Windows
Analysis Report
1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe
Overview
General Information
Sample name: | 1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
Analysis ID: | 1433876 |
MD5: | 5703edb174766786773f4b565b3ccf85 |
SHA1: | c4e1aa7bf7d5bd0f6c19e8c00d2b32cca143ac19 |
SHA256: | 6f5e4c2f1acbaa248f7501e931462d3da75e6deba050065538153bfe14a6bdb5 |
Tags: | base64-decodedexe |
Infos: | |
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- 1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe (PID: 4508 cmdline:
"C:\Users\ user\Deskt op\1714456 685abe8dac d9647979ca 6f07fce954 d21483995c 56b392e999 3fc4dbb806 aaf5610733 .dat-decod ed.exe" MD5: 5703EDB174766786773F4B565B3CCF85)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
Cameleon, StormKitty | PWC describes this malware as a backdoor, capable of file management, upload and download of files, and execution of commands. | No Attribution |
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
XWorm | Malware with wide range of capabilities ranging from RAT to ransomware. | No Attribution |
{"C2 url": ["91.92.242.85"], "Port": "3344", "Aes key": "<123456789>", "SPL": "<Xwormmm>", "Install file": "USB.exe", "Version": "XWorm V5.6"}
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_XWorm | Yara detected XWorm | Joe Security | ||
MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen |
|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
INDICATOR_SUSPICIOUS_DisableWinDefender | Detects executables containing artifcats associated with disabling Widnows Defender | ditekSHen |
| |
JoeSecurity_XWorm | Yara detected XWorm | Joe Security | ||
MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen |
| |
JoeSecurity_StormKitty | Yara detected StormKitty Stealer | Joe Security | ||
JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
Click to see the 9 entries |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_XWorm | Yara detected XWorm | Joe Security | ||
MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen |
| |
INDICATOR_SUSPICIOUS_DisableWinDefender | Detects executables containing artifcats associated with disabling Widnows Defender | ditekSHen |
| |
INDICATOR_SUSPICIOUS_DisableWinDefender | Detects executables containing artifcats associated with disabling Widnows Defender | ditekSHen |
| |
JoeSecurity_StormKitty | Yara detected StormKitty Stealer | Joe Security | ||
Click to see the 7 entries |
Timestamp: | 04/30/24-08:19:41.708607 |
SID: | 2852870 |
Source Port: | 3344 |
Destination Port: | 49705 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/30/24-08:19:41.709386 |
SID: | 2852923 |
Source Port: | 49705 |
Destination Port: | 3344 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/30/24-08:17:46.956384 |
SID: | 2852873 |
Source Port: | 49706 |
Destination Port: | 3344 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/30/24-08:17:46.956384 |
SID: | 2852923 |
Source Port: | 49706 |
Destination Port: | 3344 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/30/24-08:17:42.409546 |
SID: | 2853192 |
Source Port: | 49705 |
Destination Port: | 3344 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/30/24-08:17:42.763624 |
SID: | 2853191 |
Source Port: | 3344 |
Destination Port: | 49705 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/30/24-08:17:52.503906 |
SID: | 2855924 |
Source Port: | 49705 |
Destination Port: | 3344 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/30/24-08:19:30.122726 |
SID: | 2853193 |
Source Port: | 49705 |
Destination Port: | 3344 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/30/24-08:19:18.768277 |
SID: | 2852874 |
Source Port: | 3344 |
Destination Port: | 49705 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
AV Detection |
---|
Source: | Avira: |
Source: | Avira URL Cloud: |
Source: | Malware Configuration Extractor: |
Source: | Virustotal: | Perma Link |
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link |
Source: | Joe Sandbox ML: |
Source: | String decryptor: | ||
Source: | String decryptor: | ||
Source: | String decryptor: | ||
Source: | String decryptor: | ||
Source: | String decryptor: | ||
Source: | String decryptor: |
Source: | Static PE information: |
Source: | Static PE information: |
Networking |
---|
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | URLs: |
Source: | TCP traffic: |
Source: | IP Address: |
Source: | ASN Name: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Code function: | 0_2_00007FF848F26B22 | |
Source: | Code function: | 0_2_00007FF848F2A6A8 | |
Source: | Code function: | 0_2_00007FF848F29562 | |
Source: | Code function: | 0_2_00007FF848F25D76 | |
Source: | Code function: | 0_2_00007FF848F2AF3A | |
Source: | Code function: | 0_2_00007FF848F22A48 | |
Source: | Code function: | 0_2_00007FF848F31267 | |
Source: | Code function: | 0_2_00007FF848F23A6D | |
Source: | Code function: | 0_2_00007FF848F328FA | |
Source: | Code function: | 0_2_00007FF848F2D130 | |
Source: | Code function: | 0_2_00007FF848F329D3 | |
Source: | Code function: | 0_2_00007FF848F25879 | |
Source: | Code function: | 0_2_00007FF848F41060 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: |
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: |
Source: | Classification label: |
Source: | Mutant created: | ||
Source: | Mutant created: |
Source: | File created: | Jump to behavior |
Source: | Static PE information: |
Source: | Static file information: |
Source: | Key opened: | Jump to behavior |
Source: | Binary or memory string: |
Source: | ReversingLabs: | ||
Source: | Virustotal: |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Static PE information: |
Source: | Static PE information: |
Data Obfuscation |
---|
Source: | .Net Code: | ||
Source: | .Net Code: |
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: |
Source: | Code function: | 0_2_00007FF848F3042A | |
Source: | Code function: | 0_2_00007FF848F3845D | |
Source: | Code function: | 0_2_00007FF848F3846D | |
Source: | Code function: | 0_2_00007FF848F2756A |
Source: | Key value created or modified: | Jump to behavior |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | WMI Queries: |
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior |
Source: | Code function: | 0_2_00007FF848F368D3 |
Source: | Thread delayed: | Jump to behavior |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior |
Source: | File Volume queried: | Jump to behavior | ||
Source: | File Volume queried: | Jump to behavior | ||
Source: | File Volume queried: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00007FF848F368D3 |
Source: | Process token adjusted: | Jump to behavior |
Source: | Memory allocated: | Jump to behavior |
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | WMI Queries: |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 11 Windows Management Instrumentation | 1 DLL Side-Loading | 1 DLL Side-Loading | 1 Modify Registry | 1 OS Credential Dumping | 121 Security Software Discovery | Remote Services | 11 Archive Collected Data | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Disable or Modify Tools | LSASS Memory | 131 Virtualization/Sandbox Evasion | Remote Desktop Protocol | 1 Data from Local System | 1 Non-Standard Port | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 131 Virtualization/Sandbox Evasion | Security Account Manager | 1 Application Window Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 Deobfuscate/Decode Files or Information | NTDS | 13 System Information Discovery | Distributed Component Object Model | Input Capture | Protocol Impersonation | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 1 Obfuscated Files or Information | LSA Secrets | Internet Connection Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 2 Software Packing | Cached Domain Credentials | Wi-Fi Discovery | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 1 DLL Side-Loading | DCSync | Remote System Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
76% | ReversingLabs | ByteCode-MSIL.Trojan.Jalapeno | ||
66% | Virustotal | Browse | ||
100% | Avira | HEUR/AGEN.1305769 | ||
100% | Joe Sandbox ML |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
100% | Avira URL Cloud | malware | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
10% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
91.92.242.85 | unknown | Bulgaria | 34368 | THEZONEBG | true |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1433876 |
Start date and time: | 2024-04-30 08:16:48 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 6s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 4 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | 1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
Detection: | MAL |
Classification: | mal100.troj.spyw.evad.winEXE@1/12@0/1 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
- Execution Graph export aborted for target 1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe, PID 4508 because it is empty
- Report size getting too big, too many NtAllocateVirtualMemory calls found.
Time | Type | Description |
---|---|---|
08:17:36 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
91.92.242.85 | Get hash | malicious | StormKitty, XWorm | Browse | ||
Get hash | malicious | Remcos, zgRAT | Browse | |||
Get hash | malicious | Remcos | Browse | |||
Get hash | malicious | Remcos | Browse | |||
Get hash | malicious | Remcos | Browse | |||
Get hash | malicious | Remcos | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
THEZONEBG | Get hash | malicious | StormKitty, XWorm | Browse |
| |
Get hash | malicious | Nanocore, PureLog Stealer | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | PureLog Stealer | Browse |
| ||
Get hash | malicious | Gafgyt | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
|
Process: | C:\Users\user\Desktop\1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 5242880 |
Entropy (8bit): | 0.03859996294213402 |
Encrypted: | false |
SSDEEP: | 192:58rJQaXoMXp0VW9FxWHxDSjENbx56p3DisuwAyHI:58r54w0VW3xWdkEFxcp3y/y |
MD5: | D2A38A463B7925FE3ABE31ECCCE66ACA |
SHA1: | A1824888F9E086439B287DEA497F660F3AA4B397 |
SHA-256: | 474361353F00E89A9ECB246EC4662682392EBAF4F2A4BE9ABB68BBEBE33FA4A0 |
SHA-512: | 62DB46A530D952568EFBFF7796106E860D07754530B724E0392862EF76FDF99043DA9538EC0044323C814DF59802C3BB55454D591362CB9B6E39947D11E981F7 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Users\user\Desktop\1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 159744 |
Entropy (8bit): | 0.5394293526345721 |
Encrypted: | false |
SSDEEP: | 96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9 |
MD5: | 52701A76A821CDDBC23FB25C3FCA4968 |
SHA1: | 440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE |
SHA-256: | D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4 |
SHA-512: | 2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000 |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
Process: | C:\Users\user\Desktop\1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 106496 |
Entropy (8bit): | 1.136413900497188 |
Encrypted: | false |
SSDEEP: | 192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84 |
MD5: | 429F49156428FD53EB06FC82088FD324 |
SHA1: | 560E48154B4611838CD4E9DF4C14D0F9840F06AF |
SHA-256: | 9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF |
SHA-512: | 1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
Process: | C:\Users\user\Desktop\1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 196608 |
Entropy (8bit): | 1.121297215059106 |
Encrypted: | false |
SSDEEP: | 384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow |
MD5: | D87270D0039ED3A5A72E7082EA71E305 |
SHA1: | 0FBACFA8029B11A5379703ABE7B392C4E46F0BD2 |
SHA-256: | F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA |
SHA-512: | 18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
Process: | C:\Users\user\Desktop\1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 196608 |
Entropy (8bit): | 1.121297215059106 |
Encrypted: | false |
SSDEEP: | 384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow |
MD5: | D87270D0039ED3A5A72E7082EA71E305 |
SHA1: | 0FBACFA8029B11A5379703ABE7B392C4E46F0BD2 |
SHA-256: | F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA |
SHA-512: | 18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
Process: | C:\Users\user\Desktop\1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 51200 |
Entropy (8bit): | 0.8746135976761988 |
Encrypted: | false |
SSDEEP: | 96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4 |
MD5: | 9E68EA772705B5EC0C83C2A97BB26324 |
SHA1: | 243128040256A9112CEAC269D56AD6B21061FF80 |
SHA-256: | 17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF |
SHA-512: | 312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
Process: | C:\Users\user\Desktop\1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
File Type: | |
Category: | modified |
Size (bytes): | 155648 |
Entropy (8bit): | 0.5407252242845243 |
Encrypted: | false |
SSDEEP: | 96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb |
MD5: | 7B955D976803304F2C0505431A0CF1CF |
SHA1: | E29070081B18DA0EF9D98D4389091962E3D37216 |
SHA-256: | 987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC |
SHA-512: | CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A |
Malicious: | false |
Preview: |
Process: | C:\Users\user\Desktop\1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 98304 |
Entropy (8bit): | 0.08235737944063153 |
Encrypted: | false |
SSDEEP: | 12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO |
MD5: | 369B6DD66F1CAD49D0952C40FEB9AD41 |
SHA1: | D05B2DE29433FB113EC4C558FF33087ED7481DD4 |
SHA-256: | 14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D |
SHA-512: | 771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928 |
Malicious: | false |
Preview: |
Process: | C:\Users\user\Desktop\1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 5242880 |
Entropy (8bit): | 0.03859996294213402 |
Encrypted: | false |
SSDEEP: | 192:58rJQaXoMXp0VW9FxWHxDSjENbx56p3DisuwAyHI:58r54w0VW3xWdkEFxcp3y/y |
MD5: | D2A38A463B7925FE3ABE31ECCCE66ACA |
SHA1: | A1824888F9E086439B287DEA497F660F3AA4B397 |
SHA-256: | 474361353F00E89A9ECB246EC4662682392EBAF4F2A4BE9ABB68BBEBE33FA4A0 |
SHA-512: | 62DB46A530D952568EFBFF7796106E860D07754530B724E0392862EF76FDF99043DA9538EC0044323C814DF59802C3BB55454D591362CB9B6E39947D11E981F7 |
Malicious: | false |
Preview: |
Process: | C:\Users\user\Desktop\1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 106496 |
Entropy (8bit): | 1.136413900497188 |
Encrypted: | false |
SSDEEP: | 192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84 |
MD5: | 429F49156428FD53EB06FC82088FD324 |
SHA1: | 560E48154B4611838CD4E9DF4C14D0F9840F06AF |
SHA-256: | 9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF |
SHA-512: | 1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F |
Malicious: | false |
Preview: |
Process: | C:\Users\user\Desktop\1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 40960 |
Entropy (8bit): | 0.8553638852307782 |
Encrypted: | false |
SSDEEP: | 48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil |
MD5: | 28222628A3465C5F0D4B28F70F97F482 |
SHA1: | 1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14 |
SHA-256: | 93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4 |
SHA-512: | C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7 |
Malicious: | false |
Preview: |
Process: | C:\Users\user\Desktop\1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 20480 |
Entropy (8bit): | 0.8439810553697228 |
Encrypted: | false |
SSDEEP: | 24:TLyAF1kwNbXYFpFNYcw+6UwcQVXH5fBO9p7n52GmCWGf+dyMDCFVE1:TeAFawNLopFgU10XJBOB2Gbf+ba+ |
MD5: | 9D46F142BBCF25D0D495FF1F3A7609D3 |
SHA1: | 629BD8CD800F9D5B078B5779654F7CBFA96D4D4E |
SHA-256: | C11B443A512184E82D670BA6F7886E98B03C27CC7A3CEB1D20AD23FCA1DE57DA |
SHA-512: | AC90306667AFD38F73F6017543BDBB0B359D79740FA266F587792A94FDD35B54CCE5F6D85D5F6CB7F4344BEDAD9194769ABB3864AAE7D94B4FD6748C31250AC2 |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 5.589454019001118 |
TrID: |
|
File name: | 1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
File size: | 33'280 bytes |
MD5: | 5703edb174766786773f4b565b3ccf85 |
SHA1: | c4e1aa7bf7d5bd0f6c19e8c00d2b32cca143ac19 |
SHA256: | 6f5e4c2f1acbaa248f7501e931462d3da75e6deba050065538153bfe14a6bdb5 |
SHA512: | d1c798c43abd58163fb059c56fc5084bc3826c842076bee7b432887b8aec421a685efe7b491c5afce7bc06765565eecc75c52b6901a34d4950c31d965874a2cd |
SSDEEP: | 384:aEbmX5Qa+vN1h1+X3v6JFjL+g93Tm2eaFO3xdRApkFTBLTsOZwpGd2v99Ikuis/A:TVa+vNtg+PB93Tw46xdVFE9jyOjhvb/ |
TLSH: | 61E23B4877944712DAEEAFB12DF362021270951BE913EF5E0CE485EA2B67AC047407E6 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....I(f.................x..........n.... ........@.. ....................................@................................ |
Icon Hash: | 00928e8e8686b000 |
Entrypoint: | 0x40976e |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x66284985 [Tue Apr 23 23:51:33 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | f34d5f2d4577ed6d9ceec516c1f5a744 |
Instruction |
---|
jmp dword ptr [00402000h] |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x971c | 0x4f | .text |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xa000 | 0x4d8 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xc000 | 0xc | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x2000 | 0x8 | .text |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x2008 | 0x48 | .text |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x2000 | 0x7774 | 0x7800 | 31aaf89963298b1a90d2f9fa7d82b2da | False | 0.5008463541666667 | data | 5.740581679802255 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rsrc | 0xa000 | 0x4d8 | 0x600 | afbb984503128042cc38bf70e5e337f4 | False | 0.375 | data | 3.7203482473352403 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0xc000 | 0xc | 0x200 | 3ee5eb55d2c84cad34ece42377c6f250 | False | 0.044921875 | data | 0.08153941234324169 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_VERSION | 0xa0a0 | 0x244 | data | 0.4724137931034483 | ||
RT_MANIFEST | 0xa2e8 | 0x1ea | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | 0.5469387755102041 |
DLL | Import |
---|---|
mscoree.dll | _CorExeMain |
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
04/30/24-08:19:41.708607 | TCP | 2852870 | ETPRO TROJAN Win32/XWorm CnC Checkin - Generic Prefix Bytes | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
04/30/24-08:19:41.709386 | TCP | 2852923 | ETPRO TROJAN Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
04/30/24-08:17:46.956384 | TCP | 2852873 | ETPRO TROJAN Win32/XWorm CnC PING Command Outbound M2 | 49706 | 3344 | 192.168.2.5 | 91.92.242.85 |
04/30/24-08:17:46.956384 | TCP | 2852923 | ETPRO TROJAN Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 49706 | 3344 | 192.168.2.5 | 91.92.242.85 |
04/30/24-08:17:42.409546 | TCP | 2853192 | ETPRO TROJAN Win32/XWorm V3 CnC Command - sendPlugin Outbound | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
04/30/24-08:17:42.763624 | TCP | 2853191 | ETPRO TROJAN Win32/XWorm V3 CnC Command - savePlugin Inbound | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
04/30/24-08:17:52.503906 | TCP | 2855924 | ETPRO TROJAN Win32/XWorm V3 CnC Command - PING Outbound | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
04/30/24-08:19:30.122726 | TCP | 2853193 | ETPRO TROJAN Win32/XWorm V3 CnC Command - PING Outbound | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
04/30/24-08:19:18.768277 | TCP | 2852874 | ETPRO TROJAN Win32/XWorm CnC PING Command Inbound M2 | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 30, 2024 08:17:37.785666943 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:37.977232933 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:37.977418900 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:38.707104921 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:38.940159082 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:41.288985968 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:41.341310024 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:41.532644033 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:41.575654984 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:42.409545898 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:42.643269062 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.643423080 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:42.763623953 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.763658047 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.763672113 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.763684988 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.763700962 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.763712883 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.763724089 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.763736963 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.763744116 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:42.763748884 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.763765097 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.763812065 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:42.763860941 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:42.877504110 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.954890013 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.954910040 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.954931021 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.954962015 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:42.955024004 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:42.955079079 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.206536055 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206552982 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206638098 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.206697941 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206717014 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206731081 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206749916 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206767082 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206777096 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.206782103 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206795931 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206803083 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206808090 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.206815958 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206829071 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206842899 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.206845999 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206861973 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206876040 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206881046 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.206888914 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206902981 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206912041 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.206917048 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206931114 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206939936 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.206944942 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206958055 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206960917 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.206973076 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.206980944 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.206989050 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.207012892 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.251497030 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.285947084 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.398719072 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398735046 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398747921 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398758888 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398772001 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398785114 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398793936 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.398804903 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398837090 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398849964 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398860931 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398868084 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398885012 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398885965 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.398885965 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.398900986 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398909092 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.398915052 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398931026 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398958921 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398961067 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.398961067 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.398972034 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398983955 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.398984909 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.398999929 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399004936 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.399013996 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399024963 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.399032116 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399044037 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399050951 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399056911 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399058104 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.399072886 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399079084 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399085045 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399091959 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399102926 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399115086 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399128914 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399139881 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.399153948 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.399164915 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399177074 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399178982 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.399188995 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399198055 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.399202108 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399214983 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399223089 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.399229050 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399231911 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.399243116 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.399249077 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.399279118 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.442795992 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.442845106 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.518316984 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.590965986 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.590982914 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.590993881 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591006041 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591020107 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591031075 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591042995 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591058016 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591070890 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591084957 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591098070 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591110945 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591124058 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591120958 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.591135979 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591150045 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591161966 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591171980 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.591173887 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591187000 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591201067 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591208935 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.591216087 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591224909 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.591229916 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591243029 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591255903 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591269970 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591279030 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.591284037 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591296911 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591309071 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591317892 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.591322899 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591335058 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591348886 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591350079 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.591368914 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.591371059 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591392040 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591403961 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.591408968 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591422081 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591435909 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591442108 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.591449022 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591464043 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591469049 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.591479063 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.591489077 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.591516018 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.634011984 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.685079098 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783116102 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783138990 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783149958 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783163071 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783175945 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783188105 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783191919 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783200026 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783221006 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783235073 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783247948 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783256054 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783262014 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783274889 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783282995 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783293009 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783305883 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783310890 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783319950 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783324003 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783334970 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783348083 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783353090 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783361912 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783375025 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783382893 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783386946 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783400059 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783402920 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783411980 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783427954 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783432007 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783443928 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783457994 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783466101 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783472061 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783484936 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783488035 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783498049 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783509970 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783516884 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783524036 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783538103 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783546925 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783550024 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783564091 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783565998 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783577919 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783591032 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783591032 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783603907 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783618927 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783624887 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783632994 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.783642054 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.783674002 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.876355886 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.919471979 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975121975 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975138903 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975152016 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975172997 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975184917 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975198984 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975198030 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975215912 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975227118 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975243092 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975246906 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975260973 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975272894 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975277901 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975286007 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975300074 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975306034 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975311995 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975325108 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975332022 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975339890 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975353003 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975362062 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975366116 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975378990 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975387096 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975392103 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975404978 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975411892 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975418091 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975431919 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975444078 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975445986 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975456953 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975470066 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975471020 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975483894 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975492954 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975497007 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975517035 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975517035 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975531101 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975543976 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975549936 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975573063 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975580931 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975586891 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975600958 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975613117 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975616932 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975625992 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975639105 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975646019 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975651979 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975666046 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:43.975689888 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:43.975718975 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.110790014 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.153851986 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167152882 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167170048 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167184114 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167197943 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167208910 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167222977 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167237997 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167252064 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167263985 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167277098 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167299032 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167304993 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167313099 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167325974 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167339087 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167351961 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167360067 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167365074 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167378902 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167392015 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167397022 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167403936 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167407036 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167418003 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167432070 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167437077 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167445898 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167459965 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167468071 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167480946 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167483091 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167489052 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167491913 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167504072 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167522907 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167527914 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167542934 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167548895 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167557001 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167563915 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167571068 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167582989 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167596102 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167596102 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167609930 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167623043 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167627096 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167644024 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167649031 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167660952 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167674065 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.167681932 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.167710066 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.345530033 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359013081 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359169960 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359188080 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359206915 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359220028 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359231949 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359245062 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359252930 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359256983 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359270096 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359281063 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359283924 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359297037 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359312057 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359323025 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359324932 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359338999 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359349966 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359353065 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359360933 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359373093 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359385014 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359395981 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359399080 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359411955 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359424114 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359436035 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359442949 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359456062 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359468937 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359469891 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359468937 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359468937 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359487057 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359500885 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359508991 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359517097 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359529018 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359539986 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359541893 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359555006 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359561920 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359570026 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359582901 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359591007 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359594107 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359607935 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359620094 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359631062 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359642982 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359657049 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.359668016 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359668016 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359723091 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.359723091 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.403844118 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.551480055 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551510096 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551525116 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551541090 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551554918 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551568985 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551592112 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.551631927 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.551646948 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551662922 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551675081 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551688910 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551702023 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551706076 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.551716089 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551724911 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.551728964 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551744938 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551759005 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551762104 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.551774025 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551780939 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551786900 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551794052 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551801920 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551814079 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551820040 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551826000 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551837921 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551848888 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551862955 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551877022 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551888943 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551901102 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551913023 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551923990 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551937103 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551945925 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.551945925 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.551945925 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.551945925 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.551945925 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.551949024 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551958084 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551959991 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.551970959 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551980019 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.551995993 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.552021980 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.552325010 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.552340984 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.552381039 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.595288038 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.638164043 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.744151115 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744208097 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744219065 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744226933 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744240046 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744254112 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744266987 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744275093 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744537115 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744551897 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744564056 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744575977 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744590998 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744596004 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.744604111 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744616985 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744635105 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744649887 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744652987 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.744663954 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744678974 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744692087 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744704962 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744716883 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744728088 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744740009 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744752884 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744767904 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744767904 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.744781971 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744795084 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744798899 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.744812012 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744823933 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.744827032 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744841099 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744856119 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744858980 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.744872093 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744885921 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.744891882 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744906902 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744913101 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.744920969 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744934082 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744944096 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.744949102 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.744976997 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.744997978 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.829483986 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.872576952 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.936541080 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936564922 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936579943 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936602116 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936614990 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936628103 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936640978 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936656952 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936669111 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936681986 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936678886 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.936696053 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936708927 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936727047 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936728954 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.936743975 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936753988 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.936762094 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936774969 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936788082 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936800957 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936810017 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.936821938 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936836004 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936841965 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.936850071 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936863899 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936877966 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936878920 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.936889887 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936896086 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.936903954 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936918020 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936923027 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.936933041 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936947107 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936959028 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936966896 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936969995 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.936980963 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936994076 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.936996937 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.937007904 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.937021971 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.937022924 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.937037945 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.937045097 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.937052965 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.937061071 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.937068939 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.937083960 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:44.937100887 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:44.937129021 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.063966990 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.107042074 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.128595114 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128613949 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128626108 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128639936 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128652096 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128664970 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128678083 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128691912 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128700972 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.128705025 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128717899 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128731012 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128746033 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128760099 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128772974 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128786087 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.128786087 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.128794909 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128807068 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.128808975 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128822088 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128837109 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128846884 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.128849983 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128864050 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128876925 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128876925 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.128890991 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128895998 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.128905058 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128917933 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128925085 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.128931046 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128945112 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128957987 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128964901 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.128973007 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128987074 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.128995895 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.128999949 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.129014015 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.129017115 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.129028082 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.129035950 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.129048109 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.129060030 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.129070044 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.129072905 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.129087925 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.129096985 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.129101992 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.129113913 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.129137993 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.129165888 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.298219919 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.320399046 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.320415974 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.320429087 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.320447922 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.320530891 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.372534037 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.556452990 CEST | 49706 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.748027086 CEST | 3344 | 49706 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:45.748106956 CEST | 49706 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:45.781023979 CEST | 49706 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:46.018515110 CEST | 3344 | 49706 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:46.018678904 CEST | 49706 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:46.253177881 CEST | 3344 | 49706 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:46.253274918 CEST | 49706 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:46.488343000 CEST | 3344 | 49706 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:46.488502979 CEST | 49706 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:46.721735001 CEST | 3344 | 49706 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:46.721914053 CEST | 49706 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:46.956305981 CEST | 3344 | 49706 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:46.956383944 CEST | 49706 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:47.083214998 CEST | 49706 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:47.190283060 CEST | 3344 | 49706 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:47.274663925 CEST | 3344 | 49706 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:47.312886953 CEST | 3344 | 49706 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:47.313082933 CEST | 49706 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:48.423635960 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:48.466309071 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:52.503906012 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:52.698113918 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:17:52.700035095 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:17:52.940157890 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:18:06.295628071 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:18:06.489691973 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:18:06.492624998 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:18:06.737086058 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:18:18.432543993 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:18:18.481868982 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:18:20.093609095 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:18:20.286480904 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:18:20.289530039 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:18:20.533824921 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:18:34.430866003 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:18:34.623785973 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:18:34.626132965 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:18:34.861907959 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:18:48.216737986 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:18:48.411324978 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:18:48.415687084 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:18:48.607116938 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:18:48.653706074 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:18:56.013420105 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:18:56.207374096 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:18:56.210251093 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:18:56.455703974 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:02.515554905 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:02.710388899 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:02.712471962 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:02.955712080 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:07.560386896 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:07.754652977 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:07.754717112 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:07.947350025 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:07.951370001 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:08.142635107 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:08.143055916 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:08.334140062 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:08.334216118 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:08.533504009 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:08.533935070 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:08.768307924 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:08.768629074 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:09.002607107 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:13.497675896 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:13.691286087 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:13.691343069 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:13.886347055 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:13.886405945 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:14.080149889 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:14.083093882 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:14.315088987 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:14.320792913 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:14.565133095 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:18.457108021 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:18.591332912 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:18.768276930 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:18.768371105 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:18.779238939 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:18.972407103 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:18.972507954 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:19.166518927 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:19.166594028 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:19.358064890 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:19.358161926 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:19.596574068 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:19.596656084 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:19.830754042 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:24.013537884 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:24.207226038 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:24.207292080 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:24.400352001 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:24.400434971 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:24.591674089 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:24.591736078 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:24.831605911 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:24.831654072 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:25.065021038 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:28.513391018 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:28.706650019 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:28.708919048 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:28.955740929 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:30.122725964 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:30.316046953 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:30.322607994 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:30.565335035 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:34.294507027 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:34.488420010 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:34.488476038 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:34.681854963 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:34.681909084 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:34.873944998 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:34.874036074 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:35.111912012 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:35.112214088 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:35.346297026 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:41.515659094 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:41.708606958 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Apr 30, 2024 08:19:41.709386110 CEST | 49705 | 3344 | 192.168.2.5 | 91.92.242.85 |
Apr 30, 2024 08:19:41.955738068 CEST | 3344 | 49705 | 91.92.242.85 | 192.168.2.5 |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Target ID: | 0 |
Start time: | 08:17:33 |
Start date: | 30/04/2024 |
Path: | C:\Users\user\Desktop\1714456685abe8dacd9647979ca6f07fce954d21483995c56b392e9993fc4dbb806aaf5610733.dat-decoded.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x3a0000 |
File size: | 33'280 bytes |
MD5 hash: | 5703EDB174766786773F4B565B3CCF85 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | low |
Has exited: | false |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F41060 Relevance: 1.5, Instructions: 1540COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2AF3A Relevance: 1.1, Instructions: 1091COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F25D76 Relevance: .5, Instructions: 476COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F26B22 Relevance: .5, Instructions: 462COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F31267 Relevance: .4, Instructions: 370COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2A6A8 Relevance: .3, Instructions: 341COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F5A880 Relevance: .8, Instructions: 829COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F63240 Relevance: .7, Instructions: 742COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F302F2 Relevance: .7, Instructions: 736COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2C385 Relevance: .6, Instructions: 596COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F65991 Relevance: .6, Instructions: 559COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F3076D Relevance: .5, Instructions: 533COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2C3DD Relevance: .5, Instructions: 508COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F66B10 Relevance: .5, Instructions: 495COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F6A1B8 Relevance: .5, Instructions: 481COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F60D90 Relevance: .4, Instructions: 430COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2ECCF Relevance: .4, Instructions: 422COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F55340 Relevance: .4, Instructions: 421COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2BE2D Relevance: .4, Instructions: 395COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F30DF2 Relevance: .4, Instructions: 395COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F20758 Relevance: .4, Instructions: 395COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F587A0 Relevance: .4, Instructions: 387COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F3083D Relevance: .4, Instructions: 361COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2BE75 Relevance: .4, Instructions: 357COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F5A040 Relevance: .4, Instructions: 356COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F225CD Relevance: .3, Instructions: 345COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2BFD5 Relevance: .3, Instructions: 341COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F30845 Relevance: .3, Instructions: 339COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2AB40 Relevance: .3, Instructions: 335COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F26736 Relevance: .3, Instructions: 335COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2F155 Relevance: .3, Instructions: 334COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F30885 Relevance: .3, Instructions: 333COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F44830 Relevance: .3, Instructions: 322COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F31155 Relevance: .3, Instructions: 302COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F21DC5 Relevance: .3, Instructions: 283COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F28B4D Relevance: .3, Instructions: 279COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F28609 Relevance: .3, Instructions: 278COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F44920 Relevance: .3, Instructions: 276COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F569B0 Relevance: .3, Instructions: 276COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F448D0 Relevance: .3, Instructions: 262COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2FA2A Relevance: .3, Instructions: 254COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F5BA40 Relevance: .3, Instructions: 254COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2C910 Relevance: .3, Instructions: 251COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F21738 Relevance: .2, Instructions: 248COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F30385 Relevance: .2, Instructions: 243COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2E9F8 Relevance: .2, Instructions: 238COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2AA94 Relevance: .2, Instructions: 233COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F550F3 Relevance: .2, Instructions: 232COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2BF5D Relevance: .2, Instructions: 231COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F30C10 Relevance: .2, Instructions: 225COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F28176 Relevance: .2, Instructions: 222COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F21DD5 Relevance: .2, Instructions: 221COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F20925 Relevance: .2, Instructions: 213COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F27F9D Relevance: .2, Instructions: 213COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F31105 Relevance: .2, Instructions: 208COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F6A1F0 Relevance: .2, Instructions: 206COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2EA30 Relevance: .2, Instructions: 205COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F28BA0 Relevance: .2, Instructions: 205COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F288C1 Relevance: .2, Instructions: 205COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F44970 Relevance: .2, Instructions: 199COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2366C Relevance: .2, Instructions: 196COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2AC9A Relevance: .2, Instructions: 184COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F205A0 Relevance: .2, Instructions: 180COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F59B70 Relevance: .2, Instructions: 179COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2FF75 Relevance: .2, Instructions: 163COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F21495 Relevance: .2, Instructions: 160COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F20B5E Relevance: .2, Instructions: 160COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F29615 Relevance: .2, Instructions: 156COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2BE6D Relevance: .1, Instructions: 146COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F30BA5 Relevance: .1, Instructions: 143COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F204C8 Relevance: .1, Instructions: 138COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F56B30 Relevance: .1, Instructions: 132COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F20E11 Relevance: .1, Instructions: 132COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F30C50 Relevance: .1, Instructions: 124COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F40DC0 Relevance: .1, Instructions: 124COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F205D5 Relevance: .1, Instructions: 124COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F20CC1 Relevance: .1, Instructions: 121COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F70B20 Relevance: .1, Instructions: 120COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F4FEE0 Relevance: .1, Instructions: 119COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2EE4D Relevance: .1, Instructions: 118COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F65CAB Relevance: .1, Instructions: 117COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F20E30 Relevance: .1, Instructions: 116COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2EA88 Relevance: .1, Instructions: 115COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F212C1 Relevance: .1, Instructions: 108COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F4EEB0 Relevance: .1, Instructions: 105COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F31200 Relevance: .1, Instructions: 100COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F284C5 Relevance: .1, Instructions: 99COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F28362 Relevance: .1, Instructions: 95COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F662B8 Relevance: .1, Instructions: 90COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F205BD Relevance: .1, Instructions: 90COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2202A Relevance: .1, Instructions: 87COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2A9E1 Relevance: .1, Instructions: 81COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F27DF1 Relevance: .1, Instructions: 81COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F28662 Relevance: .1, Instructions: 78COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F20578 Relevance: .1, Instructions: 76COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F64A70 Relevance: .1, Instructions: 73COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F220FD Relevance: .1, Instructions: 62COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2786E Relevance: .1, Instructions: 59COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2140D Relevance: .1, Instructions: 52COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F31228 Relevance: .0, Instructions: 50COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F205B0 Relevance: .0, Instructions: 50COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F21141 Relevance: .0, Instructions: 44COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F213B8 Relevance: .0, Instructions: 35COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F65F60 Relevance: .0, Instructions: 35COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F20780 Relevance: .0, Instructions: 29COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2A97A Relevance: .0, Instructions: 28COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F47DF0 Relevance: .0, Instructions: 28COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F21284 Relevance: .0, Instructions: 26COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F2D130 Relevance: .7, Instructions: 667COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F22A48 Relevance: .4, Instructions: 437COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F25879 Relevance: .4, Instructions: 416COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F23A6D Relevance: .4, Instructions: 359COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F328FA Relevance: .2, Instructions: 234COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F329D3 Relevance: .1, Instructions: 146COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF848F368D3 Relevance: .1, Instructions: 132COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |