06/23-14:13:52.517965 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49731 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374970964452816766 02/06/23-14:12:39.702248 |
SID: | 2816766 |
Source Port: | 49709 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497072841753 02/06/23-14:12:33.506820 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49707 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374973564452816766 02/06/23-14:14:08.694757 |
SID: | 2816766 |
Source Port: | 49735 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497202841753 02/06/23-14:13:12.771040 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49720 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374972964452816766 02/06/23-14:13:42.328059 |
SID: | 2816766 |
Source Port: | 49729 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374970264452816766 02/06/23-14:12:20.468192 |
SID: | 2816766 |
Source Port: | 49702 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497252841753 02/06/23-14:13:29.137140 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49725 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374971164452823337 02/06/23-14:12:50.979729 |
SID: | 2823337 |
Source Port: | 49711 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497202810451 02/06/23-14:13:12.771040 |
SID: | 2810451 |
Source Port: | 6445 |
Destination Port: | 49720 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497332841753 02/06/23-14:13:57.153095 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49733 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497352841753 02/06/23-14:14:08.617792 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49735 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497362841753 02/06/23-14:14:13.470154 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49736 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374972264452816766 02/06/23-14:13:18.836838 |
SID: | 2816766 |
Source Port: | 49722 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374971664452816766 02/06/23-14:12:59.871071 |
SID: | 2816766 |
Source Port: | 49716 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374970364452816766 02/06/23-14:12:29.256960 |
SID: | 2816766 |
Source Port: | 49703 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374972664452816766 02/06/23-14:13:33.513858 |
SID: | 2816766 |
Source Port: | 49726 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497272841753 02/06/23-14:13:37.915437 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49727 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497292841753 02/06/23-14:13:42.158315 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49729 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497022841753 02/06/23-14:12:20.379177 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49702 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497262841753 02/06/23-14:13:33.469565 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49726 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374973364452816766 02/06/23-14:13:57.290193 |
SID: | 2816766 |
Source Port: | 49733 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497012841753 02/06/23-14:12:15.717836 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49701 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374970764452816766 02/06/23-14:12:33.686837 |
SID: | 2816766 |
Source Port: | 49707 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497122841753 02/06/23-14:12:55.336364 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49712 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497162841753 02/06/23-14:12:59.766454 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49716 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497192841753 02/06/23-14:13:08.445515 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49719 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374972364452816766 02/06/23-14:13:24.891407 |
SID: | 2816766 |
Source Port: | 49723 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497172841753 02/06/23-14:13:04.143032 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49717 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497112841753 02/06/23-14:12:50.916490 |
SID: | 2841753 |
Source Port: | 6445 |
Destination Port: | 49711 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374971764452816766 02/06/23-14:13:04.199805 |
SID: | 2816766 |
Source Port: | 49717 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374972764452816766 02/06/23-14:13:37.920388 |
SID: | 2816766 |
Source Port: | 49727 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374973064452816766 02/06/23-14:13:48.218570 |
SID: | 2816766 |
Source Port: | 49730 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374972264452816718 02/06/23-14:13:18.233724 |
SID: | 2816718 |
Source Port: | 49722 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374973464452816766 02/06/23-14:14:04.014579 |
SID: | 2816766 |
Source Port: | 49734 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374971064452816766 02/06/23-14:12:46.639827 |
SID: | 2816766 |
Source Port: | 49710 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374972064452816766 02/06/23-14:13:12.842490 |
SID: | 2816766 |
Source Port: | 49720 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374971164452816766 02/06/23-14:12:50.979729 |
SID: | 2816766 |
Source Port: | 49711 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374973164452816766 02/06/23-14:13:52.687469 |
SID: | 2816766 |
Source Port: | 49731 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374970164452816766 02/06/23-14:12:15.779461 |
SID: | 2816766 |
Source Port: | 49701 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374972564452816766 02/06/23-14:13:29.249183 |
SID: | 2816766 |
Source Port: | 49725 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 45.132.106.37192.168.2.56445497092810290 02/06/23-14:12:38.309927 |
SID: | 2810290 |
Source Port: | 6445 |
Destination Port: | 49709 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374971964452816766 02/06/23-14:13:08.627802 |
SID: | 2816766 |
Source Port: | 49719 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.545.132.106.374970364452816718 02/06/23-14:12:27.309652 |
SID: | 2816718 |
Source Port: | 49703 |
Destination Port: | 6445 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
AV Detection |
---|
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link |
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Malware Configuration Extractor: |
Source: | Static PE information: |
Source: | File opened: | Jump to behavior |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: |
Source: | Code function: | 0_2_00405D74 | |
Source: | Code function: | 0_2_0040699E | |
Source: | Code function: | 0_2_0040290B | |
Source: | Code function: | 3_2_009C42E3 | |
Source: | Code function: | 3_2_009C46CD |
Networking |
---|
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | URLs: |
Source: | DNS query: |
Source: | ASN Name: |
Source: | TCP traffic: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: |
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00405809 |
E-Banking Fraud |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Static PE information: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Process created: |
Source: | Code function: | 0_2_00403640 |
Source: | Code function: | 0_2_00406D5F | |
Source: | Code function: | 1_2_009D00A7 | |
Source: | Code function: | 1_2_009F78A4 | |
Source: | Code function: | 1_2_009CE8A2 | |
Source: | Code function: | 1_2_009CF9B4 | |
Source: | Code function: | 1_2_009B59D3 | |
Source: | Code function: | 1_2_009E11E1 | |
Source: | Code function: | 1_2_009CF289 | |
Source: | Code function: | 1_2_009D0BA1 | |
Source: | Code function: | 1_2_009CEBEA | |
Source: | Code function: | 1_2_009D041B | |
Source: | Code function: | 1_2_009CFD42 | |
Source: | Code function: | 1_2_009CF617 | |
Source: | Code function: | 1_2_009D0780 | |
Source: | Code function: | 1_2_009D0FD1 | |
Source: | Code function: | 1_2_009EFF1F | |
Source: | Code function: | 1_2_009EEF20 | |
Source: | Code function: | 1_2_009CEF41 | |
Source: | Code function: | 1_2_00600F9C | |
Source: | Code function: | 1_2_00601247 | |
Source: | Code function: | 3_2_009B00A7 | |
Source: | Code function: | 3_2_009B041B | |
Source: | Code function: | 3_2_009B0780 | |
Source: | Code function: | 3_2_009AE8A2 | |
Source: | Code function: | 3_2_009DAA75 | |
Source: | Code function: | 3_2_009B0BA1 | |
Source: | Code function: | 3_2_009AEBEA | |
Source: | Code function: | 3_2_009B0FD1 | |
Source: | Code function: | 3_2_009CEF20 | |
Source: | Code function: | 3_2_009C8F5E | |
Source: | Code function: | 3_2_009AEF41 | |
Source: | Code function: | 3_2_009DAF71 | |
Source: | Code function: | 3_2_009C11E1 | |
Source: | Code function: | 3_2_009AF289 | |
Source: | Code function: | 3_2_009DB389 | |
Source: | Code function: | 3_2_009CF430 | |
Source: | Code function: | 3_2_009AF617 | |
Source: | Code function: | 3_2_009DB7BE | |
Source: | Code function: | 3_2_009D78A4 | |
Source: | Code function: | 3_2_009CF870 | |
Source: | Code function: | 3_2_009AF9B4 | |
Source: | Code function: | 3_2_009959D3 | |
Source: | Code function: | 3_2_009DBBF3 | |
Source: | Code function: | 3_2_009CDB32 | |
Source: | Code function: | 3_2_009AFD42 | |
Source: | Code function: | 3_2_009CFF1F |
Source: | Code function: | 1_2_009B1150 |
Source: | ReversingLabs: | ||
Source: | Virustotal: |
Source: | File read: | Jump to behavior |
Source: | Static PE information: |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Code function: | 0_2_00403640 |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Classification label: |
Source: | Code function: | 0_2_004021AA |
Source: | Code function: | 1_2_009B1060 | |
Source: | Code function: | 3_2_00991060 |
Source: | File read: | Jump to behavior |
Source: | Code function: | 0_2_00404AB5 |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 | |
Source: | Command line argument: | 3_2_00991C00 |
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: |
Source: | Code function: | 1_2_009B3419 | |
Source: | Code function: | 1_2_009F8ED0 | |
Source: | Code function: | 3_2_009D8ED0 | |
Source: | Code function: | 3_2_00993419 |
Source: | Code function: | 1_2_009B1C00 |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | Registry value created or modified: | Jump to behavior | ||
Source: | Registry value created or modified: | Jump to behavior |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | File opened: | Jump to behavior |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Evasive API call chain: | graph_1-23667 |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | Last function: |
Source: | Thread delayed: | Jump to behavior |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | API coverage: |
Source: | Process information queried: | Jump to behavior |
Source: | Code function: | 1_2_00600EBF |
Source: | Code function: | 0_2_00405D74 | |
Source: | Code function: | 0_2_0040699E | |
Source: | Code function: | 0_2_0040290B | |
Source: | Code function: | 3_2_009C42E3 | |
Source: | Code function: | 3_2_009C46CD |
Source: | Thread delayed: | Jump to behavior |
Source: | API call chain: | graph_0-3480 | ||
Source: | API call chain: | graph_1-23210 | ||
Source: | API call chain: | graph_1-23206 | ||
Source: | API call chain: | graph_3-39110 | ||
Source: | API call chain: | graph_3-39104 |
Source: | Code function: | 1_2_009B3171 |
Source: | Code function: | 1_2_009B1C00 |
Source: | Code function: | 1_2_009B18C0 |
Source: | Process token adjusted: | Jump to behavior |
Source: | Code function: | 1_2_009D9BCC | |
Source: | Code function: | 1_2_009E6DA6 | |
Source: | Code function: | 1_2_0060005F | |
Source: | Code function: | 1_2_0060017B | |
Source: | Code function: | 1_2_0060013E | |
Source: | Code function: | 1_2_00600109 | |
Source: | Code function: | 3_2_009C6BBA | |
Source: | Code function: | 3_2_009C6BFD | |
Source: | Code function: | 3_2_009C6B77 | |
Source: | Code function: | 3_2_009C6C58 | |
Source: | Code function: | 3_2_009C6DA6 | |
Source: | Code function: | 3_2_009C6DD7 | |
Source: | Code function: | 3_2_009C6D1E | |
Source: | Code function: | 3_2_009C6D62 | |
Source: | Code function: | 3_2_009B9BCC |
Source: | Memory allocated: | Jump to behavior |
Source: | Code function: | 1_2_009B3171 | |
Source: | Code function: | 1_2_009B35EF | |
Source: | Code function: | 1_2_009DCE64 | |
Source: | Code function: | 3_2_00993306 | |
Source: | Code function: | 3_2_009BCE64 | |
Source: | Code function: | 3_2_00993171 | |
Source: | Code function: | 3_2_009935EF |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | Section loaded: | Jump to behavior |
Source: | Process created: | Jump to behavior |
Source: | Code function: | 3_2_009BE0EA | |
Source: | Code function: | 3_2_009BE22B | |
Source: | Code function: | 3_2_009BE265 | |
Source: | Code function: | 3_2_009BEB90 | |
Source: | Code function: | 3_2_009C94F3 | |
Source: | Code function: | 3_2_009C9795 | |
Source: | Code function: | 3_2_009C97FE | |
Source: | Code function: | 3_2_009C9899 | |
Source: | Code function: | 3_2_009C9924 | |
Source: | Code function: | 3_2_009C9B77 | |
Source: | Code function: | 3_2_009C9CA0 | |
Source: | Code function: | 3_2_009C9DA6 | |
Source: | Code function: | 3_2_009C9E75 |
Source: | Code function: | 1_2_009B341B |
Source: | Key value queried: | Jump to behavior |
Source: | Code function: | 1_2_009B3046 |
Source: | Code function: | 0_2_00403640 |
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality |
---|
Source: | String found in binary or memory: |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | 1 Windows Management Instrumentation | 11 Windows Service | 1 Access Token Manipulation | 1 Disable or Modify Tools | 1 Input Capture | 1 System Time Discovery | Remote Services | 1 Archive Collected Data | Exfiltration Over Other Network Medium | 1 Encrypted Channel | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | 1 System Shutdown/Reboot |
Default Accounts | 11 Native API | 1 Registry Run Keys / Startup Folder | 11 Windows Service | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 2 File and Directory Discovery | Remote Desktop Protocol | 1 Input Capture | Exfiltration Over Bluetooth | 1 Non-Standard Port | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | 2 Command and Scripting Interpreter | Logon Script (Windows) | 111 Process Injection | 2 Obfuscated Files or Information | Security Account Manager | 26 System Information Discovery | SMB/Windows Admin Shares | 1 Clipboard Data | Automated Exfiltration | 1 Remote Access Software | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | 1 Service Execution | Logon Script (Mac) | 1 Registry Run Keys / Startup Folder | 1 Masquerading | NTDS | 13 Security Software Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | 1 Non-Application Layer Protocol | SIM Card Swap | Carrier Billing Fraud | |
Cloud Accounts | Cron | Network Logon Script | Network Logon Script | 21 Virtualization/Sandbox Evasion | LSA Secrets | 1 Process Discovery | SSH | Keylogging | Data Transfer Size Limits | 21 Application Layer Protocol | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
Replication Through Removable Media | Launchd | Rc.common | Rc.common | 1 Access Token Manipulation | Cached Domain Credentials | 21 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
External Remote Services | Scheduled Task | Startup Items | Startup Items | 111 Process Injection | DCSync | 1 Application Window Discovery | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact | |
Drive-by Compromise | Command and Scripting Interpreter | Scheduled Task/Job | Scheduled Task/Job | 1 Hidden Files and Directories | Proc Filesystem | 1 Remote System Discovery | Shared Webroot | Credential API Hooking | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Application Layer Protocol | Downgrade to Insecure Protocols | Generate Fraudulent Advertising Revenue |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
41% | ReversingLabs | Win32.Trojan.Nemesis | ||
35% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
23% | ReversingLabs | Win32.Trojan.Pwsx | ||
29% | Virustotal | Browse | ||
23% | ReversingLabs | Win32.Trojan.Pwsx |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
1% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
1% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
alertt.duckdns.org | 45.132.106.37 | true | true |
| unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
45.132.106.37 | alertt.duckdns.org | Ukraine | 204601 | ON-LINE-DATAServerlocation-NetherlandsDrontenNL | true |
Joe Sandbox Version: | 36.0.0 Rainbow Opal |
Analysis ID: | 799403 |
Start date and time: | 2023-02-06 14:11:08 +01:00 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 10m 17s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Number of analysed new started processes analysed: | 13 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample file name: | lb64Iy4W4e.exe |
Detection: | MAL |
Classification: | mal100.troj.evad.winEXE@9/17@24/1 |
EGA Information: |
|
HDC Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WerFault.exe, WMIADAP.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 52.168.117.173, 104.208.16.94
- Excluded domains from analysis (whitelisted): onedsblobprdeus16.eastus.cloudapp.azure.com, client.wns.windows.com, blobcollector.events.data.trafficmanager.net, ctldl.windowsupdate.com, watson.telemetry.microsoft.com, onedsblobprdcus16.centralus.cloudapp.azure.com
- Not all processes where analyzed, report is missing behavior information
- Report creation exceeded maximum time and may have missing disassembly code information.
- Report size exceeded maximum capacity and may have missing behavior information.
- Report size getting too big, too many NtAllocateVirtualMemory calls found.
- Report size getting too big, too many NtDeviceIoControlFile calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
Time | Type | Description |
---|---|---|
14:12:13 | Autostart | |
14:12:14 | API Interceptor | |
14:12:21 | Autostart | |
14:12:30 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
ON-LINE-DATAServerlocation-NetherlandsDrontenNL | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_tpyienirbwgp.exe_491668454d7886d02c78a9f3324eec6e9b560bc_bb377917_0f868df3\Report.wer
Download File
Process: | C:\Windows\SysWOW64\WerFault.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 65536 |
Entropy (8bit): | 0.929195913406343 |
Encrypted: | false |
SSDEEP: | 96:P5F7FbJUSjhRB70sSYpXIQcQmc6ycE8cw3yo++HbHgH3qTP+aVDPMbspoxGfnFhy:hJFbaoHY2GWoPjAQ+t/u7sFS274ItS |
MD5: | 96F6FB1E217DD003DCE5D7238773460B |
SHA1: | 89EAE1F997D7756D0AAEC192DE81E69178E6A4AF |
SHA-256: | 8C67EC275CAAFC86880994975244BCC733DD7348C732D69653E4F0C6E21279DC |
SHA-512: | 8CE3A7D0FE251B4B304FE130FEDEB9FC8C6D9580F0074C765968A5165D4030B0DE8D52B8A394FFCCC1760162AA4114F07E7CEA6DD3E6FB83F43D0C68BF465B9A |
Malicious: | false |
Reputation: | low |
Preview: |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_tpyienirbwgp.exe_491668454d7886d02c78a9f3324eec6e9b560bc_bb377917_156a7e34\Report.wer
Download File
Process: | C:\Windows\SysWOW64\WerFault.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 65536 |
Entropy (8bit): | 0.9362570845292987 |
Encrypted: | false |
SSDEEP: | 192:VJNOFbaUHY2GWoPjtLIa/u7sFS274ItS:JOBacY2GFPjL/u7sFX4ItS |
MD5: | 2CBF5D2E716A4E2B5C6D278FE380657F |
SHA1: | 384DF552BA7C4BCB6AF9CEA2CA8D41C9F7A35C75 |
SHA-256: | 296B9F299B3257C40397466A884CD0192583A8E96E768E42B1159C02C36CB1ED |
SHA-512: | 9A18CAA5753D47D557BABC07D0FF4D73590B22EF179AD8CBF90D309901F3D794F4A7D615EDE8F1B04A258752B4A486EAF9A7803B36E8A6FCD3AB7F734D181DC6 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Windows\SysWOW64\WerFault.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 40600 |
Entropy (8bit): | 1.9089113720969164 |
Encrypted: | false |
SSDEEP: | 96:5q8GF8v/U/Ah+YSWsVnQH5mFC8cTi72icnus9ikoOuFJwQcv/DhP8st2S+OzbBPI:HLuAcPWsVQszCO2iQJNPzBPbrmsBmw7W |
MD5: | 524916739B17C605C2740855D1E7EC09 |
SHA1: | 82283EE20177E916CDDCDA1AB1D044DEE085ED18 |
SHA-256: | 53AB2B99083581BDC2B0F0A67B2E1458CE34B129E0FA4EF5D5604E956F2295C9 |
SHA-512: | AFF9E00E7827410D569BAE50D45E1A82EBCA1C67E53E89208BFC1181245985EB5F9C6C63C248EFE7BB00D89A3AFD7738F806FB1FBA27CE09C52ACEC8AC8AA211 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Windows\SysWOW64\WerFault.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8368 |
Entropy (8bit): | 3.690412367634023 |
Encrypted: | false |
SSDEEP: | 192:Rrl7r3GLNiy46O6YBSDSUfgmfjSzo2CpDo89bDYsfohm:RrlsNit6O6YB2SUfgmfjSszDLfT |
MD5: | 69B0AF479D657FA1AAB1F5B1D5D8A6B3 |
SHA1: | F64ED0D7D6779D2A6836CC4A3978825DC198D0A7 |
SHA-256: | ADB3A01ABACCDEBF58B337E58D3A4037125DD6783878C2118AF5FFC690EA2BE8 |
SHA-512: | 6282615E7949977026F11FA8BDB42E396D20ACAC5DFFA8F4ED917027F4B4C1D5F1FDF47AEB97720BEB77985D8DFF70EA797E0902FDED85483EAB889B0016F169 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Windows\SysWOW64\WerFault.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4678 |
Entropy (8bit): | 4.428640371795023 |
Encrypted: | false |
SSDEEP: | 48:cvIwSD8zsCJgtWI9ZlWgc8sqYj68fm8M4JatkFg+q8vJtp/xl9d:uITfQSUgrsqYDJyVKPp/xl9d |
MD5: | 0443A3F9E4C64F2076E63D871398340F |
SHA1: | DF2AA90A48BD110ECA2562CF67A1F259FD2053D3 |
SHA-256: | C8550EC9C0DD614286C9284299C53AC51A7C0AA5D53092D213A36D7170BA88AB |
SHA-512: | 56152EB1ACA2F4D37C1532AF2818517619B23502DC8CE13669A699CA7B089433E48E5D1C15197EE39D34DD638152707EC254A15B5C87AAC45D72329204C6D112 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Windows\SysWOW64\WerFault.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 44156 |
Entropy (8bit): | 1.878369031530301 |
Encrypted: | false |
SSDEEP: | 192:r5dlzYMjVOKpaOhRdc3Eb90iOif7hUOO+HGo:DlWKp9Rdc0bmKf/Go |
MD5: | 74158FB4A4C5D428524DFA57C800160F |
SHA1: | 91FD89B3502EBE8AA35D27A485D9E0AF8D2FB845 |
SHA-256: | 68269F2E6CF5C585DA44D8A6E5E817305A803C12566634C500E22FD3A4BF1445 |
SHA-512: | EE80D93998D256257F44D1A93F78F92D62C62C9CEA65CBB5472809E2BDBB1B2E954128674F73147CF1B76480068337AFE9A799EDC2BA906C9EE6F5AF410B75B8 |
Malicious: | false |
Preview: |
Process: | C:\Windows\SysWOW64\WerFault.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8362 |
Entropy (8bit): | 3.6903200268418375 |
Encrypted: | false |
SSDEEP: | 192:Rrl7r3GLNi2o6n6YBSUSUDgmfjSzo2CpDH89bUisfjv8m:RrlsNip6n6YBBSUDgmfjSsuUhf1 |
MD5: | E99E5C0BB9E7AD97E9C5EA642B80D6D9 |
SHA1: | E651F6215134C7A52E51C7707ADEA8F66825ABFF |
SHA-256: | A165CD0C9C52EDD8B366FFE6E55E476A33C5E74327197C8B773CBBD966428206 |
SHA-512: | 069B867E69BAFF255261CE33AF1A4A6452212EBF022D117799C7EA4ADF60C14BCEEFB9FC0CD7FFFBF7014E69E2227783E76E3553F8A88CD4E55271AA45840763 |
Malicious: | false |
Preview: |
Process: | C:\Windows\SysWOW64\WerFault.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4678 |
Entropy (8bit): | 4.430634465003027 |
Encrypted: | false |
SSDEEP: | 48:cvIwSD8zsCJgtWI9ZlWgc8sqYj88fm8M4JatkFg+q8vJt3/xl1d:uITfQSUgrsqYNJyZKP3/xl1d |
MD5: | B02A5A7D16E8340BF24765A193DDDC9E |
SHA1: | 3A95D434E11165CFBF295BF5913A1F3AD6909C35 |
SHA-256: | C70ABF707A46B301967A1C419BF7D35D0334B68DC007A2D7CC10E710EABF22AA |
SHA-512: | F12581E96D7AD20C3C5583A3D7FEDCD1A0C691A128055F96385F910A994BCB7005B80486D7B2E433357F91B081AA587811E50FFA4EB90690FF5559354B318FFD |
Malicious: | false |
Preview: |
Process: | C:\Users\user\Desktop\lb64Iy4W4e.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8143 |
Entropy (8bit): | 7.188238050975561 |
Encrypted: | false |
SSDEEP: | 192:darcitQvArWiPvQcb9RuplmxcX/sCbFn/u/hhgv6LLtNI7ypzV:uCYrNPvQeAmaECbV+m69NI7q |
MD5: | 347856D905BEEA5827F7395DDD77048D |
SHA1: | 9D6D5347AE1CF53C2D187398FDB0CAB438F991C9 |
SHA-256: | 66B1F21A3BE5DAFCCFEF6CFEA835A488608FC471E9AC0D559D84CC4858CE683F |
SHA-512: | E9BC2FF8EAAA97F2DD39F76BF9C266DFE68CAB1CDA220237D87D020B2E90F8650EF1E66332E18135B8F809914048AA73B2BEC218B1379904E84E0D78C3D6549C |
Malicious: | false |
Preview: |
Process: | C:\Users\user\Desktop\lb64Iy4W4e.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 698028 |
Entropy (8bit): | 7.460862363180337 |
Encrypted: | false |
SSDEEP: | 12288:57EOGOwPPrn9SfU+7cCxbOXnKO9tWYI0D9bhoK1j/HD03n1zvPF:57AOwPTU8WbGTtWYI0D9bho2D031zvP |
MD5: | EF267C2426AD12867472601EE299537D |
SHA1: | A7311F5C90CD1F31F5410A810558FB6242DE5A01 |
SHA-256: | CBC0231A9AD35A20F279FD0E38093D3DFD0DD6FFE6C276FAD5AE945064E539CC |
SHA-512: | CC031C7E2DB6D86B7D3AE6311745E228142C33CB1DBE2EB69593C780CC2484DFB2B669ACE9DBCB05E143A389647CD118450A4490971D24A1616AB9B1BB1EB393 |
Malicious: | false |
Preview: |
Process: | C:\Users\user\Desktop\lb64Iy4W4e.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 370176 |
Entropy (8bit): | 6.615303914837989 |
Encrypted: | false |
SSDEEP: | 6144:MWYtu0D9bhoKSoj/QED03mc8+z1zQpb+g4ZeMF:MWYI0D9bhoK1j/HD03n1zvPF |
MD5: | 64517EEC55E1F3C392B63B73D833E5F9 |
SHA1: | 463C45E1ADC2269456E18B6BD47E521501D1F593 |
SHA-256: | 91E93FF76C34BEB61A02F782558C8FF319558B63E008580EB567DD927663E19C |
SHA-512: | E14FAF62CAE49174D895C6552E40FA54038BF46B350C6799938129E60F487F226260A5E3C23996BAF466494D5713A01612454F8C2334E581730CE5C1AE4A56A0 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Users\user\Desktop\lb64Iy4W4e.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 308051 |
Entropy (8bit): | 7.986580869538692 |
Encrypted: | false |
SSDEEP: | 6144:blfN7EA/J3IlnuTtuZd5BCkrSa195056sU+OwHu7sdkwb/mXY:X7EOGOwPPrn9SfU+7cCxbOXY |
MD5: | 12A293C8002A21714974ED14512456C4 |
SHA1: | 5CFDA98DDB30ED52F34740D33B8197B3447C71A5 |
SHA-256: | 30158501D83CB7C1453D281A51B6F192695E03EE5C90E0642B3EA273FE10BAAA |
SHA-512: | C29B0E3F084E170665196E0E2D1D137F5376D8ECAC8BB786BFCB314DCCA6E9B91D3BD408C0F2CD4B165E4184E7FA5CB057C823E3313B71766B07B21BA5DB2B3E |
Malicious: | false |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\tohjyweui.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 232 |
Entropy (8bit): | 7.024371743172393 |
Encrypted: | false |
SSDEEP: | 6:X4LDAnybgCFcpJSQwP4d7ZrqJgTFwoaw+9XU4:X4LEnybgCFCtvd7ZrCgpwoaw+Z9 |
MD5: | 32D0AAE13696FF7F8AF33B2D22451028 |
SHA1: | EF80C4E0DB2AE8EF288027C9D3518E6950B583A4 |
SHA-256: | 5347661365E7AD2C1ACC27AB0D150FFA097D9246BB3626FCA06989E976E8DD29 |
SHA-512: | 1D77FC13512C0DBC4EFD7A66ACB502481E4EFA0FB73D0C7D0942448A72B9B05BA1EA78DDF0BE966363C2E3122E0B631DB7630D044D08C1E1D32B9FB025C356A5 |
Malicious: | false |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\tohjyweui.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8 |
Entropy (8bit): | 3.0 |
Encrypted: | false |
SSDEEP: | 3:s5tn:At |
MD5: | 51FACF24B75B12CFB8F7B2FB57DA4C58 |
SHA1: | 348477F51F4AA4EF999B743333CE5FDECCF76FB2 |
SHA-256: | C3AC357375B798C399E6BEF38CD7C254246A6EAB64B0FFF5C163CE385607568C |
SHA-512: | B3812D6378CBA61C5504166B2997026494AE6513EA0F56E7952E97BAC8AAA6639359F72B680097714ED5E0F4495B95913B32F6EE39E3F1B0E5D4785758E3CF7F |
Malicious: | true |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\tohjyweui.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 40 |
Entropy (8bit): | 5.221928094887364 |
Encrypted: | false |
SSDEEP: | 3:9bzY6oRDMjmPl:RzWDMCd |
MD5: | AE0F5E6CE7122AF264EC533C6B15A27B |
SHA1: | 1265A495C42EED76CC043D50C60C23297E76CCE1 |
SHA-256: | 73B0B92179C61C26589B47E9732CE418B07EDEE3860EE5A2A5FB06F3B8AA9B26 |
SHA-512: | DD44C2D24D4E3A0F0B988AD3D04683B5CB128298043134649BBE33B2512CE0C9B1A8E7D893B9F66FBBCDD901E2B0646C4533FB6C0C8C4AFCB95A0EFB95D446F8 |
Malicious: | false |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\tohjyweui.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 426840 |
Entropy (8bit): | 7.999608491116724 |
Encrypted: | true |
SSDEEP: | 12288:zKf137EiDsTjevgA4p0V7njXuWSvdVU7V4OC0Rr:+134i2lp67i5d8+OCg |
MD5: | 963D5E2C9C0008DFF05518B47C367A7F |
SHA1: | C183D601FABBC9AC8FBFA0A0937DECC677535E74 |
SHA-256: | 5EACF2974C9BB2C2E24CDC651C4840DD6F4B76A98F0E85E90279F1DBB2E6F3C0 |
SHA-512: | 0C04E1C1A13070D48728D9F7F300D9B26DEC6EC8875D8D3017EAD52B9EE5BDF9B651A7F0FCC537761212831107646ED72B8ED017E7477E600BC0137EF857AE2C |
Malicious: | false |
Preview: |
Process: | C:\Users\user\AppData\Local\Temp\tohjyweui.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 370176 |
Entropy (8bit): | 6.615303914837989 |
Encrypted: | false |
SSDEEP: | 6144:MWYtu0D9bhoKSoj/QED03mc8+z1zQpb+g4ZeMF:MWYI0D9bhoK1j/HD03n1zvPF |
MD5: | 64517EEC55E1F3C392B63B73D833E5F9 |
SHA1: | 463C45E1ADC2269456E18B6BD47E521501D1F593 |
SHA-256: | 91E93FF76C34BEB61A02F782558C8FF319558B63E008580EB567DD927663E19C |
SHA-512: | E14FAF62CAE49174D895C6552E40FA54038BF46B350C6799938129E60F487F226260A5E3C23996BAF466494D5713A01612454F8C2334E581730CE5C1AE4A56A0 |
Malicious: | true |
Antivirus: |
|
Preview: |
File type: | |
Entropy (8bit): | 7.396277761181723 |
TrID: |
|
File name: | lb64Iy4W4e.exe |
File size: | 663392 |
MD5: | 4c7df43e37814754ad1c8a97ab971af8 |
SHA1: | c2315cba4dc175554869cf1c7d7b4ddfdb65adea |
SHA256: | 49cc6f25d16cf7c85d218bcd4ecbdedce0f5d4540bc5099436511291f48a3976 |
SHA512: | 635c6f4c3d20a691cadae02d8f857d6aa37775b1d55302c59498e0ace80152413be2f0fd22b328db96ed41e381868f9c026f5176b430ba5e969dba8347f3d8a3 |
SSDEEP: | 12288:3YueB8OT4Q9HIbbir1vIm4KQH/HxCl9KOlOMyhiZq+zeRZA7Y1g9R:3YPT4Q9HHr1vIRCLShqq+FL |
TLSH: | 74E402247A10C56FCA905BB84EA5E3B457B0EE5D3E549F0B63E03FBFBDB91915908220 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf.*_9..Pf..Pg.LPf.*_;..Pf..sV..Pf..V`..Pf.Rich.Pf.........................PE..L.....Oa.................h...*..... |
Icon Hash: | f2d29cccdcdcccdc |
Entrypoint: | 0x403640 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x614F9B1F [Sat Sep 25 21:56:47 2021 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | 61259b55b8912888e90f516ca08dc514 |
Instruction |
---|
push ebp |
mov ebp, esp |
sub esp, 000003F4h |
push ebx |
push esi |
push edi |
push 00000020h |
pop edi |
xor ebx, ebx |
push 00008001h |
mov dword ptr [ebp-14h], ebx |
mov dword ptr [ebp-04h], 0040A230h |
mov dword ptr [ebp-10h], ebx |
call dword ptr [004080C8h] |
mov esi, dword ptr [004080CCh] |
lea eax, dword ptr [ebp-00000140h] |
push eax |
mov dword ptr [ebp-0000012Ch], ebx |
mov dword ptr [ebp-2Ch], ebx |
mov dword ptr [ebp-28h], ebx |
mov dword ptr [ebp-00000140h], 0000011Ch |
call esi |
test eax, eax |
jne 00007FAD50A616FAh |
lea eax, dword ptr [ebp-00000140h] |
mov dword ptr [ebp-00000140h], 00000114h |
push eax |
call esi |
mov ax, word ptr [ebp-0000012Ch] |
mov ecx, dword ptr [ebp-00000112h] |
sub ax, 00000053h |
add ecx, FFFFFFD0h |
neg ax |
sbb eax, eax |
mov byte ptr [ebp-26h], 00000004h |
not eax |
and eax, ecx |
mov word ptr [ebp-2Ch], ax |
cmp dword ptr [ebp-0000013Ch], 0Ah |
jnc 00007FAD50A616CAh |
and word ptr [ebp-00000132h], 0000h |
mov eax, dword ptr [ebp-00000134h] |
movzx ecx, byte ptr [ebp-00000138h] |
mov dword ptr [0042A318h], eax |
xor eax, eax |
mov ah, byte ptr [ebp-0000013Ch] |
movzx eax, ax |
or eax, ecx |
xor ecx, ecx |
mov ch, byte ptr [ebp-2Ch] |
movzx ecx, cx |
shl eax, 10h |
or eax, ecx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x8504 | 0xa0 | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x3b000 | 0x32e60 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x8000 | 0x2b0 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x6676 | 0x6800 | False | 0.6568134014423077 | data | 6.4174599871908855 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x8000 | 0x139a | 0x1400 | False | 0.4498046875 | data | 5.141066817170598 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xa000 | 0x20378 | 0x600 | False | 0.509765625 | data | 4.110582127654237 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.ndata | 0x2b000 | 0x10000 | 0x0 | False | 0 | empty | 0.0 | IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0x3b000 | 0x32e60 | 0x33000 | False | 0.4702914368872549 | data | 5.337142337075559 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country |
---|---|---|---|---|---|
RT_ICON | 0x3b358 | 0x10828 | Device independent bitmap graphic, 128 x 256 x 32, image size 67584 | English | United States |
RT_ICON | 0x4bb80 | 0xaac8 | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | English | United States |
RT_ICON | 0x56648 | 0x94a8 | Device independent bitmap graphic, 96 x 192 x 32, image size 38016 | English | United States |
RT_ICON | 0x5faf0 | 0x5488 | Device independent bitmap graphic, 72 x 144 x 32, image size 21600 | English | United States |
RT_ICON | 0x64f78 | 0x4228 | Device independent bitmap graphic, 64 x 128 x 32, image size 16896 | English | United States |
RT_ICON | 0x691a0 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 9600 | English | United States |
RT_ICON | 0x6b748 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 4224 | English | United States |
RT_ICON | 0x6c7f0 | 0x988 | Device independent bitmap graphic, 24 x 48 x 32, image size 2400 | English | United States |
RT_ICON | 0x6d178 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 1088 | English | United States |
RT_DIALOG | 0x6d5e0 | 0x100 | data | English | United States |
RT_DIALOG | 0x6d6e0 | 0x11c | data | English | United States |
RT_DIALOG | 0x6d800 | 0x60 | data | English | United States |
RT_GROUP_ICON | 0x6d860 | 0x84 | data | English | United States |
RT_VERSION | 0x6d8e8 | 0x234 | data | English | United States |
RT_MANIFEST | 0x6db20 | 0x33e | XML 1.0 document, ASCII text, with very long lines (830), with no line terminators | English | United States |
DLL | Import |
---|---|
ADVAPI32.dll | RegCreateKeyExW, RegEnumKeyW, RegQueryValueExW, RegSetValueExW, RegCloseKey, RegDeleteValueW, RegDeleteKeyW, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, SetFileSecurityW, RegOpenKeyExW, RegEnumValueW |
SHELL32.dll | SHGetSpecialFolderLocation, SHFileOperationW, SHBrowseForFolderW, SHGetPathFromIDListW, ShellExecuteExW, SHGetFileInfoW |
ole32.dll | OleInitialize, OleUninitialize, CoCreateInstance, IIDFromString, CoTaskMemFree |
COMCTL32.dll | ImageList_Create, ImageList_Destroy, ImageList_AddMasked |
USER32.dll | GetClientRect, EndPaint, DrawTextW, IsWindowEnabled, DispatchMessageW, wsprintfA, CharNextA, CharPrevW, MessageBoxIndirectW, GetDlgItemTextW, SetDlgItemTextW, GetSystemMetrics, FillRect, AppendMenuW, TrackPopupMenu, OpenClipboard, SetClipboardData, CloseClipboard, IsWindowVisible, CallWindowProcW, GetMessagePos, CheckDlgButton, LoadCursorW, SetCursor, GetSysColor, SetWindowPos, GetWindowLongW, PeekMessageW, SetClassLongW, GetSystemMenu, EnableMenuItem, GetWindowRect, ScreenToClient, EndDialog, RegisterClassW, SystemParametersInfoW, CreateWindowExW, GetClassInfoW, DialogBoxParamW, CharNextW, ExitWindowsEx, DestroyWindow, CreateDialogParamW, SetTimer, SetWindowTextW, PostQuitMessage, SetForegroundWindow, ShowWindow, wsprintfW, SendMessageTimeoutW, FindWindowExW, IsWindow, GetDlgItem, SetWindowLongW, LoadImageW, GetDC, ReleaseDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, EmptyClipboard, CreatePopupMenu |
GDI32.dll | SetBkMode, SetBkColor, GetDeviceCaps, CreateFontIndirectW, CreateBrushIndirect, DeleteObject, SetTextColor, SelectObject |
KERNEL32.dll | GetExitCodeProcess, WaitForSingleObject, GetModuleHandleA, GetProcAddress, GetSystemDirectoryW, lstrcatW, Sleep, lstrcpyA, WriteFile, GetTempFileNameW, lstrcmpiA, RemoveDirectoryW, CreateProcessW, CreateDirectoryW, GetLastError, CreateThread, GlobalLock, GlobalUnlock, GetDiskFreeSpaceW, WideCharToMultiByte, lstrcpynW, lstrlenW, SetErrorMode, GetVersionExW, GetCommandLineW, GetTempPathW, GetWindowsDirectoryW, SetEnvironmentVariableW, CopyFileW, ExitProcess, GetCurrentProcess, GetModuleFileNameW, GetFileSize, CreateFileW, GetTickCount, MulDiv, SetFileAttributesW, GetFileAttributesW, SetCurrentDirectoryW, MoveFileW, GetFullPathNameW, GetShortPathNameW, SearchPathW, CompareFileTime, SetFileTime, CloseHandle, lstrcmpiW, lstrcmpW, ExpandEnvironmentStringsW, GlobalFree, GlobalAlloc, GetModuleHandleW, LoadLibraryExW, MoveFileExW, FreeLibrary, WritePrivateProfileStringW, GetPrivateProfileStringW, lstrlenA, MultiByteToWideChar, ReadFile, SetFilePointer, FindClose, FindNextFileW, FindFirstFileW, DeleteFileW |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | United States |
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
192.168.2.545.132.106.374971264452816766 02/06/23-14:12:55.395066 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49712 | 6445 | 192.168.2.5 | 45.132.106.37 |
45.132.106.37192.168.2.56445497312841753 02/06/23-14:13:52.517965 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49731 | 45.132.106.37 | 192.168.2.5 |
192.168.2.545.132.106.374970964452816766 02/06/23-14:12:39.702248 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
45.132.106.37192.168.2.56445497072841753 02/06/23-14:12:33.506820 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49707 | 45.132.106.37 | 192.168.2.5 |
192.168.2.545.132.106.374973564452816766 02/06/23-14:14:08.694757 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49735 | 6445 | 192.168.2.5 | 45.132.106.37 |
45.132.106.37192.168.2.56445497202841753 02/06/23-14:13:12.771040 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49720 | 45.132.106.37 | 192.168.2.5 |
192.168.2.545.132.106.374972964452816766 02/06/23-14:13:42.328059 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49729 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374970264452816766 02/06/23-14:12:20.468192 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49702 | 6445 | 192.168.2.5 | 45.132.106.37 |
45.132.106.37192.168.2.56445497252841753 02/06/23-14:13:29.137140 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49725 | 45.132.106.37 | 192.168.2.5 |
192.168.2.545.132.106.374971164452823337 02/06/23-14:12:50.979729 | TCP | 2823337 | ETPRO TROJAN Nanocore Checkin Pattern | 49711 | 6445 | 192.168.2.5 | 45.132.106.37 |
45.132.106.37192.168.2.56445497202810451 02/06/23-14:13:12.771040 | TCP | 2810451 | ETPRO TROJAN NanoCore RAT Keepalive Response 3 | 6445 | 49720 | 45.132.106.37 | 192.168.2.5 |
45.132.106.37192.168.2.56445497332841753 02/06/23-14:13:57.153095 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49733 | 45.132.106.37 | 192.168.2.5 |
45.132.106.37192.168.2.56445497352841753 02/06/23-14:14:08.617792 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49735 | 45.132.106.37 | 192.168.2.5 |
45.132.106.37192.168.2.56445497362841753 02/06/23-14:14:13.470154 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49736 | 45.132.106.37 | 192.168.2.5 |
192.168.2.545.132.106.374972264452816766 02/06/23-14:13:18.836838 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374971664452816766 02/06/23-14:12:59.871071 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49716 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374970364452816766 02/06/23-14:12:29.256960 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374972664452816766 02/06/23-14:13:33.513858 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49726 | 6445 | 192.168.2.5 | 45.132.106.37 |
45.132.106.37192.168.2.56445497272841753 02/06/23-14:13:37.915437 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49727 | 45.132.106.37 | 192.168.2.5 |
45.132.106.37192.168.2.56445497292841753 02/06/23-14:13:42.158315 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49729 | 45.132.106.37 | 192.168.2.5 |
45.132.106.37192.168.2.56445497022841753 02/06/23-14:12:20.379177 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
45.132.106.37192.168.2.56445497262841753 02/06/23-14:13:33.469565 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49726 | 45.132.106.37 | 192.168.2.5 |
192.168.2.545.132.106.374973364452816766 02/06/23-14:13:57.290193 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49733 | 6445 | 192.168.2.5 | 45.132.106.37 |
45.132.106.37192.168.2.56445497012841753 02/06/23-14:12:15.717836 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49701 | 45.132.106.37 | 192.168.2.5 |
192.168.2.545.132.106.374970764452816766 02/06/23-14:12:33.686837 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49707 | 6445 | 192.168.2.5 | 45.132.106.37 |
45.132.106.37192.168.2.56445497122841753 02/06/23-14:12:55.336364 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49712 | 45.132.106.37 | 192.168.2.5 |
45.132.106.37192.168.2.56445497162841753 02/06/23-14:12:59.766454 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49716 | 45.132.106.37 | 192.168.2.5 |
45.132.106.37192.168.2.56445497192841753 02/06/23-14:13:08.445515 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49719 | 45.132.106.37 | 192.168.2.5 |
192.168.2.545.132.106.374972364452816766 02/06/23-14:13:24.891407 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
45.132.106.37192.168.2.56445497172841753 02/06/23-14:13:04.143032 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49717 | 45.132.106.37 | 192.168.2.5 |
45.132.106.37192.168.2.56445497112841753 02/06/23-14:12:50.916490 | TCP | 2841753 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (Inbound) | 6445 | 49711 | 45.132.106.37 | 192.168.2.5 |
192.168.2.545.132.106.374971764452816766 02/06/23-14:13:04.199805 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49717 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374972764452816766 02/06/23-14:13:37.920388 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49727 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374973064452816766 02/06/23-14:13:48.218570 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374972264452816718 02/06/23-14:13:18.233724 | TCP | 2816718 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374973464452816766 02/06/23-14:14:04.014579 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374971064452816766 02/06/23-14:12:46.639827 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374972064452816766 02/06/23-14:13:12.842490 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49720 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374971164452816766 02/06/23-14:12:50.979729 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49711 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374973164452816766 02/06/23-14:13:52.687469 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49731 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374970164452816766 02/06/23-14:12:15.779461 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49701 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374972564452816766 02/06/23-14:13:29.249183 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49725 | 6445 | 192.168.2.5 | 45.132.106.37 |
45.132.106.37192.168.2.56445497092810290 02/06/23-14:12:38.309927 | TCP | 2810290 | ETPRO TROJAN NanoCore RAT Keepalive Response 1 | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
192.168.2.545.132.106.374971964452816766 02/06/23-14:13:08.627802 | TCP | 2816766 | ETPRO TROJAN NanoCore RAT CnC 7 | 49719 | 6445 | 192.168.2.5 | 45.132.106.37 |
192.168.2.545.132.106.374970364452816718 02/06/23-14:12:27.309652 | TCP | 2816718 | ETPRO TROJAN NanoCore RAT Keep-Alive Beacon | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Feb 6, 2023 14:12:15.550626040 CET | 49701 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:15.580632925 CET | 6445 | 49701 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:15.580776930 CET | 49701 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:15.631295919 CET | 49701 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:15.676197052 CET | 6445 | 49701 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:15.687864065 CET | 49701 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:15.717835903 CET | 6445 | 49701 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:15.718019962 CET | 49701 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:15.747594118 CET | 6445 | 49701 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:15.779460907 CET | 49701 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:15.858882904 CET | 6445 | 49701 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:15.863033056 CET | 49701 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:15.943516970 CET | 49701 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:15.952651978 CET | 6445 | 49701 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:15.953249931 CET | 49701 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:20.210206985 CET | 49702 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:20.239721060 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.239864111 CET | 49702 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:20.258255005 CET | 49702 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:20.316607952 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.316914082 CET | 49702 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:20.349812031 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.349951982 CET | 49702 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:20.379177094 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.379296064 CET | 49702 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:20.468054056 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.468192101 CET | 49702 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:20.501760006 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.501795053 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.501815081 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.501837015 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.501878977 CET | 49702 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:20.501914978 CET | 49702 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:20.526129007 CET | 49702 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:20.530669928 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.530744076 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.530775070 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.530891895 CET | 49702 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:20.531017065 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.531049013 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.531078100 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.531106949 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.531137943 CET | 6445 | 49702 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:20.531161070 CET | 49702 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:20.531184912 CET | 49702 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:26.676229000 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:26.714061975 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:26.714267015 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:26.753952026 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:26.827461004 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:26.827663898 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:26.921391964 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:26.921576023 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:26.950916052 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:26.962414026 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.046224117 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.046386003 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.076018095 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.076051950 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.076072931 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.076097965 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.076158047 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.076158047 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.086903095 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.105926991 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.106000900 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.106045961 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.106076956 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.106089115 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.106117964 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.106117964 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.106132984 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.106154919 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.106177092 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.106189013 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.106220961 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.106235981 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.106266022 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.106276989 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.106332064 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.135333061 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135390043 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135423899 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135458946 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135481119 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.135489941 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135513067 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.135521889 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135560989 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135591030 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135591984 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.135613918 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135637045 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135668039 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135680914 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.135699034 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135731936 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135735035 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.135747910 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.135765076 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135797024 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135812044 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.135855913 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.135937929 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.165590048 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.165636063 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.165664911 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.165684938 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.165713072 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.165733099 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.165745974 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.165761948 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.165791035 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.165821075 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.165848970 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.165878057 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.165908098 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.165926933 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.165934086 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.165963888 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.165966988 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.165992022 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166023016 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166053057 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166064024 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.166083097 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166085005 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.166114092 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166135073 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166157961 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166167021 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.166187048 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166197062 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.166218042 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166248083 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166253090 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.166275978 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166296959 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166326046 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166354895 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166383982 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166414022 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166445017 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166477919 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.166532040 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.166532040 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.180255890 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197205067 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197246075 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197271109 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197298050 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197324991 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197350979 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197376013 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197403908 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197428942 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197455883 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197485924 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197514057 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197541952 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197573900 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197602987 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197630882 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197660923 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197690964 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197694063 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197695017 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197695017 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197695017 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197695017 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197695017 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197695017 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197721958 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197748899 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197777033 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197807074 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197837114 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197840929 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197840929 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197840929 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197840929 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197840929 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197840929 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197840929 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197840929 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197864056 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197896957 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197918892 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197918892 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197918892 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197918892 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197926044 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197918892 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197918892 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197918892 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197957993 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197988033 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.197988987 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.197988987 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198018074 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198020935 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198045015 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198048115 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198067904 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198079109 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198098898 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198107958 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198137999 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198151112 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198151112 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198168993 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198190928 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198199987 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198227882 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198282003 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198291063 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198321104 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198349953 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198371887 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198374987 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198400021 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198417902 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198417902 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198417902 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198422909 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198451042 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198455095 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198477030 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198486090 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198503017 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198512077 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198528051 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198535919 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198554993 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198559999 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198581934 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198607922 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198621035 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198621035 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198632956 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198656082 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198656082 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198659897 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.198719978 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.198719978 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.228827000 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.228931904 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229002953 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229027987 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.229068995 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229130030 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.229136944 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229198933 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229255915 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.229268074 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229341030 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229403019 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.229410887 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229482889 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229552031 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229561090 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.229619026 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229696035 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.229700089 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229768038 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229837894 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229840994 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.229908943 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229979992 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.229989052 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.230052948 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.230118990 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.230125904 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.230194092 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.230252028 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.230264902 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.230338097 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.230396986 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.230407000 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.230479002 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.230544090 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.230550051 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.230618000 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.230674982 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.230688095 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.230788946 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.230859995 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.230876923 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.230930090 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.230989933 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.230999947 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.231070042 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.231127977 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.231138945 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.231204033 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.231270075 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.231271982 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.231339931 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.231403112 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.231409073 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.231478930 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.231542110 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.231549978 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.231623888 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.231684923 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.231693029 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.231761932 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.231818914 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.231829882 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.231892109 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.231961966 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.232006073 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.232031107 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.232100010 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.232100964 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.232167959 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.232234955 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.232248068 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.232302904 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.232367992 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.261292934 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261326075 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261346102 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261367083 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261389971 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261410952 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261431932 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261451960 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261471987 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261492014 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261482954 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.261512995 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261533976 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261596918 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.261596918 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.261596918 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.261596918 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.261605024 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261626005 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261646032 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261667013 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261674881 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.261687040 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261708021 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261723995 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.261749983 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.261811018 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261831999 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261852980 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261878014 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261899948 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.261913061 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.261955976 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.262006044 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262068033 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.262279987 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262306929 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262326002 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262341022 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262362003 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262382984 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262403011 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262403965 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.262403965 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.262423992 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262434959 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.262444019 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262465954 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262485981 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262492895 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.262505054 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262518883 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.262526035 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262546062 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262562037 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.262567043 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262587070 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262607098 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.262609959 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262629986 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262646914 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.262650967 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262670994 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262676001 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.262706041 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262726068 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262748003 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262748957 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.262762070 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262784004 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262799025 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.262805939 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.262825012 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.262909889 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.290918112 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.290958881 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.290978909 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.290999889 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291019917 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291044950 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291071892 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291091919 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291095972 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291091919 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291116953 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291137934 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291160107 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291167021 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291167021 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291178942 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291199923 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291204929 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291218996 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291239023 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291259050 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291259050 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291280031 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291301012 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291316986 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291320086 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291332006 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291341066 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291361094 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291376114 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291379929 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291388988 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291400909 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291421890 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291431904 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291443110 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291464090 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291482925 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291481972 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291502953 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291513920 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291522026 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291542053 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291549921 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291563034 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291583061 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291604042 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291604996 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291623116 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291631937 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291642904 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291666985 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291686058 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291697025 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291697025 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291704893 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291724920 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291744947 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291748047 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291764975 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291785955 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291791916 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291805983 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291826010 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291834116 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291845083 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291865110 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291886091 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291886091 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291906118 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291915894 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291919947 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291939020 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291959047 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291965961 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.291979074 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.291997910 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292005062 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.292018890 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292031050 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.292038918 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292058945 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292076111 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.292079926 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292100906 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292109013 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.292121887 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292140961 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292146921 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.292161942 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292181969 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292191982 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.292203903 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292223930 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292233944 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.292244911 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292263985 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292273998 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.292284966 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292305946 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292310953 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.292325020 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.292351961 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.309652090 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.390088081 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.610641003 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.686786890 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.686901093 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.780576944 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.780734062 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.858728886 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:27.922363043 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:27.999382019 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:28.008040905 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:28.093611002 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:28.164617062 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:28.249798059 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:28.249905109 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:28.346173048 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:28.348048925 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:28.436804056 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:28.488574028 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:28.554404974 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:28.586455107 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:28.663780928 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:28.767323971 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:28.858884096 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:28.859237909 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:28.936856031 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:28.938141108 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:28.967715025 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:29.003036022 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:29.031778097 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:29.053848982 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:29.124696970 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:29.129396915 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:29.218156099 CET | 6445 | 49703 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:29.256959915 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:29.257204056 CET | 49703 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:33.436392069 CET | 49707 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:33.466550112 CET | 6445 | 49707 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:33.466831923 CET | 49707 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:33.467230082 CET | 49707 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:33.506819963 CET | 6445 | 49707 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:33.508379936 CET | 49707 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:33.537482977 CET | 6445 | 49707 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:33.537796021 CET | 49707 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:33.567251921 CET | 6445 | 49707 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:33.595993996 CET | 49707 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:33.686671019 CET | 6445 | 49707 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:33.686836958 CET | 49707 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:33.758681059 CET | 49707 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:33.780538082 CET | 6445 | 49707 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:33.780636072 CET | 49707 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:37.818219900 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:37.847625017 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:37.847771883 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:37.848176956 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:37.925072908 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:37.928420067 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:37.959702015 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:37.974281073 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:38.061517954 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:38.061585903 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:38.140348911 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:38.140419960 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:38.217823982 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:38.218240023 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:38.264569998 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:38.265707016 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:38.309926987 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:38.352171898 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:38.352298021 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:38.402096987 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:38.417777061 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:38.446399927 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:38.446527958 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:38.530317068 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:38.530929089 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:38.561047077 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:38.602170944 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:38.631095886 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:38.634100914 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:38.733625889 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:38.806217909 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:38.890654087 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:38.890801907 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:38.983606100 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:38.993659973 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:39.077244043 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:39.149327040 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:39.155968904 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:39.213767052 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:39.233587027 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:39.233690023 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:39.311642885 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:39.384085894 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:39.467861891 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:39.468055964 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:39.561862946 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:39.618225098 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:39.702158928 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:39.702248096 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:39.780484915 CET | 6445 | 49709 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:39.821962118 CET | 49709 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:43.893306971 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:43.922442913 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:43.922597885 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:43.961596966 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:44.019459963 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:44.019633055 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:44.092914104 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:44.093087912 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:44.124692917 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:44.165091991 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:44.180218935 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:44.265305996 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:44.833621979 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:44.905360937 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:44.905589104 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:44.999043941 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:45.055732012 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:45.102437019 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:45.130909920 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:45.227750063 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:45.266510010 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:45.358443022 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:45.358565092 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:45.387729883 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:45.387831926 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:45.416331053 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:45.493576050 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:45.577404022 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:45.667388916 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:45.749140978 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:45.839436054 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:45.920979023 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:45.921147108 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:45.999027014 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:45.999222994 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:46.077356100 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:46.103413105 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:46.186503887 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:46.186651945 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:46.266284943 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:46.275070906 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:46.358519077 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:46.400223970 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:46.485780001 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:46.556324005 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:46.639653921 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:46.639827013 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:46.733418941 CET | 6445 | 49710 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:46.743774891 CET | 49710 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:50.842432022 CET | 49711 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:50.873918056 CET | 6445 | 49711 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:50.874208927 CET | 49711 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:50.875257969 CET | 49711 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:50.916490078 CET | 6445 | 49711 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:50.916676998 CET | 49711 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:50.945451021 CET | 6445 | 49711 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:50.945717096 CET | 49711 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:50.976003885 CET | 6445 | 49711 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:50.979728937 CET | 49711 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:51.061862946 CET | 6445 | 49711 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:51.061980009 CET | 49711 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:51.130933046 CET | 49711 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:51.139889956 CET | 6445 | 49711 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:51.139983892 CET | 49711 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:55.263312101 CET | 49712 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:55.295558929 CET | 6445 | 49712 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:55.295675039 CET | 49712 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:55.296205997 CET | 49712 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:55.336364031 CET | 6445 | 49712 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:55.336527109 CET | 49712 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:55.365494967 CET | 6445 | 49712 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:55.365839958 CET | 49712 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:55.394876003 CET | 6445 | 49712 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:55.395066023 CET | 49712 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:55.485647917 CET | 6445 | 49712 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:55.485810995 CET | 49712 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:55.499924898 CET | 49712 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:59.681183100 CET | 49716 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:59.716228962 CET | 6445 | 49716 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:59.718874931 CET | 49716 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:59.719389915 CET | 49716 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:59.766453981 CET | 6445 | 49716 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:59.812001944 CET | 49716 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:59.840317011 CET | 6445 | 49716 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:59.840723038 CET | 49716 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:59.869404078 CET | 6445 | 49716 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:59.871071100 CET | 49716 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:59.952179909 CET | 6445 | 49716 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:12:59.952344894 CET | 49716 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:12:59.995206118 CET | 49716 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:04.068090916 CET | 49717 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:04.098923922 CET | 6445 | 49717 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:04.099100113 CET | 49717 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:04.100112915 CET | 49717 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:04.143032074 CET | 6445 | 49717 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:04.199805021 CET | 49717 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:04.228210926 CET | 6445 | 49717 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:04.228552103 CET | 49717 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:04.260667086 CET | 6445 | 49717 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:04.272418022 CET | 49717 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:04.323373079 CET | 49717 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:04.351486921 CET | 6445 | 49717 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:04.352212906 CET | 49717 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:08.371962070 CET | 49719 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:08.406589031 CET | 6445 | 49719 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:08.407720089 CET | 49719 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:08.408267021 CET | 49719 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:08.445514917 CET | 6445 | 49719 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:08.447988987 CET | 49719 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:08.476339102 CET | 6445 | 49719 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:08.476835012 CET | 49719 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:08.512279987 CET | 6445 | 49719 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:08.524555922 CET | 49719 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:08.626873970 CET | 6445 | 49719 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:08.627801895 CET | 49719 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:08.637008905 CET | 49719 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:12.694492102 CET | 49720 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:12.729309082 CET | 6445 | 49720 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:12.729490042 CET | 49720 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:12.729866982 CET | 49720 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:12.771039963 CET | 6445 | 49720 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:12.777452946 CET | 49720 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:12.813056946 CET | 6445 | 49720 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:12.813369989 CET | 49720 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:12.842255116 CET | 6445 | 49720 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:12.842489958 CET | 49720 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:12.921174049 CET | 6445 | 49720 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:12.921329975 CET | 49720 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:12.996651888 CET | 49720 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:12.999135971 CET | 6445 | 49720 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:12.999264002 CET | 49720 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.055665970 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.088306904 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:17.088536978 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.093272924 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.143419981 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:17.149739981 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.185964108 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:17.201170921 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.295945883 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:17.296308994 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.391089916 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:17.405180931 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.485326052 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:17.486403942 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.496265888 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:17.542932034 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.572113991 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:17.572251081 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:17.572412014 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.655280113 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:17.657629013 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.686882019 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:17.688580036 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.717123032 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:17.761768103 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.778120995 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:17.858448029 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:17.933944941 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:18.017343044 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:18.059307098 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:18.140471935 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:18.140607119 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:18.233591080 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:18.233724117 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:18.311564922 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:18.356177092 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:18.436686039 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:18.512458086 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:18.593080997 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:18.593234062 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:18.670913935 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:18.700313091 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:18.781083107 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:18.836838007 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:18.912719011 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:18.921631098 CET | 6445 | 49722 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:18.921824932 CET | 49722 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:23.119595051 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:23.148540020 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:23.148986101 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:23.158001900 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:23.249507904 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:23.270251036 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:23.274075985 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:23.306631088 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:23.309093952 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:23.390460968 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:23.392956018 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:23.468154907 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:23.469018936 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:23.546479940 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:23.560090065 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:23.640243053 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:23.684685946 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:23.721282959 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:23.727247000 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:23.775509119 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:23.809278011 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:23.890408993 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:23.894540071 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:23.932692051 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:23.956207991 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:23.986871958 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:23.987341881 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:24.017026901 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:24.021296978 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:24.053320885 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:24.090980053 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:24.171355009 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:24.251331091 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:24.327744007 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:24.327944040 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:24.421309948 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:24.435148954 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:24.515700102 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:24.575158119 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:24.671365976 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:24.671528101 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:24.749439955 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:24.811728001 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:24.891235113 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:24.891407013 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:24.985940933 CET | 6445 | 49723 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:24.997057915 CET | 49723 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:29.068362951 CET | 49725 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:29.100474119 CET | 6445 | 49725 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:29.101187944 CET | 49725 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:29.101187944 CET | 49725 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:29.137140036 CET | 6445 | 49725 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:29.172245979 CET | 49725 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:29.249113083 CET | 6445 | 49725 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:29.249182940 CET | 49725 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:29.327349901 CET | 6445 | 49725 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:29.341274977 CET | 49725 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:29.360599995 CET | 6445 | 49725 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:29.360723019 CET | 49725 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:33.390271902 CET | 49726 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:33.426589966 CET | 6445 | 49726 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:33.426702023 CET | 49726 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:33.427164078 CET | 49726 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:33.469564915 CET | 6445 | 49726 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:33.513046026 CET | 49726 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:33.513858080 CET | 49726 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:33.541594982 CET | 6445 | 49726 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:33.591161013 CET | 49726 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:33.592998981 CET | 6445 | 49726 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:33.593101025 CET | 49726 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:33.622293949 CET | 6445 | 49726 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:33.655932903 CET | 49726 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:33.685339928 CET | 49726 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:37.828260899 CET | 49727 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:37.867981911 CET | 6445 | 49727 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:37.870327950 CET | 49727 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:37.870815039 CET | 49727 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:37.915436983 CET | 6445 | 49727 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:37.920387983 CET | 49727 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:37.948863029 CET | 6445 | 49727 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:37.949352980 CET | 49727 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:37.977972031 CET | 6445 | 49727 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:37.993640900 CET | 49727 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:38.029506922 CET | 49727 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:42.088872910 CET | 49729 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:42.118187904 CET | 6445 | 49729 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:42.118712902 CET | 49729 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:42.119256020 CET | 49729 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:42.158314943 CET | 6445 | 49729 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:42.159046888 CET | 49729 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:42.187594891 CET | 6445 | 49729 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:42.188008070 CET | 49729 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:42.216905117 CET | 6445 | 49729 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:42.238746881 CET | 49729 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:42.327956915 CET | 6445 | 49729 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:42.328058958 CET | 49729 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:42.344187975 CET | 49729 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:46.506458044 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:46.538364887 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:46.539196014 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:46.548644066 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:46.601780891 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:46.615112066 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:46.649739981 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:46.649930954 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:46.733896017 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:46.736258030 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:46.827485085 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:46.831161976 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:46.905721903 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:46.920970917 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:46.939146042 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:46.982948065 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:46.999253988 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:46.999373913 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:47.027746916 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:47.076725960 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:47.105618954 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:47.106158972 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:47.135118961 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:47.135318995 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:47.188116074 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:47.233098984 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:47.249033928 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:47.327945948 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:47.328078032 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:47.421731949 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:47.467839003 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:47.549530029 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:47.549721003 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:47.639936924 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:47.703398943 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:47.780534029 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:47.780644894 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:47.858838081 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:47.921022892 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:47.999876022 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:48.000008106 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:48.093238115 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:48.124239922 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:48.202440977 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:48.218569994 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:48.296129942 CET | 6445 | 49730 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:48.368361950 CET | 49730 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:52.444224119 CET | 49731 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:52.476385117 CET | 6445 | 49731 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:52.476648092 CET | 49731 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:52.477061033 CET | 49731 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:52.517965078 CET | 6445 | 49731 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:52.561539888 CET | 49731 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:52.590251923 CET | 6445 | 49731 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:52.603702068 CET | 49731 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:52.687340975 CET | 6445 | 49731 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:52.687469006 CET | 49731 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:52.765336990 CET | 6445 | 49731 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:52.781518936 CET | 49731 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:57.070255995 CET | 49733 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:57.102140903 CET | 6445 | 49733 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:57.102329969 CET | 49733 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:57.102870941 CET | 49733 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:57.153095007 CET | 6445 | 49733 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:57.153234959 CET | 49733 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:57.181936026 CET | 6445 | 49733 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:57.182250977 CET | 49733 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:57.211518049 CET | 6445 | 49733 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:57.267890930 CET | 49733 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:57.290193081 CET | 49733 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:57.344640017 CET | 49733 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:13:57.374244928 CET | 6445 | 49733 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:13:57.374326944 CET | 49733 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:01.768424988 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:01.800450087 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:01.800569057 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:01.856637955 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:01.912214041 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:01.912564039 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:01.999607086 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:01.999686003 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.028393030 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:02.058990955 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.140032053 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:02.140149117 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.218198061 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:02.221429110 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.296212912 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:02.298751116 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.346838951 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:02.348651886 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.412842989 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:02.457668066 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.459573984 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.486665010 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:02.537682056 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.546152115 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:02.546309948 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.574991941 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:02.597641945 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.626794100 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:02.674211025 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.710628986 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.797893047 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:02.816070080 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.905632019 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:02.910319090 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:02.999336004 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:03.162152052 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:03.249322891 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:03.311470985 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:03.390505075 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:03.392570972 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:03.483946085 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:03.529082060 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:03.608975887 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:03.654160976 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:03.733733892 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:03.735133886 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:03.827472925 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:03.901261091 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:03.986463070 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:04.014579058 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:04.117450953 CET | 6445 | 49734 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:04.239586115 CET | 49734 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:08.534444094 CET | 49735 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:08.567003965 CET | 6445 | 49735 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:08.567207098 CET | 49735 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:08.574090004 CET | 49735 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:08.617791891 CET | 6445 | 49735 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:08.632272005 CET | 49735 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:08.660937071 CET | 6445 | 49735 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:08.661309958 CET | 49735 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:08.691644907 CET | 6445 | 49735 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:08.694756985 CET | 49735 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:08.780369043 CET | 6445 | 49735 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:08.780553102 CET | 49735 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:08.858602047 CET | 6445 | 49735 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:08.989259005 CET | 6445 | 49735 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:09.038028955 CET | 49735 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:09.080506086 CET | 6445 | 49735 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:09.131809950 CET | 49735 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:09.160183907 CET | 6445 | 49735 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:09.209969044 CET | 49735 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:09.266336918 CET | 49735 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:09.327208042 CET | 49735 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:13.401896954 CET | 49736 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:13.433372021 CET | 6445 | 49736 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:13.433547974 CET | 49736 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:13.433907986 CET | 49736 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:13.470154047 CET | 6445 | 49736 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:13.522804976 CET | 49736 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:13.551254034 CET | 6445 | 49736 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:13.551588058 CET | 49736 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:13.580681086 CET | 6445 | 49736 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:13.581600904 CET | 49736 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:13.655725002 CET | 6445 | 49736 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:13.802552938 CET | 6445 | 49736 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:13.803231001 CET | 49736 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:13.890398979 CET | 6445 | 49736 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:13.895304918 CET | 6445 | 49736 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:13.944747925 CET | 49736 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:13.978765965 CET | 6445 | 49736 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:14.004435062 CET | 49736 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:14.032836914 CET | 6445 | 49736 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:14.033123970 CET | 49736 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:14.062273026 CET | 6445 | 49736 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:14.062376022 CET | 49736 | 6445 | 192.168.2.5 | 45.132.106.37 |
Feb 6, 2023 14:14:14.090948105 CET | 6445 | 49736 | 45.132.106.37 | 192.168.2.5 |
Feb 6, 2023 14:14:14.132272005 CET | 49736 | 6445 | 192.168.2.5 | 45.132.106.37 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Feb 6, 2023 14:12:15.426714897 CET | 61893 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:12:15.533972979 CET | 53 | 61893 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:12:20.100056887 CET | 60649 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:12:20.208462000 CET | 53 | 60649 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:12:24.860294104 CET | 51441 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:12:24.969638109 CET | 53 | 51441 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:12:33.325907946 CET | 61452 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:12:33.434902906 CET | 53 | 61452 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:12:37.797481060 CET | 65323 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:12:37.817137957 CET | 53 | 65323 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:12:43.868993998 CET | 51484 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:12:43.889022112 CET | 53 | 51484 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:12:50.823187113 CET | 63446 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:12:50.841149092 CET | 53 | 63446 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:12:55.152124882 CET | 56751 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:12:55.259871006 CET | 53 | 56751 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:12:59.525441885 CET | 55068 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:12:59.635647058 CET | 53 | 55068 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:13:04.046624899 CET | 56682 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:13:04.065140009 CET | 53 | 56682 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:13:08.351641893 CET | 62659 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:13:08.369720936 CET | 53 | 62659 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:13:12.673418999 CET | 58581 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:13:12.691442966 CET | 53 | 58581 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:13:17.034033060 CET | 65513 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:13:17.052063942 CET | 53 | 65513 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:13:22.955478907 CET | 56687 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:13:23.066755056 CET | 53 | 56687 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:13:29.044564962 CET | 52688 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:13:29.064649105 CET | 53 | 52688 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:13:33.371251106 CET | 61344 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:13:33.389108896 CET | 53 | 61344 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:13:37.719351053 CET | 53972 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:13:37.826854944 CET | 53 | 53972 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:13:42.069423914 CET | 58472 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:13:42.087323904 CET | 53 | 58472 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:13:46.482965946 CET | 60177 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:13:46.501174927 CET | 53 | 60177 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:13:52.392618895 CET | 60284 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:13:52.412906885 CET | 53 | 60284 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:13:56.955427885 CET | 50902 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:13:57.066534042 CET | 53 | 50902 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:14:01.363904953 CET | 53823 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:14:01.702450037 CET | 53 | 53823 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:14:08.415575981 CET | 49769 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:14:08.523582935 CET | 53 | 49769 | 8.8.8.8 | 192.168.2.5 |
Feb 6, 2023 14:14:13.383150101 CET | 49579 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 6, 2023 14:14:13.401088953 CET | 53 | 49579 | 8.8.8.8 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Feb 6, 2023 14:12:15.426714897 CET | 192.168.2.5 | 8.8.8.8 | 0x65bc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:12:20.100056887 CET | 192.168.2.5 | 8.8.8.8 | 0xff1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:12:24.860294104 CET | 192.168.2.5 | 8.8.8.8 | 0x37d5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:12:33.325907946 CET | 192.168.2.5 | 8.8.8.8 | 0x815 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:12:37.797481060 CET | 192.168.2.5 | 8.8.8.8 | 0xc389 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:12:43.868993998 CET | 192.168.2.5 | 8.8.8.8 | 0x1b3f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:12:50.823187113 CET | 192.168.2.5 | 8.8.8.8 | 0xf6f0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:12:55.152124882 CET | 192.168.2.5 | 8.8.8.8 | 0xc366 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:12:59.525441885 CET | 192.168.2.5 | 8.8.8.8 | 0x24a0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:13:04.046624899 CET | 192.168.2.5 | 8.8.8.8 | 0x8593 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:13:08.351641893 CET | 192.168.2.5 | 8.8.8.8 | 0x44d3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:13:12.673418999 CET | 192.168.2.5 | 8.8.8.8 | 0x4bc6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:13:17.034033060 CET | 192.168.2.5 | 8.8.8.8 | 0x77f3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:13:22.955478907 CET | 192.168.2.5 | 8.8.8.8 | 0xd47b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:13:29.044564962 CET | 192.168.2.5 | 8.8.8.8 | 0x4e86 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:13:33.371251106 CET | 192.168.2.5 | 8.8.8.8 | 0xde45 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:13:37.719351053 CET | 192.168.2.5 | 8.8.8.8 | 0xadce | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:13:42.069423914 CET | 192.168.2.5 | 8.8.8.8 | 0xee19 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:13:46.482965946 CET | 192.168.2.5 | 8.8.8.8 | 0x1898 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:13:52.392618895 CET | 192.168.2.5 | 8.8.8.8 | 0x665c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:13:56.955427885 CET | 192.168.2.5 | 8.8.8.8 | 0xc871 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:14:01.363904953 CET | 192.168.2.5 | 8.8.8.8 | 0x26a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:14:08.415575981 CET | 192.168.2.5 | 8.8.8.8 | 0xd10c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 6, 2023 14:14:13.383150101 CET | 192.168.2.5 | 8.8.8.8 | 0xa53f | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Feb 6, 2023 14:12:15.533972979 CET | 8.8.8.8 | 192.168.2.5 | 0x65bc | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:12:20.208462000 CET | 8.8.8.8 | 192.168.2.5 | 0xff1 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:12:24.969638109 CET | 8.8.8.8 | 192.168.2.5 | 0x37d5 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:12:33.434902906 CET | 8.8.8.8 | 192.168.2.5 | 0x815 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:12:37.817137957 CET | 8.8.8.8 | 192.168.2.5 | 0xc389 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:12:43.889022112 CET | 8.8.8.8 | 192.168.2.5 | 0x1b3f | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:12:50.841149092 CET | 8.8.8.8 | 192.168.2.5 | 0xf6f0 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:12:55.259871006 CET | 8.8.8.8 | 192.168.2.5 | 0xc366 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:12:59.635647058 CET | 8.8.8.8 | 192.168.2.5 | 0x24a0 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:13:04.065140009 CET | 8.8.8.8 | 192.168.2.5 | 0x8593 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:13:08.369720936 CET | 8.8.8.8 | 192.168.2.5 | 0x44d3 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:13:12.691442966 CET | 8.8.8.8 | 192.168.2.5 | 0x4bc6 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:13:17.052063942 CET | 8.8.8.8 | 192.168.2.5 | 0x77f3 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:13:23.066755056 CET | 8.8.8.8 | 192.168.2.5 | 0xd47b | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:13:29.064649105 CET | 8.8.8.8 | 192.168.2.5 | 0x4e86 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:13:33.389108896 CET | 8.8.8.8 | 192.168.2.5 | 0xde45 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:13:37.826854944 CET | 8.8.8.8 | 192.168.2.5 | 0xadce | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:13:42.087323904 CET | 8.8.8.8 | 192.168.2.5 | 0xee19 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:13:46.501174927 CET | 8.8.8.8 | 192.168.2.5 | 0x1898 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:13:52.412906885 CET | 8.8.8.8 | 192.168.2.5 | 0x665c | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:13:57.066534042 CET | 8.8.8.8 | 192.168.2.5 | 0xc871 | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:14:01.702450037 CET | 8.8.8.8 | 192.168.2.5 | 0x26a | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:14:08.523582935 CET | 8.8.8.8 | 192.168.2.5 | 0xd10c | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false | ||
Feb 6, 2023 14:14:13.401088953 CET | 8.8.8.8 | 192.168.2.5 | 0xa53f | No error (0) | 45.132.106.37 | A (IP address) | IN (0x0001) | false |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 14:12:08 |
Start date: | 06/02/2023 |
Path: | C:\Users\user\Desktop\lb64Iy4W4e.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 663392 bytes |
MD5 hash: | 4C7DF43E37814754AD1C8A97AB971AF8 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Target ID: | 1 |
Start time: | 14:12:08 |
Start date: | 06/02/2023 |
Path: | C:\Users\user\AppData\Local\Temp\tohjyweui.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x9b0000 |
File size: | 370176 bytes |
MD5 hash: | 64517EEC55E1F3C392B63B73D833E5F9 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Antivirus matches: |
|
Reputation: | low |
Target ID: | 2 |
Start time: | 14:12:10 |
Start date: | 06/02/2023 |
Path: | C:\Users\user\AppData\Local\Temp\tohjyweui.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x9b0000 |
File size: | 370176 bytes |
MD5 hash: | 64517EEC55E1F3C392B63B73D833E5F9 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | .Net C# or VB.NET |
Reputation: | low |
Target ID: | 3 |
Start time: | 14:12:21 |
Start date: | 06/02/2023 |
Path: | C:\Users\user\AppData\Roaming\swschqavfbk\tpyienirbwgp.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x990000 |
File size: | 370176 bytes |
MD5 hash: | 64517EEC55E1F3C392B63B73D833E5F9 |
Has elevated privileges: | false |
Has administrator privileges: | false |
Programmed in: | C, C++ or other language |
Antivirus matches: |
|
Reputation: | low |
Target ID: | 6 |
Start time: | 14:12:26 |
Start date: | 06/02/2023 |
Path: | C:\Windows\SysWOW64\WerFault.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x890000 |
File size: | 434592 bytes |
MD5 hash: | 9E2B8ACAD48ECCA55C0230D63623661B |
Has elevated privileges: | false |
Has administrator privileges: | false |
Programmed in: | C, C++ or other language |
Reputation: | high |
Target ID: | 7 |
Start time: | 14:12:30 |
Start date: | 06/02/2023 |
Path: | C:\Users\user\AppData\Roaming\swschqavfbk\tpyienirbwgp.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x990000 |
File size: | 370176 bytes |
MD5 hash: | 64517EEC55E1F3C392B63B73D833E5F9 |
Has elevated privileges: | false |
Has administrator privileges: | false |
Programmed in: | C, C++ or other language |
Reputation: | low |
Target ID: | 9 |
Start time: | 14:12:31 |
Start date: | 06/02/2023 |
Path: | C:\Windows\SysWOW64\WerFault.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x890000 |
File size: | 434592 bytes |
MD5 hash: | 9E2B8ACAD48ECCA55C0230D63623661B |
Has elevated privileges: | false |
Has administrator privileges: | false |
Programmed in: | C, C++ or other language |
Reputation: | high |
Execution Graph
Execution Coverage: | 15.9% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 16.4% |
Total number of Nodes: | 1385 |
Total number of Limit Nodes: | 25 |
Graph
Function 00403640 Relevance: 88.0, APIs: 34, Strings: 16, Instructions: 450stringfilecomCOMMON
Control-flow Graph
C-Code - Quality: 78% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405D74 Relevance: 19.4, APIs: 7, Strings: 4, Instructions: 148filestringCOMMON
Control-flow Graph
C-Code - Quality: 98% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406D5F Relevance: 5.4, APIs: 4, Instructions: 382COMMONCrypto
Control-flow Graph
C-Code - Quality: 98% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040699E Relevance: 3.0, APIs: 2, Instructions: 14fileCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004040C5 Relevance: 61.6, APIs: 34, Strings: 1, Instructions: 357windowstringCOMMON
Control-flow Graph
C-Code - Quality: 84% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403D17 Relevance: 45.7, APIs: 13, Strings: 13, Instructions: 215stringregistryCOMMON
Control-flow Graph
C-Code - Quality: 96% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004030D0 Relevance: 23.0, APIs: 5, Strings: 8, Instructions: 204memoryCOMMON
Control-flow Graph
C-Code - Quality: 98% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040176F Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 145stringtimeCOMMON
Control-flow Graph
C-Code - Quality: 77% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004069C5 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 36libraryCOMMON
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 93% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040603F Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 47stringCOMMON
Control-flow Graph
C-Code - Quality: 53% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00407194 Relevance: 5.2, APIs: 4, Instructions: 236COMMON
Control-flow Graph
C-Code - Quality: 99% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00407395 Relevance: 5.2, APIs: 4, Instructions: 208COMMON
Control-flow Graph
C-Code - Quality: 98% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004070AB Relevance: 5.2, APIs: 4, Instructions: 205COMMON
C-Code - Quality: 98% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406BB0 Relevance: 5.2, APIs: 4, Instructions: 198COMMON
C-Code - Quality: 98% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406FFE Relevance: 5.2, APIs: 4, Instructions: 180COMMON
C-Code - Quality: 98% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040711C Relevance: 5.2, APIs: 4, Instructions: 170COMMON
C-Code - Quality: 98% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00407068 Relevance: 5.2, APIs: 4, Instructions: 168COMMON
C-Code - Quality: 98% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405D2C Relevance: 4.5, APIs: 3, Instructions: 28fileCOMMON
C-Code - Quality: 41% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403371 Relevance: 3.1, APIs: 2, Instructions: 88COMMON
C-Code - Quality: 92% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004015C1 Relevance: 3.1, APIs: 2, Instructions: 65COMMON
C-Code - Quality: 86% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401389 Relevance: 3.0, APIs: 2, Instructions: 43windowCOMMON
C-Code - Quality: 69% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405C4B Relevance: 3.0, APIs: 2, Instructions: 24processCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406158 Relevance: 3.0, APIs: 2, Instructions: 16fileCOMMON
C-Code - Quality: 68% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406133 Relevance: 3.0, APIs: 2, Instructions: 13COMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405C16 Relevance: 3.0, APIs: 2, Instructions: 9COMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040620A Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004061DB Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004035F8 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401FA4 Relevance: 1.3, APIs: 1, Instructions: 37COMMON
C-Code - Quality: 78% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405809 Relevance: 66.8, APIs: 36, Strings: 2, Instructions: 284windowclipboardmemoryCOMMON
C-Code - Quality: 95% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404AB5 Relevance: 24.8, APIs: 10, Strings: 4, Instructions: 275stringCOMMON
C-Code - Quality: 78% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004021AA Relevance: 1.6, APIs: 1, Instructions: 129comCOMMON
C-Code - Quality: 67% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040290B Relevance: 1.5, APIs: 1, Instructions: 30fileCOMMON
C-Code - Quality: 39% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405031 Relevance: 63.5, APIs: 33, Strings: 3, Instructions: 489windowmemoryCOMMON
C-Code - Quality: 96% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404783 Relevance: 37.0, APIs: 19, Strings: 2, Instructions: 204windowstringCOMMON
C-Code - Quality: 91% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004062AE Relevance: 26.4, APIs: 10, Strings: 5, Instructions: 130memorystringCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 90% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004066A5 Relevance: 17.7, APIs: 7, Strings: 3, Instructions: 196stringCOMMON
C-Code - Quality: 72% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004056CA Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 72stringwindowCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040462B Relevance: 12.1, APIs: 8, Instructions: 68COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004026EC Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 153fileCOMMON
C-Code - Quality: 87% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 91% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404F7F Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48windowCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402F93 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 36timeCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 93% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404E71 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 84stringCOMMON
C-Code - Quality: 77% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 48% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401D81 Relevance: 7.6, APIs: 5, Instructions: 75windowCOMMON
C-Code - Quality: 77% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401E4E Relevance: 7.5, APIs: 5, Instructions: 43COMMON
C-Code - Quality: 73% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401C43 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84windowtimeCOMMON
C-Code - Quality: 59% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406536 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 44registryCOMMON
C-Code - Quality: 91% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405F37 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 16stringCOMMON
C-Code - Quality: 58% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040563E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 46windowCOMMON
C-Code - Quality: 89% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004060BD Relevance: 5.0, APIs: 4, Instructions: 37stringCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Execution Graph
Execution Coverage: | 4.2% |
Dynamic/Decrypted Code Coverage: | 25.5% |
Signature Coverage: | 18.7% |
Total number of Nodes: | 466 |
Total number of Limit Nodes: | 15 |
Graph
Function 009B1C00 Relevance: 86.6, APIs: 27, Strings: 22, Instructions: 870librarystringloaderCOMMON
C-Code - Quality: 62% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00600F9C Relevance: 6.6, APIs: 4, Instructions: 592COMMON
Control-flow Graph
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00600EBF Relevance: 1.5, APIs: 1, Instructions: 34COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 77% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0060037C Relevance: 3.1, APIs: 2, Instructions: 67COMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 88% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009D7A9F Relevance: 1.7, APIs: 1, Instructions: 157COMMON
Control-flow Graph
C-Code - Quality: 93% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009DC7D9 Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMONLIBRARYCODE
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00600F1D Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009DC672 Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00600E1F Relevance: 1.3, APIs: 1, Instructions: 60memoryCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009B1060 Relevance: 22.8, APIs: 8, Strings: 5, Instructions: 81servicestringCOMMON
C-Code - Quality: 51% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009B1150 Relevance: 21.1, APIs: 7, Strings: 5, Instructions: 70serviceCOMMON
C-Code - Quality: 18% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009B18C0 Relevance: 13.6, APIs: 9, Instructions: 58memorystringthreadCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009DCE64 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 77COMMONLIBRARYCODE
C-Code - Quality: 74% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009E11E1 Relevance: 6.3, APIs: 4, Instructions: 337COMMONLIBRARYCODECrypto
C-Code - Quality: 82% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 86% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0060017B Relevance: .1, Instructions: 60COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0060013E Relevance: .0, Instructions: 26COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00600109 Relevance: .0, Instructions: 23COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009E6DA6 Relevance: .0, Instructions: 22COMMONLIBRARYCODE
C-Code - Quality: 100% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009D9BCC Relevance: .0, Instructions: 12COMMONLIBRARYCODE
C-Code - Quality: 100% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0060005F Relevance: .0, Instructions: 7COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009B12A0 Relevance: 28.1, APIs: 15, Strings: 1, Instructions: 93memoryCOMMON
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009B1AB0 Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 99registrymemorystringCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009B1690 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 101fileCOMMON
C-Code - Quality: 60% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 98% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009B1950 Relevance: 13.6, APIs: 9, Instructions: 59memorystringthreadCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009B1220 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 42libraryloaderCOMMON
C-Code - Quality: 91% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009DE60B Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMONLIBRARYCODE
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 88% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009D9BEE Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMONLIBRARYCODE
C-Code - Quality: 25% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009B1800 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 35stringCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 95% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009B40E6 Relevance: 6.0, APIs: 4, Instructions: 14COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 98% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Execution Graph
Execution Coverage: | 0.8% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 17.2% |
Total number of Nodes: | 343 |
Total number of Limit Nodes: | 7 |
Graph
Function 00991C00 Relevance: 84.9, APIs: 26, Strings: 22, Instructions: 870librarystringloaderCOMMON
C-Code - Quality: 67% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00993306 Relevance: 1.5, APIs: 1, Instructions: 3COMMON
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009CD64F Relevance: 17.8, APIs: 9, Strings: 1, Instructions: 273COMMONLIBRARYCODE
Control-flow Graph
C-Code - Quality: 39% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00992AB2 Relevance: 10.6, APIs: 7, Instructions: 103COMMON
Control-flow Graph
C-Code - Quality: 90% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009C619B Relevance: 3.0, APIs: 2, Instructions: 37COMMON
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 84% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009C0175 Relevance: 1.6, APIs: 1, Instructions: 54COMMON
Control-flow Graph
C-Code - Quality: 72% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009BC7D9 Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMONLIBRARYCODE
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009BC672 Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00991060 Relevance: 22.8, APIs: 8, Strings: 5, Instructions: 81servicestringCOMMON
C-Code - Quality: 51% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 70% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 96% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009C9E75 Relevance: 7.7, APIs: 5, Instructions: 183COMMON
C-Code - Quality: 87% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009BCE64 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 77COMMONLIBRARYCODE
C-Code - Quality: 76% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009C46CD Relevance: 6.1, APIs: 4, Instructions: 129fileCOMMON
C-Code - Quality: 80% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009C9924 Relevance: 4.7, APIs: 3, Instructions: 205COMMON
C-Code - Quality: 90% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009C9B77 Relevance: 1.6, APIs: 1, Instructions: 83COMMON
C-Code - Quality: 59% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009C97FE Relevance: 1.6, APIs: 1, Instructions: 63COMMON
C-Code - Quality: 91% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009C9DA6 Relevance: 1.5, APIs: 1, Instructions: 45COMMON
C-Code - Quality: 87% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009C9899 Relevance: 1.5, APIs: 1, Instructions: 41COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009BE0EA Relevance: 1.5, APIs: 1, Instructions: 33COMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009C9795 Relevance: 1.5, APIs: 1, Instructions: 31COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009BEB90 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009BE265 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009BE22B Relevance: 1.5, APIs: 1, Instructions: 13COMMON
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009912A0 Relevance: 28.1, APIs: 15, Strings: 1, Instructions: 93memoryCOMMON
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00991150 Relevance: 21.1, APIs: 7, Strings: 5, Instructions: 70serviceCOMMON
C-Code - Quality: 18% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00991AB0 Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 99registrymemorystringCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00991690 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 101fileCOMMON
C-Code - Quality: 60% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 99% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00991950 Relevance: 13.6, APIs: 9, Instructions: 59memorystringthreadCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009918C0 Relevance: 13.6, APIs: 9, Instructions: 58memorystringthreadCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00991220 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 42libraryloaderCOMMON
C-Code - Quality: 91% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009BE60B Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMONLIBRARYCODE
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 77% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009D6092 Relevance: 9.2, APIs: 6, Instructions: 248COMMON
C-Code - Quality: 81% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 88% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 55% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009B9BEE Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMONLIBRARYCODE
C-Code - Quality: 25% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009BE7CF Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 35libraryCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00991800 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 35stringCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 95% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009C3EAE Relevance: 6.1, APIs: 4, Instructions: 82COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009C4EFB Relevance: 6.1, APIs: 4, Instructions: 79COMMON
C-Code - Quality: 100% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009C60FB Relevance: 6.1, APIs: 4, Instructions: 74COMMON
C-Code - Quality: 17% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009C37AB Relevance: 6.1, APIs: 4, Instructions: 54COMMON
C-Code - Quality: 83% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 20% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009D6377 Relevance: 6.0, APIs: 4, Instructions: 32COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 009940E6 Relevance: 6.0, APIs: 4, Instructions: 14COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 98% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |