Windows
Analysis Report
xRzIkuwCyozY.exe
Overview
General Information
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- xRzIkuwCyozY.exe (PID: 2892 cmdline:
"C:\Users\ user\Deskt op\xRzIkuw CyozY.exe" MD5: 3E07CEA83322232968C52E0AD1F98C03) - cmd.exe (PID: 9124 cmdline:
cmd.exe /C Y /N /D Y /T 1 & De l "C:\User s\user\Des ktop\xRzIk uwCyozY.ex e" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B) - conhost.exe (PID: 9132 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
- chrome.exe (PID: 3684 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t http:/// MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7452 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2104 --fi eld-trial- handle=203 6,i,300655 8031417863 421,726364 3072710997 579,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6532 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t http://% 3cfnc1%3e( 79)/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7516 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =1832 --fi eld-trial- handle=203 6,i,572458 3149837707 848,302770 7607016890 056,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
NjRAT | RedPacket Security describes NJRat as "a remote access trojan (RAT) has capabilities to log keystrokes, access the victim's camera, steal credentials stored in browsers, open a reverse shell, upload/download files, view the victim's desktop, perform process, file, and registry manipulations, and capabilities to let the attacker update, uninstall, restart, close, disconnect the RAT and rename its campaign ID. Through the Command & Control (CnC) server software, the attacker has capabilities to create and configure the malware to spread through USB drives."It is supposedly popular with actors in the Middle East. Similar to other RATs, many leaked builders may be backdoored. |
{"Host": "berlyn777.con-ip.com", "Port": "7777", "Campaign ID": "NYAN CAT", "Network Seprator": "@!#&^%$", "Registry": "03f62b4542954"}
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Njrat | Yara detected Njrat | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Njrat | Yara detected Njrat | Joe Security | ||
JoeSecurity_Njrat | Yara detected Njrat | Joe Security | ||
JoeSecurity_Njrat | Yara detected Njrat | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Njrat | Yara detected Njrat | Joe Security |
System Summary |
---|
Source: | Author: Florian Roth (Nextron Systems): |
Click to jump to signature section
AV Detection |
---|
Source: | Avira: |
Source: | Malware Configuration Extractor: |
Source: | ReversingLabs: |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | File opened: | Jump to behavior |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Static PE information: |
Networking |
---|
Source: | URLs: |
Source: | TCP traffic: |
Source: | IP Address: |
Source: | ASN Name: |
Source: | JA3 fingerprint: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Key, Mouse, Clipboard, Microphone and Screen Capturing |
---|
Source: | .Net Code: |
E-Banking Fraud |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Code function: | 0_2_04DE15C0 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_04E7339E | |
Source: | Code function: | 0_2_04E73367 |
Source: | File created: | Jump to behavior |
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: |
Source: | Static PE information: |
Source: | Static file information: |
Source: | Key opened: | Jump to behavior |
Source: | ReversingLabs: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Window detected: |
Source: | File opened: | Jump to behavior |
Source: | Static PE information: |
Source: | File opened: | Jump to behavior |
Source: | Static PE information: |
Data Obfuscation |
---|
Source: | .Net Code: |
Source: | Code function: | 0_2_00F304B8 |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior |
Source: | Window / User API: | Jump to behavior |
Source: | Thread sleep time: | Jump to behavior |
Source: | Last function: |
Source: | Thread delayed: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Process token adjusted: | Jump to behavior |
Source: | Memory allocated: | Jump to behavior |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | Reference to suspicious API methods: | ||
Source: | Reference to suspicious API methods: | ||
Source: | Reference to suspicious API methods: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Queries volume information: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 1 Native API | 1 DLL Side-Loading | 1 Access Token Manipulation | 1 Masquerading | 1 Input Capture | 1 Security Software Discovery | Remote Services | 1 Input Capture | 11 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 2 Process Injection | 1 Disable or Modify Tools | LSASS Memory | 1 Process Discovery | Remote Desktop Protocol | 1 Archive Collected Data | 1 Non-Standard Port | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 1 DLL Side-Loading | 31 Virtualization/Sandbox Evasion | Security Account Manager | 31 Virtualization/Sandbox Evasion | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Ingress Tool Transfer | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 Access Token Manipulation | NTDS | 1 Application Window Discovery | Distributed Component Object Model | Input Capture | 2 Non-Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 2 Process Injection | LSA Secrets | 12 System Information Discovery | SSH | Keylogging | 13 Application Layer Protocol | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 Obfuscated Files or Information | Cached Domain Credentials | Wi-Fi Discovery | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 1 Software Packing | DCSync | Remote System Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 1 DLL Side-Loading | Proc Filesystem | System Owner/User Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | 1 File Deletion | /etc/passwd and /etc/shadow | Network Sniffing | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
92% | ReversingLabs | ByteCode-MSIL.Backdoor.Bladabhindi | ||
100% | Avira | TR/Dropper.Gen7 | ||
100% | Joe Sandbox ML |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
berlyn777.con-ip.com | 45.141.215.185 | true | true | unknown | |
google.com | 172.217.2.46 | true | false | high | |
plus.l.google.com | 142.250.190.110 | true | false | high | |
www.google.com | 142.250.190.68 | true | false | high | |
apis.google.com | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
true |
| unknown | |
false | high | ||
false | high | ||
false | high |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| low | ||
false | high | |||
false | high | |||
false | high | |||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.190.110 | plus.l.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.190.68 | www.google.com | United States | 15169 | GOOGLEUS | false | |
45.141.215.185 | berlyn777.con-ip.com | Netherlands | 62068 | SPECTRAIPSpectraIPBVNL | true |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1433735 |
Start date and time: | 2024-04-30 00:20:08 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 20s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 12 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | xRzIkuwCyozY.exe |
Detection: | MAL |
Classification: | mal100.troj.spyw.evad.winEXE@32/15@7/5 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.190.67, 142.250.191.238, 142.250.111.84, 34.104.35.123, 23.46.30.28, 192.229.211.108, 142.250.190.131, 142.250.190.78
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com
- HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtQueryValueKey calls found.
- VT rate limit hit for: xRzIkuwCyozY.exe
Time | Type | Description |
---|---|---|
00:21:38 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | HTMLPhisher | Browse | ||
Get hash | malicious | TechSupportScam | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | TechSupportScam | Browse | |||
Get hash | malicious | TechSupportScam | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
google.com | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | TechSupportScam | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | TechSupportScam | Browse |
| ||
Get hash | malicious | TechSupportScam | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
SPECTRAIPSpectraIPBVNL | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | XWorm | Browse |
| ||
Get hash | malicious | XWorm | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | PrivateLoader, RisePro Stealer | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | TechSupportScam | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | TechSupportScam | Browse |
| ||
Get hash | malicious | TechSupportScam | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Vidar | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Process: | C:\Users\user\Desktop\xRzIkuwCyozY.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 907 |
Entropy (8bit): | 5.243019596074263 |
Encrypted: | false |
SSDEEP: | 24:MLF2CpI329Iz52VMzffup26KTnKoO2+b2hHAa/:MwQd9IzoaXuY6Ux+SF/ |
MD5: | 48A0572426885EBDE53CA62C7F2E194E |
SHA1: | 035628CDF6276367F6C83E9F4AA2172933850AA8 |
SHA-256: | 4C68E10691304CAC8DA65A05CF2580728EC0E294104F267840712AF1C46A6538 |
SHA-512: | DEFE728C2312918D94BD43C98908C08CCCA5EBFB77F873779DCA784F14C607B33A4E29AC5ECB798F2F741668B7692F72BCB60DEFD536EA86B296B64FA359C42D |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 163891 |
Entropy (8bit): | 5.55061820245277 |
Encrypted: | false |
SSDEEP: | 3072:S0eiNiuzs8v4HHKWY8s1BgP4IDQ9GURWu8zylA/u8PemUPhDlaY/ADiZ65LpK629:S0eMhzvwHHKWY8s1BgP4IDQ9GURWu8UD |
MD5: | 0282D5C4C6038FCEB2FF8607EDAC81A4 |
SHA1: | 62EBF05C33F8A3115C208BB4D5CE9B38F6D06447 |
SHA-256: | AAAF17E8ED9C8DD5D1B69C8BBB617600A768256654C076F760E09C6047973371 |
SHA-512: | E21D25042E41527B62E80F9D9B82B85B915BA6D0698B2FFA5D8D59115F764770D1DE2108B72D82D57BFB7A8D4406FB53D091C1DC6D8BD03BED3BCA29CEFD0EAD |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/og/_/js/k=og.qtm.en_US.oT1FwJRCVC4.2019.O/rt=j/m=q_dnp,qmd,qcwid,qapid,qald,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTvBynad-nWEy1xIb9j1w6LpLOF6IQ" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 29 |
Entropy (8bit): | 3.9353986674667634 |
Encrypted: | false |
SSDEEP: | 3:VQAOx/1n:VQAOd1n |
MD5: | 6FED308183D5DFC421602548615204AF |
SHA1: | 0A3F484AAA41A60970BA92A9AC13523A1D79B4D5 |
SHA-256: | 4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D |
SHA-512: | A2F7627379F24FEC8DC2C472A9200F6736147172D36A77D71C7C1916C0F8BDD843E36E70D43B5DC5FAABAE8FDD01DD088D389D8AE56ED1F591101F09135D02F5 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | https://www.google.com/async/newtab_promos |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 139804 |
Entropy (8bit): | 5.440961717394583 |
Encrypted: | false |
SSDEEP: | 1536:yMRA4a9KJXjPInWWt/usD98kiHLnRA0zqevcZ1nhaV+trbbbhYxvdU:enKJou8TMyeQ0shCO |
MD5: | 1E7E776C3E362409183607B6751E26E6 |
SHA1: | CA2C1573A8EDE4BCDD0AB8F61AA2DCF8326C2164 |
SHA-256: | 4F487BBD58A0EB619A31AEF607EDEAF1007F78265082083CBE77BA59F1F068B3 |
SHA-512: | A7181845C9F3C8F877F07CE4A1018C271FE5D49A405AAA95D3BCD8E793A88D8FFEB1523C97CD3F2881C9C47BFBA67A123D527737CCAEF489ED8890FBCBF58687 |
Malicious: | false |
Reputation: | low |
URL: | https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3572 |
Entropy (8bit): | 5.150542995862274 |
Encrypted: | false |
SSDEEP: | 96:RJYrcoiktfqqMghOKTEzNx8BSIMw591g8IOl8u8i8DF+Ks:wkktfqqMghxlg8Ig8u78D2 |
MD5: | 88BC8C86A83B9BD8EDA6FDF225CDC8DD |
SHA1: | 473D84930F027A365278C15282725A69721F4B18 |
SHA-256: | 47D960E93D9E7AB4C760A09DA0AA5E6549A8355AD5C0BA8476D4269F4FBDB354 |
SHA-512: | 3BC486D908160D297AD3028C27177A9C41A1D87EF29A456058265FAF74A1DA069D3B0578F05A79F866C2DB752D5E0E42D179158BD62251D4FDA601A7CBA7CC4D |
Malicious: | false |
URL: | "https://www.gstatic.com/og/_/ss/k=og.qtm.T5bVtXo12IQ.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTssrVR1lBtzoy_MObv1DSp-vWG36A" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1660 |
Entropy (8bit): | 4.301517070642596 |
Encrypted: | false |
SSDEEP: | 48:A/S9VU5IDhYYmMqPLmumtrYW2DyZ/jTq9J:A2VUSDhYYmM5trYFw/jmD |
MD5: | 554640F465EB3ED903B543DAE0A1BCAC |
SHA1: | E0E6E2C8939008217EB76A3B3282CA75F3DC401A |
SHA-256: | 99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52 |
SHA-512: | 462198E2B69F72F1DC9743D0EA5EED7974A035F24600AA1C2DE0211D978FF0795370560CBF274CCC82C8AC97DC3706C753168D4B90B0B81AE84CC922C055CFF0 |
Malicious: | false |
URL: | https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 121628 |
Entropy (8bit): | 5.506662476672723 |
Encrypted: | false |
SSDEEP: | 3072:QI9yvwslCsrCF9f/U2Dj3Fkk7rEehA5L1kx:l9ygsrieDkVaL1kx |
MD5: | F46ACD807A10216E6EEE8EA51E0F14D6 |
SHA1: | 4702F47070F7046689432DCF605F11364BC0FBED |
SHA-256: | D6B84873D27E7E83CF5184AAEF778F1CCB896467576CD8AF2CAD09B31B3C6086 |
SHA-512: | 811263DC85C8DAA3A6E5D8A002CCCB953CD01E6A77797109835FE8B07CABE0DEE7EB126274E84266229880A90782B3B016BA034E31F0E3B259BF9E66CA797028 |
Malicious: | false |
URL: | "https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 19 |
Entropy (8bit): | 3.6818808028034042 |
Encrypted: | false |
SSDEEP: | 3:VQRWN:VQRWN |
MD5: | 9FAE2B6737B98261777262B14B586F28 |
SHA1: | 79C894898B2CED39335EB0003C18B27AA8C6DDCD |
SHA-256: | F55F6B26E77DF6647E544AE5B45892DCEA380B7A6D2BFAA1E023EA112CE81E73 |
SHA-512: | 29CB8E5462B15488B0C6D5FC1673E273FB47841E9C76A4AA5415CA93CEA31B87052BBA511680F2BC9E6543A29F1BBFBA9D06FCC08F5C65BEB115EE7A9E5EFF36 |
Malicious: | false |
URL: | https://www.google.com/async/ddljson?async=ntp:2 |
Preview: |
File type: | |
Entropy (8bit): | 3.8093394779449836 |
TrID: |
|
File name: | xRzIkuwCyozY.exe |
File size: | 32'768 bytes |
MD5: | 3e07cea83322232968c52e0ad1f98c03 |
SHA1: | 093c6a9df30012c36c5231b105816b8a614feba3 |
SHA256: | d65e2a63a3e7cd2675134d15ae271d3b4f4920cf166e9cdfff34b2cf7b07b449 |
SHA512: | 43da0ab1a54d86bbdef78fb3c68d1cc035601f25476b7715bd8afa65f585e9ce7e22597e6da90ac4bc07e888761d456d88ada4c59b80fca60582f9ab9fea4716 |
SSDEEP: | 384:h0bUe5XB4e0XfODHixBr/QuWTFtTUFQqzFKObbt:6T9Bu2zifrYd4bt |
TLSH: | 93E2F84A7BB94125C6BC1AFC8CB313214772E3478532EB6F5CDC98CA4F676D04251AE9 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...}.0f.................P... ......~g... ........@.. ....................................@................................ |
Icon Hash: | 90cececece8e8eb0 |
Entrypoint: | 0x40677e |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x6630197D [Mon Apr 29 22:04:45 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | f34d5f2d4577ed6d9ceec516c1f5a744 |
Instruction |
---|
jmp dword ptr [00402000h] |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x6724 | 0x57 | .text |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x8000 | 0x2b0 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xa000 | 0xc | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x2000 | 0x8 | .text |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x2008 | 0x48 | .text |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x2000 | 0x4784 | 0x5000 | 85d016ead1cc89e5dfcf9fcf5a7fb92b | False | 0.475341796875 | data | 5.301071218287796 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rsrc | 0x8000 | 0x2b0 | 0x1000 | 6e08229f48c666d8ac3e162f47953b7e | False | 0.0771484375 | data | 0.6868909292385726 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0xa000 | 0xc | 0x1000 | 6c4dd48bf3226f24c0a279b97a87449d | False | 0.008544921875 | data | 0.013126943721219527 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_VERSION | 0x8058 | 0x254 | data | 0.4597315436241611 |
DLL | Import |
---|---|
mscoree.dll | _CorExeMain |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 30, 2024 00:20:50.920245886 CEST | 49678 | 443 | 192.168.2.4 | 104.46.162.224 |
Apr 30, 2024 00:20:52.576421022 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Apr 30, 2024 00:21:02.188173056 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Apr 30, 2024 00:21:04.206351042 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:04.429560900 CEST | 49736 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.429600954 CEST | 443 | 49736 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.429671049 CEST | 49736 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.429893017 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:04.429903030 CEST | 49736 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.429917097 CEST | 443 | 49736 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.429954052 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:04.612724066 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:04.628340006 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.628371000 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.628427029 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.628747940 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.628757000 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.651204109 CEST | 443 | 49736 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.651506901 CEST | 49736 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.651526928 CEST | 443 | 49736 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.652805090 CEST | 443 | 49736 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.652870893 CEST | 49736 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.654434919 CEST | 49736 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.654515028 CEST | 443 | 49736 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.654831886 CEST | 49736 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.654839039 CEST | 443 | 49736 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.695378065 CEST | 49739 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.695417881 CEST | 443 | 49739 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.695504904 CEST | 49739 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.695729971 CEST | 49739 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.695744038 CEST | 443 | 49739 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.700670958 CEST | 49736 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.848316908 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.848607063 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.848630905 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.850075006 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.850146055 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.850467920 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.850548029 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.850651026 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.850656986 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.877684116 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:04.877746105 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:04.885495901 CEST | 443 | 49736 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.885674953 CEST | 443 | 49736 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.885730028 CEST | 49736 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.886429071 CEST | 49736 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.886445999 CEST | 443 | 49736 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.916493893 CEST | 443 | 49739 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.916941881 CEST | 49739 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.916964054 CEST | 443 | 49739 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.917279005 CEST | 443 | 49739 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.917674065 CEST | 49739 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.917732954 CEST | 443 | 49739 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.918226004 CEST | 49739 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:04.964114904 CEST | 443 | 49739 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:04.992568016 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.101080894 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.101135969 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.101180077 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.101186991 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.101195097 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.101242065 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.107964993 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.108015060 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.108021021 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.108026028 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.108062029 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.115127087 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.115180016 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.115183115 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.115195036 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.115242004 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.122194052 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.122250080 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.129405975 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.129443884 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.129461050 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.129465103 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.129549026 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.142667055 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:05.155128002 CEST | 443 | 49739 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.155858994 CEST | 443 | 49739 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.155925989 CEST | 49739 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.156277895 CEST | 49739 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.156296968 CEST | 443 | 49739 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.203510046 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.203555107 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.203574896 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.203581095 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.203629971 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.206537962 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.206604004 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.213685989 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.213721991 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.213731050 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.213736057 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.213776112 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.220854044 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.220894098 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.220904112 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.220909119 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.220947981 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.228027105 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.228070021 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.228079081 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.228082895 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.228121042 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.235141039 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.235199928 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.242228985 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.242280960 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.242295027 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.242300987 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.242402077 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.249346018 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.249402046 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.249404907 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.255944014 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.255983114 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.255990982 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.255995035 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.256043911 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.262377024 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.268984079 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.269022942 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.269041061 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.269046068 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.269201994 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.275460958 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.278724909 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.278779030 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.278783083 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.285254955 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.285298109 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.285303116 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.306282043 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.306334019 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.306341887 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.308182001 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.308228970 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.308233976 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.313287020 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.313338995 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.313344002 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.317890882 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.317938089 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.317941904 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.322597980 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.322653055 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.322658062 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.327182055 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.327229977 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.327234983 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.331783056 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.331830978 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.331835032 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.336431980 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.336483955 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.336488008 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.341037989 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.341088057 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.341092110 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.345648050 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.345702887 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.345707893 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.352722883 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.352762938 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.352772951 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.352777958 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.352818012 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.357166052 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.361845970 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.361882925 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.361920118 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.361924887 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.361964941 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.366451025 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.371079922 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.371118069 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.371129036 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.371133089 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.371174097 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.371177912 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.375756979 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.375807047 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.375811100 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.380410910 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.380476952 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.380481958 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.385176897 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.385354042 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.385358095 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.389354944 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.389427900 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.389431000 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.393583059 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.393848896 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.393853903 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.397968054 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.398021936 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.398025990 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.402175903 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.402240038 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.402244091 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.408458948 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.408497095 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.408509970 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.408515930 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.408679008 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.412652016 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.416881084 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.416922092 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.416924953 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.416934013 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.417068958 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.419542074 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.422163963 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.422213078 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.422235012 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.422240019 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.422282934 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.424840927 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.427421093 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.427459002 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.427479982 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.427484989 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.427557945 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.430104971 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.432533979 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.432573080 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.432595968 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.432601929 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.432735920 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.435133934 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.437635899 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.437671900 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.437695026 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.437699080 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.437736988 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.440021992 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.442455053 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.442507029 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.442512035 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.443860054 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.443968058 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.443972111 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.446114063 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.446177959 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.446181059 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.446295023 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.446341038 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.446399927 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.446413040 CEST | 443 | 49738 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.446420908 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.446449041 CEST | 49738 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.722560883 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:05.748038054 CEST | 49742 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.748084068 CEST | 443 | 49742 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.748327971 CEST | 49742 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.748564959 CEST | 49742 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.748579979 CEST | 443 | 49742 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.847464085 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:05.963593006 CEST | 443 | 49742 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.965975046 CEST | 49742 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.965996027 CEST | 443 | 49742 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.966310024 CEST | 443 | 49742 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:05.969599009 CEST | 49742 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:05.969666958 CEST | 443 | 49742 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:06.112706900 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:06.176121950 CEST | 443 | 49742 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:06.176179886 CEST | 49742 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:07.855094910 CEST | 49745 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:07.855129957 CEST | 443 | 49745 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:07.855211020 CEST | 49745 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:07.856805086 CEST | 49745 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:07.856822968 CEST | 443 | 49745 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.009809017 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.009845972 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.009907007 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.010137081 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.010153055 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.078650951 CEST | 443 | 49745 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.078758955 CEST | 49745 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.096172094 CEST | 49745 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.096189022 CEST | 443 | 49745 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.097142935 CEST | 443 | 49745 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.168971062 CEST | 49745 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.231796026 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.232135057 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.232161045 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.233606100 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.233675957 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.237201929 CEST | 49745 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.238194942 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.238394022 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.238399029 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.238428116 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.280128002 CEST | 443 | 49745 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.351432085 CEST | 443 | 49745 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.351547956 CEST | 443 | 49745 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.351600885 CEST | 49745 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.351649046 CEST | 49745 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.351670027 CEST | 443 | 49745 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.351682901 CEST | 49745 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.351689100 CEST | 443 | 49745 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.397996902 CEST | 49747 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.398047924 CEST | 443 | 49747 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.398108006 CEST | 49747 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.398606062 CEST | 49747 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.398622036 CEST | 443 | 49747 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.403343916 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.403359890 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.442997932 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.443047047 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.443069935 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.443080902 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.443123102 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.443128109 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.443141937 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.443182945 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.443188906 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.449779034 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.449826956 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.449834108 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.456778049 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.456823111 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.456831932 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.463805914 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.463848114 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.463855982 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.543668985 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.543713093 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.543726921 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.543736935 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.543787003 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.547131062 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.554169893 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.554208994 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.554234982 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.554244995 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.554284096 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.561223030 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.568213940 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.568254948 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.568262100 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.568276882 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.568314075 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.575333118 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.582282066 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.582329035 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.582339048 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.588849068 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.588886023 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.588895082 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.588903904 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.588939905 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.595396042 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.601955891 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.601999998 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.602006912 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.602018118 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.602056026 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.605377913 CEST | 443 | 49747 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.605468035 CEST | 49747 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.607004881 CEST | 49747 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.607013941 CEST | 443 | 49747 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.607358932 CEST | 443 | 49747 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.608381987 CEST | 49747 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.608473063 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.615118980 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.615156889 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.615175009 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.615184069 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.615222931 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.621582031 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.628209114 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.628261089 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.628303051 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.628312111 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.628356934 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.644270897 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.647511005 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.647545099 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.647581100 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.647592068 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.647631884 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.652121067 CEST | 443 | 49747 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.653929949 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.659996033 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.660032988 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.660048008 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.660058022 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.660096884 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.665602922 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.671266079 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.671317101 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.671324015 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.676836967 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.676873922 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.676883936 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.676892042 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.676929951 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.682404995 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.687916040 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.687962055 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.687967062 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.687980890 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.688024998 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.693406105 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.696227074 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.696285963 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.696294069 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.701704025 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.701762915 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.701771021 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.707247019 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.707293034 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.707302094 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.712418079 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.712466955 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.712474108 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.717298031 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.717345953 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.717354059 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.721865892 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.721916914 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.721925974 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.724934101 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:08.726304054 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.726349115 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.726356030 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.730473042 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.730523109 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.730531931 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.734772921 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.734811068 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.734827042 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.734837055 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.734873056 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.738811970 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.742716074 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.742753983 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.742778063 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.742789030 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.742827892 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.746671915 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.750566006 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.750617027 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.750627041 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.752599955 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.752662897 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.752671003 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.756514072 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.756570101 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.756577015 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.758932114 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.758985043 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.758995056 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.759052992 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:08.761365891 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.761416912 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.761435986 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.763757944 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.763819933 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.763828039 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.766184092 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.766233921 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.766242027 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.768661022 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.768724918 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.768868923 CEST | 49746 | 443 | 192.168.2.4 | 142.250.190.110 |
Apr 30, 2024 00:21:08.768879890 CEST | 443 | 49746 | 142.250.190.110 | 192.168.2.4 |
Apr 30, 2024 00:21:08.843930960 CEST | 443 | 49747 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.844060898 CEST | 443 | 49747 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.844113111 CEST | 49747 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.844789982 CEST | 49747 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.844810009 CEST | 443 | 49747 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:08.844824076 CEST | 49747 | 443 | 192.168.2.4 | 23.54.42.93 |
Apr 30, 2024 00:21:08.844830990 CEST | 443 | 49747 | 23.54.42.93 | 192.168.2.4 |
Apr 30, 2024 00:21:09.023701906 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:10.653152943 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:10.761320114 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:11.727936029 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:11.959300995 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:13.473663092 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:13.737780094 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:13.737859011 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:14.002733946 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:14.143376112 CEST | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Apr 30, 2024 00:21:14.143425941 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:14.143496037 CEST | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Apr 30, 2024 00:21:14.144589901 CEST | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Apr 30, 2024 00:21:14.144609928 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:14.557727098 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:14.557821989 CEST | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Apr 30, 2024 00:21:14.560558081 CEST | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Apr 30, 2024 00:21:14.560564041 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:14.561041117 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:14.633033037 CEST | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Apr 30, 2024 00:21:14.959609985 CEST | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Apr 30, 2024 00:21:15.004122019 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:15.217597008 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:15.217648029 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:15.217659950 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:15.217678070 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:15.217686892 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:15.217694998 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:15.217736006 CEST | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Apr 30, 2024 00:21:15.217756033 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:15.217782021 CEST | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Apr 30, 2024 00:21:15.217796087 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:15.217798948 CEST | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Apr 30, 2024 00:21:15.217808962 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:15.217858076 CEST | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Apr 30, 2024 00:21:15.217864037 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:15.217894077 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:15.219284058 CEST | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Apr 30, 2024 00:21:15.455492973 CEST | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Apr 30, 2024 00:21:15.455493927 CEST | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Apr 30, 2024 00:21:15.455573082 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:15.455620050 CEST | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Apr 30, 2024 00:21:16.040405035 CEST | 443 | 49742 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:16.040463924 CEST | 443 | 49742 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:16.040580988 CEST | 49742 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:16.315947056 CEST | 49742 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:21:16.315983057 CEST | 443 | 49742 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:21:16.734111071 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:16.773684978 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:17.036636114 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:19.736856937 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:19.771848917 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:20.033641100 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:20.326992035 CEST | 80 | 49723 | 208.111.186.0 | 192.168.2.4 |
Apr 30, 2024 00:21:20.327142000 CEST | 49723 | 80 | 192.168.2.4 | 208.111.186.0 |
Apr 30, 2024 00:21:20.327142000 CEST | 49723 | 80 | 192.168.2.4 | 208.111.186.0 |
Apr 30, 2024 00:21:20.428478956 CEST | 80 | 49723 | 208.111.186.0 | 192.168.2.4 |
Apr 30, 2024 00:21:21.981931925 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:22.245698929 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:22.739907026 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:22.788357973 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:23.051712036 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:25.741879940 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:25.771980047 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:26.034677029 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:28.744172096 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:28.788764954 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:29.052824020 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:31.677963972 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:31.678141117 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:31.901913881 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:31.953753948 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:31.959502935 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:32.224988937 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:34.659790993 CEST | 80 | 49724 | 208.111.186.0 | 192.168.2.4 |
Apr 30, 2024 00:21:34.659892082 CEST | 49724 | 80 | 192.168.2.4 | 208.111.186.0 |
Apr 30, 2024 00:21:34.659892082 CEST | 49724 | 80 | 192.168.2.4 | 208.111.186.0 |
Apr 30, 2024 00:21:34.749005079 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:34.785717964 CEST | 80 | 49724 | 208.111.186.0 | 192.168.2.4 |
Apr 30, 2024 00:21:34.785768032 CEST | 80 | 49724 | 208.111.186.0 | 192.168.2.4 |
Apr 30, 2024 00:21:34.785826921 CEST | 49724 | 80 | 192.168.2.4 | 208.111.186.0 |
Apr 30, 2024 00:21:34.793868065 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:34.807462931 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:35.070513010 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:37.752053022 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:37.793699026 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:37.976795912 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:38.242480993 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:40.083796978 CEST | 7777 | 49735 | 45.141.215.185 | 192.168.2.4 |
Apr 30, 2024 00:21:40.137651920 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:40.140563965 CEST | 49735 | 7777 | 192.168.2.4 | 45.141.215.185 |
Apr 30, 2024 00:21:53.072031975 CEST | 49754 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 30, 2024 00:21:53.072069883 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.072211027 CEST | 49754 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 30, 2024 00:21:53.073273897 CEST | 49754 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 30, 2024 00:21:53.073287010 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.486833096 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.486959934 CEST | 49754 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 30, 2024 00:21:53.496375084 CEST | 49754 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 30, 2024 00:21:53.496396065 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.496709108 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.505218983 CEST | 49754 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 30, 2024 00:21:53.548155069 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.889831066 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.889854908 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.889873981 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.889919043 CEST | 49754 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 30, 2024 00:21:53.889945984 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.889959097 CEST | 49754 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 30, 2024 00:21:53.889967918 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.889990091 CEST | 49754 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 30, 2024 00:21:53.890002012 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.890014887 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.890023947 CEST | 49754 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 30, 2024 00:21:53.890038967 CEST | 49754 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 30, 2024 00:21:53.890077114 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.890120029 CEST | 49754 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 30, 2024 00:21:53.898298025 CEST | 49754 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 30, 2024 00:21:53.898318052 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:21:53.898329973 CEST | 49754 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 30, 2024 00:21:53.898334980 CEST | 443 | 49754 | 13.85.23.86 | 192.168.2.4 |
Apr 30, 2024 00:22:05.807828903 CEST | 49756 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:22:05.807854891 CEST | 443 | 49756 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:22:05.807929039 CEST | 49756 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:22:05.808161020 CEST | 49756 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:22:05.808172941 CEST | 443 | 49756 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:22:06.023577929 CEST | 443 | 49756 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:22:06.023900032 CEST | 49756 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:22:06.023915052 CEST | 443 | 49756 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:22:06.024391890 CEST | 443 | 49756 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:22:06.024722099 CEST | 49756 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:22:06.024805069 CEST | 443 | 49756 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:22:06.073558092 CEST | 49756 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:22:16.028520107 CEST | 443 | 49756 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:22:16.028582096 CEST | 443 | 49756 | 142.250.190.68 | 192.168.2.4 |
Apr 30, 2024 00:22:16.028747082 CEST | 49756 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:22:16.312902927 CEST | 49756 | 443 | 192.168.2.4 | 142.250.190.68 |
Apr 30, 2024 00:22:16.312925100 CEST | 443 | 49756 | 142.250.190.68 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 30, 2024 00:21:01.739633083 CEST | 53 | 58529 | 1.1.1.1 | 192.168.2.4 |
Apr 30, 2024 00:21:01.778573990 CEST | 53 | 60904 | 1.1.1.1 | 192.168.2.4 |
Apr 30, 2024 00:21:01.825956106 CEST | 56592 | 53 | 192.168.2.4 | 8.8.8.8 |
Apr 30, 2024 00:21:01.826514959 CEST | 64666 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 30, 2024 00:21:01.926848888 CEST | 53 | 56592 | 8.8.8.8 | 192.168.2.4 |
Apr 30, 2024 00:21:01.927973986 CEST | 53 | 64666 | 1.1.1.1 | 192.168.2.4 |
Apr 30, 2024 00:21:02.421593904 CEST | 53 | 64874 | 1.1.1.1 | 192.168.2.4 |
Apr 30, 2024 00:21:03.896533966 CEST | 54827 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 30, 2024 00:21:04.199642897 CEST | 53 | 54827 | 1.1.1.1 | 192.168.2.4 |
Apr 30, 2024 00:21:04.324058056 CEST | 55469 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 30, 2024 00:21:04.324189901 CEST | 56014 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 30, 2024 00:21:04.427110910 CEST | 53 | 55469 | 1.1.1.1 | 192.168.2.4 |
Apr 30, 2024 00:21:04.428802967 CEST | 53 | 56014 | 1.1.1.1 | 192.168.2.4 |
Apr 30, 2024 00:21:05.652955055 CEST | 53 | 60706 | 1.1.1.1 | 192.168.2.4 |
Apr 30, 2024 00:21:07.867012024 CEST | 50480 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 30, 2024 00:21:07.867151022 CEST | 60057 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 30, 2024 00:21:07.968390942 CEST | 53 | 60057 | 1.1.1.1 | 192.168.2.4 |
Apr 30, 2024 00:21:07.968930006 CEST | 53 | 50480 | 1.1.1.1 | 192.168.2.4 |
Apr 30, 2024 00:21:20.116894960 CEST | 53 | 56368 | 1.1.1.1 | 192.168.2.4 |
Apr 30, 2024 00:21:21.440515995 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Apr 30, 2024 00:21:39.135560989 CEST | 53 | 64623 | 1.1.1.1 | 192.168.2.4 |
Apr 30, 2024 00:22:01.277951956 CEST | 53 | 51787 | 1.1.1.1 | 192.168.2.4 |
Apr 30, 2024 00:22:02.680608034 CEST | 53 | 60559 | 1.1.1.1 | 192.168.2.4 |
Apr 30, 2024 00:22:30.544150114 CEST | 53 | 60605 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 30, 2024 00:21:01.825956106 CEST | 192.168.2.4 | 8.8.8.8 | 0x128e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 30, 2024 00:21:01.826514959 CEST | 192.168.2.4 | 1.1.1.1 | 0x5358 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 30, 2024 00:21:03.896533966 CEST | 192.168.2.4 | 1.1.1.1 | 0xdf4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 30, 2024 00:21:04.324058056 CEST | 192.168.2.4 | 1.1.1.1 | 0xdfd5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 30, 2024 00:21:04.324189901 CEST | 192.168.2.4 | 1.1.1.1 | 0xe77d | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 30, 2024 00:21:07.867012024 CEST | 192.168.2.4 | 1.1.1.1 | 0x87ef | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 30, 2024 00:21:07.867151022 CEST | 192.168.2.4 | 1.1.1.1 | 0x3d27 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 30, 2024 00:21:01.926848888 CEST | 8.8.8.8 | 192.168.2.4 | 0x128e | No error (0) | 172.217.2.46 | A (IP address) | IN (0x0001) | false | ||
Apr 30, 2024 00:21:01.927973986 CEST | 1.1.1.1 | 192.168.2.4 | 0x5358 | No error (0) | 142.250.190.142 | A (IP address) | IN (0x0001) | false | ||
Apr 30, 2024 00:21:04.199642897 CEST | 1.1.1.1 | 192.168.2.4 | 0xdf4 | No error (0) | 45.141.215.185 | A (IP address) | IN (0x0001) | false | ||
Apr 30, 2024 00:21:04.427110910 CEST | 1.1.1.1 | 192.168.2.4 | 0xdfd5 | No error (0) | 142.250.190.68 | A (IP address) | IN (0x0001) | false | ||
Apr 30, 2024 00:21:04.428802967 CEST | 1.1.1.1 | 192.168.2.4 | 0xe77d | No error (0) | 65 | IN (0x0001) | false | |||
Apr 30, 2024 00:21:07.968390942 CEST | 1.1.1.1 | 192.168.2.4 | 0x3d27 | No error (0) | plus.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 30, 2024 00:21:07.968930006 CEST | 1.1.1.1 | 192.168.2.4 | 0x87ef | No error (0) | plus.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 30, 2024 00:21:07.968930006 CEST | 1.1.1.1 | 192.168.2.4 | 0x87ef | No error (0) | 142.250.190.110 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49736 | 142.250.190.68 | 443 | 7452 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-29 22:21:04 UTC | 353 | OUT | |
2024-04-29 22:21:04 UTC | 1479 | IN | |
2024-04-29 22:21:04 UTC | 25 | IN | |
2024-04-29 22:21:04 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49738 | 142.250.190.68 | 443 | 7452 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-29 22:21:04 UTC | 510 | OUT | |
2024-04-29 22:21:05 UTC | 1479 | IN | |
2024-04-29 22:21:05 UTC | 1479 | IN | |
2024-04-29 22:21:05 UTC | 1479 | IN | |
2024-04-29 22:21:05 UTC | 1479 | IN | |
2024-04-29 22:21:05 UTC | 1479 | IN | |
2024-04-29 22:21:05 UTC | 1479 | IN | |
2024-04-29 22:21:05 UTC | 1479 | IN | |
2024-04-29 22:21:05 UTC | 1479 | IN | |
2024-04-29 22:21:05 UTC | 1479 | IN | |
2024-04-29 22:21:05 UTC | 1479 | IN | |
2024-04-29 22:21:05 UTC | 1479 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49739 | 142.250.190.68 | 443 | 7452 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-29 22:21:04 UTC | 353 | OUT | |
2024-04-29 22:21:05 UTC | 1434 | IN | |
2024-04-29 22:21:05 UTC | 35 | IN | |
2024-04-29 22:21:05 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49745 | 23.54.42.93 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-29 22:21:08 UTC | 161 | OUT | |
2024-04-29 22:21:08 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49746 | 142.250.190.110 | 443 | 7452 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-29 22:21:08 UTC | 741 | OUT | |
2024-04-29 22:21:08 UTC | 903 | IN | |
2024-04-29 22:21:08 UTC | 352 | IN | |
2024-04-29 22:21:08 UTC | 1255 | IN | |
2024-04-29 22:21:08 UTC | 1255 | IN | |
2024-04-29 22:21:08 UTC | 1255 | IN | |
2024-04-29 22:21:08 UTC | 1255 | IN | |
2024-04-29 22:21:08 UTC | 1255 | IN | |
2024-04-29 22:21:08 UTC | 1255 | IN | |
2024-04-29 22:21:08 UTC | 1255 | IN | |
2024-04-29 22:21:08 UTC | 1255 | IN | |
2024-04-29 22:21:08 UTC | 1255 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49747 | 23.54.42.93 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-29 22:21:08 UTC | 239 | OUT | |
2024-04-29 22:21:08 UTC | 455 | IN | |
2024-04-29 22:21:08 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 49748 | 20.12.23.50 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-29 22:21:14 UTC | 306 | OUT | |
2024-04-29 22:21:15 UTC | 560 | IN | |
2024-04-29 22:21:15 UTC | 15824 | IN | |
2024-04-29 22:21:15 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.4 | 49754 | 13.85.23.86 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-29 22:21:53 UTC | 306 | OUT | |
2024-04-29 22:21:53 UTC | 560 | IN | |
2024-04-29 22:21:53 UTC | 15824 | IN | |
2024-04-29 22:21:53 UTC | 9633 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 00:20:54 |
Start date: | 30/04/2024 |
Path: | C:\Users\user\Desktop\xRzIkuwCyozY.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x630000 |
File size: | 32'768 bytes |
MD5 hash: | 3E07CEA83322232968C52E0AD1F98C03 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | low |
Has exited: | true |
Target ID: | 1 |
Start time: | 00:20:59 |
Start date: | 30/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |
Target ID: | 2 |
Start time: | 00:20:59 |
Start date: | 30/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 4 |
Start time: | 00:21:00 |
Start date: | 30/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |
Target ID: | 5 |
Start time: | 00:21:00 |
Start date: | 30/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 9 |
Start time: | 00:21:39 |
Start date: | 30/04/2024 |
Path: | C:\Windows\SysWOW64\cmd.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x240000 |
File size: | 236'544 bytes |
MD5 hash: | D0FCE3AFA6AA1D58CE9FA336CC2B675B |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 10 |
Start time: | 00:21:39 |
Start date: | 30/04/2024 |
Path: | C:\Windows\System32\conhost.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7699e0000 |
File size: | 862'208 bytes |
MD5 hash: | 0D698AF330FD17BEE3BF90011D49251D |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Execution Graph
Execution Coverage: | 15.7% |
Dynamic/Decrypted Code Coverage: | 81.5% |
Signature Coverage: | 2% |
Total number of Nodes: | 151 |
Total number of Limit Nodes: | 8 |
Graph
Function 04DE15C0 Relevance: 3.9, Strings: 2, Instructions: 1396COMMON
Control-flow Graph
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E73367 Relevance: 1.6, APIs: 1, Instructions: 75COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E7339E Relevance: 1.6, APIs: 1, Instructions: 52COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04DE03E8 Relevance: 1.6, APIs: 1, Instructions: 105COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04DE03F8 Relevance: 1.6, APIs: 1, Instructions: 104COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0B5DE Relevance: 1.6, APIs: 1, Instructions: 103fileCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E7099C Relevance: 1.6, APIs: 1, Instructions: 93COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E70190 Relevance: 1.6, APIs: 1, Instructions: 89COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E70894 Relevance: 1.6, APIs: 1, Instructions: 88timeCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E709BE Relevance: 1.6, APIs: 1, Instructions: 84COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E70D10 Relevance: 1.6, APIs: 1, Instructions: 81COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E7201D Relevance: 1.6, APIs: 1, Instructions: 80COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E734E9 Relevance: 1.6, APIs: 1, Instructions: 79COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0BC3E Relevance: 1.6, APIs: 1, Instructions: 77networkCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E70346 Relevance: 1.6, APIs: 1, Instructions: 77fileCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0B61E Relevance: 1.6, APIs: 1, Instructions: 76fileCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E701B6 Relevance: 1.6, APIs: 1, Instructions: 76COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0B6F4 Relevance: 1.6, APIs: 1, Instructions: 75COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E735D3 Relevance: 1.6, APIs: 1, Instructions: 73COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E736B7 Relevance: 1.6, APIs: 1, Instructions: 73COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0B9D6 Relevance: 1.6, APIs: 1, Instructions: 70fileCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0A140 Relevance: 1.6, APIs: 1, Instructions: 69networkCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E71F57 Relevance: 1.6, APIs: 1, Instructions: 69COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0BC5E Relevance: 1.6, APIs: 1, Instructions: 67networkCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0BD23 Relevance: 1.6, APIs: 1, Instructions: 67COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E70366 Relevance: 1.6, APIs: 1, Instructions: 67fileCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E70B6E Relevance: 1.6, APIs: 1, Instructions: 67networkCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0A710 Relevance: 1.6, APIs: 1, Instructions: 66COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E70FD2 Relevance: 1.6, APIs: 1, Instructions: 66libraryCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E725B9 Relevance: 1.6, APIs: 1, Instructions: 65libraryCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E731FC Relevance: 1.6, APIs: 1, Instructions: 64COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E708D2 Relevance: 1.6, APIs: 1, Instructions: 64timeCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E70006 Relevance: 1.6, APIs: 1, Instructions: 63COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E735F6 Relevance: 1.6, APIs: 1, Instructions: 62COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E73ADD Relevance: 1.6, APIs: 1, Instructions: 62windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E736DA Relevance: 1.6, APIs: 1, Instructions: 62COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0AC03 Relevance: 1.6, APIs: 1, Instructions: 61COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E7351A Relevance: 1.6, APIs: 1, Instructions: 61COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0B9F6 Relevance: 1.6, APIs: 1, Instructions: 60fileCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E71F7A Relevance: 1.6, APIs: 1, Instructions: 58COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0A2AE Relevance: 1.6, APIs: 1, Instructions: 56COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E70FF2 Relevance: 1.6, APIs: 1, Instructions: 56libraryCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E73C55 Relevance: 1.6, APIs: 1, Instructions: 56windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E72056 Relevance: 1.6, APIs: 1, Instructions: 55COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0AD9F Relevance: 1.6, APIs: 1, Instructions: 54COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E7321E Relevance: 1.6, APIs: 1, Instructions: 53COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0B736 Relevance: 1.6, APIs: 1, Instructions: 52COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E739A8 Relevance: 1.6, APIs: 1, Instructions: 51COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E70B9E Relevance: 1.5, APIs: 1, Instructions: 49networkCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E70D66 Relevance: 1.5, APIs: 1, Instructions: 47COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E725EA Relevance: 1.5, APIs: 1, Instructions: 46libraryCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0AC2A Relevance: 1.5, APIs: 1, Instructions: 45COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0BD62 Relevance: 1.5, APIs: 1, Instructions: 43COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0A74E Relevance: 1.5, APIs: 1, Instructions: 43COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E70032 Relevance: 1.5, APIs: 1, Instructions: 43COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0A186 Relevance: 1.5, APIs: 1, Instructions: 42networkCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E73C7A Relevance: 1.5, APIs: 1, Instructions: 42windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E739CA Relevance: 1.5, APIs: 1, Instructions: 40COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0ADCE Relevance: 1.5, APIs: 1, Instructions: 39COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04E73B16 Relevance: 1.5, APIs: 1, Instructions: 38windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F0A2DA Relevance: 1.5, APIs: 1, Instructions: 35COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 053E1C60 Relevance: .1, Instructions: 60COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F307C4 Relevance: .1, Instructions: 59COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F3079C Relevance: .1, Instructions: 53COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 053E1B04 Relevance: .1, Instructions: 52COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F1ADEC Relevance: .1, Instructions: 52COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F3075C Relevance: .1, Instructions: 51COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F305E0 Relevance: .0, Instructions: 44COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F30880 Relevance: .0, Instructions: 31COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F30606 Relevance: .0, Instructions: 27COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 053E1577 Relevance: .0, Instructions: 26COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 053E1B53 Relevance: .0, Instructions: 26COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 053E1CCB Relevance: .0, Instructions: 26COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F1AE3B Relevance: .0, Instructions: 26COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F023F4 Relevance: .0, Instructions: 15COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F023BC Relevance: .0, Instructions: 14COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |