Analysis Overview
SHA256
bce72f157baf8064117c80e67998acc83fd27f1de64e0c9a68ad5c9209bc2bd2
Threat Level: Known bad
The file bce72f157baf8064117c80e67998acc83fd27f1de64e0c9a68ad5c9209bc2bd2 was found to be: Known bad.
Malicious Activity Summary
Conti Ransomware
Modifies extensions of user files
Drops startup file
Sets desktop wallpaper using registry
Drops file in Program Files directory
Runs net.exe
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V6
Analysis: static1
Detonation Overview
Reported
2022-03-01 21:04
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2022-03-01 21:04
Reported
2022-03-01 21:09
Platform
win7-20220223-en
Max time kernel
4294179s
Max time network
121s
Command Line
Signatures
Conti Ransomware
Modifies extensions of user files
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Pictures\ApproveSearch.tiff | C:\Windows\system32\regsvr32.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\ApproveSearch.tiff => C:\Users\Admin\Pictures\ApproveSearch.tiff.B0fWd | C:\Windows\system32\regsvr32.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\CheckpointOpen.crw => C:\Users\Admin\Pictures\CheckpointOpen.crw.B0fWd | C:\Windows\system32\regsvr32.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\ConvertFromWrite.raw => C:\Users\Admin\Pictures\ConvertFromWrite.raw.B0fWd | C:\Windows\system32\regsvr32.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\RenameRedo.png => C:\Users\Admin\Pictures\RenameRedo.png.B0fWd | C:\Windows\system32\regsvr32.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\SelectUnprotect.raw => C:\Users\Admin\Pictures\SelectUnprotect.raw.B0fWd | C:\Windows\system32\regsvr32.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\UnprotectResolve.raw => C:\Users\Admin\Pictures\UnprotectResolve.raw.B0fWd | C:\Windows\system32\regsvr32.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\UpdateEdit.crw => C:\Users\Admin\Pictures\UpdateEdit.crw.B0fWd | C:\Windows\system32\regsvr32.exe | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1405931862-909307831-4085185274-1000\Control Panel\Desktop\Wallpaper = "C:\\ProgramData\\conti.png" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1405931862-909307831-4085185274-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Pictures\\Wallpaper.jpg" | C:\Windows\system32\regsvr32.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02759J.JPG | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293236.WMF | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OneNote.en-us\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SIGNS.ICO | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\TipsImage.jpg | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\et.pak | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_ja.jar | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\browser\features\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00737_.WMF | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SlateBlue.css | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\DELETE.GIF | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vincennes | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187837.WMF | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216570.WMF | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\vlc.mo | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\background.gif | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152688.WMF | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187829.WMF | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\MP00132_.WMF | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10268_.GIF | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\InformationIconMask.bmp | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\es\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert.css | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\Common Files\System\it-IT\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\CollectSignatures_Sign.xsn | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-BoldOblique.otf | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\1033\CAGCAT10.MML | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\CreateSpaceImageMask.bmp | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\en-GB.pak | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145373.JPG | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESTS.ICO | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Full\pushplaysubpicture.png | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR11F.GIF | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKDECL.ICO | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Juneau | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGNAVBAR.DPV | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.WIH | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectToolsetIconImagesMask.bmp | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MYSL.ICO | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Elemental.xml | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\security\local_policy.jar | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\modules\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\fr-FR\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099188.JPG | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC_K_COL.HXK | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Enderbury | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\adovbs.inc | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGTEAR.DPV | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_GreenTea.gif | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\89.0.4389.114\VisualElements\Logo.png | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\System\es-ES\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB10.BDR | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15018_.GIF | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\OliveGreen.css | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187861.WMF | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00391_.WMF | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-api.xml | C:\Windows\system32\regsvr32.exe | N/A |
Runs net.exe
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\bce72f157baf8064117c80e67998acc83fd27f1de64e0c9a68ad5c9209bc2bd2.dll
C:\Windows\system32\cmd.exe
cmd.exe /c net stop "SQLsafe Backup Service" /y
C:\Windows\system32\net.exe
net stop "SQLsafe Backup Service" /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop "SQLsafe Backup Service" /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop "SQLsafe Filter Service" /y
C:\Windows\system32\net.exe
net stop "SQLsafe Filter Service" /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop "SQLsafe Filter Service" /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSOLAP$SQL_2008 /y
C:\Windows\system32\net.exe
net stop MSOLAP$SQL_2008 /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSOLAP$SQL_2008 /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$BKUPEXEC /y
C:\Windows\system32\net.exe
net stop MSSQL$BKUPEXEC /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$BKUPEXEC /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$ECWDB2 /y
C:\Windows\system32\net.exe
net stop MSSQL$ECWDB2 /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$ECWDB2 /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$PRACTICEMGT /y
C:\Windows\system32\net.exe
net stop MSSQL$PRACTICEMGT /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$PRACTICEMGT /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$PRACTTICEBGC /y
C:\Windows\system32\net.exe
net stop MSSQL$PRACTTICEBGC /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$PRACTTICEBGC /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$PROFXENGAGEMENT /y
C:\Windows\system32\net.exe
net stop MSSQL$PROFXENGAGEMENT /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$PROFXENGAGEMENT /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$SBSMONITORING /y
C:\Windows\system32\net.exe
net stop MSSQL$SBSMONITORING /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$SBSMONITORING /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$SHAREPOINT /y
C:\Windows\system32\net.exe
net stop MSSQL$SHAREPOINT /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$SHAREPOINT /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$SQL_2008 /y
C:\Windows\system32\net.exe
net stop MSSQL$SQL_2008 /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$SQL_2008 /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$SYSTEM_BGC /y
C:\Windows\system32\net.exe
net stop MSSQL$SYSTEM_BGC /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$SYSTEM_BGC /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$TPS /y
C:\Windows\system32\net.exe
net stop MSSQL$TPS /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$TPS /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$TPSAMA /y
C:\Windows\system32\net.exe
net stop MSSQL$TPSAMA /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$TPSAMA /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$VEEAMSQL2008R2 /y
C:\Windows\system32\net.exe
net stop MSSQL$VEEAMSQL2008R2 /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$VEEAMSQL2008R2 /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$VEEAMSQL2012 /y
C:\Windows\system32\net.exe
net stop MSSQL$VEEAMSQL2012 /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$VEEAMSQL2012 /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQLSERVER /y
C:\Windows\system32\net.exe
net stop MSSQLSERVER /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQLSERVER /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop SQLBrowser /y
C:\Windows\system32\net.exe
net stop SQLBrowser /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop SQLBrowser /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop SQLWriter /y
C:\Windows\system32\net.exe
net stop SQLWriter /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop SQLWriter /y
Network
| Country | Destination | Domain | Proto |
| N/A | 10.127.0.0:445 | tcp | |
| N/A | 10.127.0.1:445 | tcp | |
| N/A | 10.127.0.2:445 | tcp | |
| N/A | 10.127.0.3:445 | tcp | |
| N/A | 10.127.0.4:445 | tcp | |
| N/A | 10.127.0.5:445 | tcp | |
| N/A | 10.127.0.6:445 | tcp | |
| N/A | 10.127.0.7:445 | tcp | |
| N/A | 10.127.0.8:445 | tcp | |
| N/A | 10.127.0.9:445 | tcp | |
| N/A | 10.127.0.10:445 | tcp | |
| N/A | 10.127.0.11:445 | tcp | |
| N/A | 10.127.0.12:445 | tcp | |
| N/A | 10.127.0.13:445 | tcp | |
| N/A | 10.127.0.14:445 | tcp | |
| N/A | 10.127.0.15:445 | tcp | |
| N/A | 10.127.0.16:445 | tcp | |
| N/A | 10.127.0.17:445 | tcp | |
| N/A | 10.127.0.18:445 | tcp | |
| N/A | 10.127.0.19:445 | tcp | |
| N/A | 10.127.0.20:445 | tcp | |
| N/A | 10.127.0.21:445 | tcp | |
| N/A | 10.127.0.22:445 | tcp | |
| N/A | 10.127.0.23:445 | tcp | |
| N/A | 10.127.0.24:445 | tcp | |
| N/A | 10.127.0.25:445 | tcp | |
| N/A | 10.127.0.26:445 | tcp | |
| N/A | 10.127.0.27:445 | tcp | |
| N/A | 10.127.0.28:445 | tcp | |
| N/A | 10.127.0.29:445 | tcp | |
| N/A | 10.127.0.30:445 | tcp | |
| N/A | 10.127.0.31:445 | tcp | |
| N/A | 10.127.0.32:445 | tcp | |
| N/A | 10.127.0.33:445 | tcp | |
| N/A | 10.127.0.34:445 | tcp | |
| N/A | 10.127.0.35:445 | tcp | |
| N/A | 10.127.0.36:445 | tcp | |
| N/A | 10.127.0.37:445 | tcp | |
| N/A | 10.127.0.38:445 | tcp | |
| N/A | 10.127.0.39:445 | tcp | |
| N/A | 10.127.0.40:445 | tcp | |
| N/A | 10.127.0.41:445 | tcp | |
| N/A | 10.127.0.42:445 | tcp | |
| N/A | 10.127.0.43:445 | tcp | |
| N/A | 10.127.0.44:445 | tcp | |
| N/A | 10.127.0.45:445 | tcp | |
| N/A | 10.127.0.46:445 | tcp | |
| N/A | 10.127.0.47:445 | tcp | |
| N/A | 10.127.0.48:445 | tcp | |
| N/A | 10.127.0.49:445 | tcp | |
| N/A | 10.127.0.50:445 | tcp | |
| N/A | 10.127.0.51:445 | tcp | |
| N/A | 10.127.0.52:445 | tcp | |
| N/A | 10.127.0.53:445 | tcp | |
| N/A | 10.127.0.54:445 | tcp | |
| N/A | 10.127.0.55:445 | tcp | |
| N/A | 10.127.0.56:445 | tcp | |
| N/A | 10.127.0.57:445 | tcp | |
| N/A | 10.127.0.58:445 | tcp | |
| N/A | 10.127.0.59:445 | tcp | |
| N/A | 10.127.0.60:445 | tcp | |
| N/A | 10.127.0.61:445 | tcp | |
| N/A | 10.127.0.62:445 | tcp | |
| N/A | 10.127.0.63:445 | tcp | |
| N/A | 10.127.0.64:445 | tcp | |
| N/A | 10.127.0.65:445 | tcp | |
| N/A | 10.127.0.66:445 | tcp | |
| N/A | 10.127.0.67:445 | tcp | |
| N/A | 10.127.0.68:445 | tcp | |
| N/A | 10.127.0.69:445 | tcp | |
| N/A | 10.127.0.70:445 | tcp | |
| N/A | 10.127.0.71:445 | tcp | |
| N/A | 10.127.0.72:445 | tcp | |
| N/A | 10.127.0.73:445 | tcp | |
| N/A | 10.127.0.74:445 | tcp | |
| N/A | 10.127.0.75:445 | tcp | |
| N/A | 10.127.0.76:445 | tcp | |
| N/A | 10.127.0.77:445 | tcp | |
| N/A | 10.127.0.78:445 | tcp | |
| N/A | 10.127.0.79:445 | tcp | |
| N/A | 10.127.0.80:445 | tcp | |
| N/A | 10.127.0.81:445 | tcp | |
| N/A | 10.127.0.82:445 | tcp | |
| N/A | 10.127.0.83:445 | tcp | |
| N/A | 10.127.0.84:445 | tcp | |
| N/A | 10.127.0.85:445 | tcp | |
| N/A | 10.127.0.86:445 | tcp | |
| N/A | 10.127.0.87:445 | tcp | |
| N/A | 10.127.0.88:445 | tcp | |
| N/A | 10.127.0.89:445 | tcp | |
| N/A | 10.127.0.90:445 | tcp | |
| N/A | 10.127.0.91:445 | tcp | |
| N/A | 10.127.0.92:445 | tcp | |
| N/A | 10.127.0.93:445 | tcp | |
| N/A | 10.127.0.94:445 | tcp | |
| N/A | 10.127.0.95:445 | tcp | |
| N/A | 10.127.0.96:445 | tcp | |
| N/A | 10.127.0.97:445 | tcp | |
| N/A | 10.127.0.98:445 | tcp | |
| N/A | 10.127.0.99:445 | tcp | |
| N/A | 10.127.0.100:445 | tcp | |
| N/A | 10.127.0.101:445 | tcp | |
| N/A | 10.127.0.102:445 | tcp | |
| N/A | 10.127.0.103:445 | tcp | |
| N/A | 10.127.0.104:445 | tcp | |
| N/A | 10.127.0.105:445 | tcp | |
| N/A | 10.127.0.106:445 | tcp | |
| N/A | 10.127.0.107:445 | tcp | |
| N/A | 10.127.0.108:445 | tcp | |
| N/A | 10.127.0.109:445 | tcp | |
| N/A | 10.127.0.110:445 | tcp | |
| N/A | 10.127.0.111:445 | tcp | |
| N/A | 10.127.0.112:445 | tcp | |
| N/A | 10.127.0.113:445 | tcp | |
| N/A | 10.127.0.114:445 | tcp | |
| N/A | 10.127.0.115:445 | tcp | |
| N/A | 10.127.0.116:445 | tcp | |
| N/A | 10.127.0.117:445 | tcp | |
| N/A | 10.127.0.118:445 | tcp | |
| N/A | 10.127.0.119:445 | tcp | |
| N/A | 10.127.0.120:445 | tcp | |
| N/A | 10.127.0.121:445 | tcp | |
| N/A | 10.127.0.122:445 | tcp | |
| N/A | 10.127.0.123:445 | tcp | |
| N/A | 10.127.0.124:445 | tcp | |
| N/A | 10.127.0.125:445 | tcp | |
| N/A | 10.127.0.126:445 | tcp | |
| N/A | 10.127.0.127:445 | tcp | |
| N/A | 10.127.0.128:445 | tcp | |
| N/A | 10.127.0.129:445 | tcp | |
| N/A | 10.127.0.130:445 | tcp | |
| N/A | 10.127.0.131:445 | tcp | |
| N/A | 10.127.0.132:445 | tcp | |
| N/A | 10.127.0.133:445 | tcp | |
| N/A | 10.127.0.134:445 | tcp | |
| N/A | 10.127.0.135:445 | tcp | |
| N/A | 10.127.0.136:445 | tcp | |
| N/A | 10.127.0.137:445 | tcp | |
| N/A | 10.127.0.138:445 | tcp | |
| N/A | 10.127.0.139:445 | tcp | |
| N/A | 10.127.0.140:445 | tcp | |
| N/A | 10.127.0.141:445 | tcp | |
| N/A | 10.127.0.142:445 | tcp | |
| N/A | 10.127.0.143:445 | tcp | |
| N/A | 10.127.0.144:445 | tcp | |
| N/A | 10.127.0.145:445 | tcp | |
| N/A | 10.127.0.146:445 | tcp | |
| N/A | 10.127.0.147:445 | tcp | |
| N/A | 10.127.0.148:445 | tcp | |
| N/A | 10.127.0.149:445 | tcp | |
| N/A | 10.127.0.150:445 | tcp | |
| N/A | 10.127.0.151:445 | tcp | |
| N/A | 10.127.0.152:445 | tcp | |
| N/A | 10.127.0.153:445 | tcp | |
| N/A | 10.127.0.154:445 | tcp | |
| N/A | 10.127.0.155:445 | tcp | |
| N/A | 10.127.0.156:445 | tcp | |
| N/A | 10.127.0.157:445 | tcp | |
| N/A | 10.127.0.158:445 | tcp | |
| N/A | 10.127.0.159:445 | tcp | |
| N/A | 10.127.0.160:445 | tcp | |
| N/A | 10.127.0.161:445 | tcp | |
| N/A | 10.127.0.162:445 | tcp | |
| N/A | 10.127.0.163:445 | tcp | |
| N/A | 10.127.0.164:445 | tcp | |
| N/A | 10.127.0.165:445 | tcp | |
| N/A | 10.127.0.166:445 | tcp | |
| N/A | 10.127.0.167:445 | tcp | |
| N/A | 10.127.0.168:445 | tcp | |
| N/A | 10.127.0.169:445 | tcp | |
| N/A | 10.127.0.170:445 | tcp | |
| N/A | 10.127.0.171:445 | tcp | |
| N/A | 10.127.0.172:445 | tcp | |
| N/A | 10.127.0.173:445 | tcp | |
| N/A | 10.127.0.174:445 | tcp | |
| N/A | 10.127.0.175:445 | tcp | |
| N/A | 10.127.0.176:445 | tcp | |
| N/A | 10.127.0.177:445 | tcp | |
| N/A | 10.127.0.178:445 | tcp | |
| N/A | 10.127.0.179:445 | tcp | |
| N/A | 10.127.0.180:445 | tcp | |
| N/A | 10.127.0.181:445 | tcp | |
| N/A | 10.127.0.182:445 | tcp | |
| N/A | 10.127.0.183:445 | tcp | |
| N/A | 10.127.0.184:445 | tcp | |
| N/A | 10.127.0.185:445 | tcp | |
| N/A | 10.127.0.186:445 | tcp | |
| N/A | 10.127.0.187:445 | tcp | |
| N/A | 10.127.0.188:445 | tcp | |
| N/A | 10.127.0.189:445 | tcp | |
| N/A | 10.127.0.190:445 | tcp | |
| N/A | 10.127.0.191:445 | tcp | |
| N/A | 10.127.0.192:445 | tcp | |
| N/A | 10.127.0.193:445 | tcp | |
| N/A | 10.127.0.194:445 | tcp | |
| N/A | 10.127.0.195:445 | tcp | |
| N/A | 10.127.0.196:445 | tcp | |
| N/A | 10.127.0.197:445 | tcp | |
| N/A | 10.127.0.198:445 | tcp | |
| N/A | 10.127.0.199:445 | tcp | |
| N/A | 10.127.0.200:445 | tcp | |
| N/A | 10.127.0.201:445 | tcp | |
| N/A | 10.127.0.202:445 | tcp | |
| N/A | 10.127.0.203:445 | tcp | |
| N/A | 10.127.0.204:445 | tcp | |
| N/A | 10.127.0.205:445 | tcp | |
| N/A | 10.127.0.206:445 | tcp | |
| N/A | 10.127.0.207:445 | tcp | |
| N/A | 10.127.0.208:445 | tcp | |
| N/A | 10.127.0.209:445 | tcp | |
| N/A | 10.127.0.210:445 | tcp | |
| N/A | 10.127.0.211:445 | tcp | |
| N/A | 10.127.0.212:445 | tcp | |
| N/A | 10.127.0.213:445 | tcp | |
| N/A | 10.127.0.214:445 | tcp | |
| N/A | 10.127.0.215:445 | tcp | |
| N/A | 10.127.0.216:445 | tcp | |
| N/A | 10.127.0.217:445 | tcp | |
| N/A | 10.127.0.218:445 | tcp | |
| N/A | 10.127.0.219:445 | tcp | |
| N/A | 10.127.0.220:445 | tcp | |
| N/A | 10.127.0.221:445 | tcp | |
| N/A | 10.127.0.222:445 | tcp | |
| N/A | 10.127.0.223:445 | tcp | |
| N/A | 10.127.0.224:445 | tcp | |
| N/A | 10.127.0.225:445 | tcp | |
| N/A | 10.127.0.226:445 | tcp | |
| N/A | 10.127.0.227:445 | tcp | |
| N/A | 10.127.0.228:445 | tcp | |
| N/A | 10.127.0.229:445 | tcp | |
| N/A | 10.127.0.230:445 | tcp | |
| N/A | 10.127.0.231:445 | tcp | |
| N/A | 10.127.0.232:445 | tcp | |
| N/A | 10.127.0.233:445 | tcp | |
| N/A | 10.127.0.234:445 | tcp | |
| N/A | 10.127.0.235:445 | tcp | |
| N/A | 10.127.0.236:445 | tcp | |
| N/A | 10.127.0.237:445 | tcp | |
| N/A | 10.127.0.238:445 | tcp | |
| N/A | 10.127.0.239:445 | tcp | |
| N/A | 10.127.0.240:445 | tcp | |
| N/A | 10.127.0.241:445 | tcp | |
| N/A | 10.127.0.242:445 | tcp | |
| N/A | 10.127.0.243:445 | tcp | |
| N/A | 10.127.0.244:445 | tcp | |
| N/A | 10.127.0.245:445 | tcp | |
| N/A | 10.127.0.246:445 | tcp | |
| N/A | 10.127.0.247:445 | tcp | |
| N/A | 10.127.0.248:445 | tcp | |
| N/A | 10.127.0.249:445 | tcp | |
| N/A | 10.127.0.250:445 | tcp | |
| N/A | 10.127.0.251:445 | tcp | |
| N/A | 10.127.0.252:445 | tcp | |
| N/A | 10.127.0.253:445 | tcp | |
| N/A | 10.127.0.254:445 | tcp | |
| N/A | 10.127.255.45:445 | tcp | |
| N/A | 10.127.255.0:445 | tcp | |
| N/A | 10.127.255.1:445 | tcp | |
| N/A | 10.127.255.2:445 | tcp | |
| N/A | 10.127.255.3:445 | tcp | |
| N/A | 10.127.255.4:445 | tcp | |
| N/A | 10.127.255.5:445 | tcp | |
| N/A | 10.127.255.6:445 | tcp | |
| N/A | 10.127.255.7:445 | tcp | |
| N/A | 10.127.255.8:445 | tcp | |
| N/A | 10.127.255.9:445 | tcp | |
| N/A | 10.127.255.10:445 | tcp | |
| N/A | 10.127.255.11:445 | tcp | |
| N/A | 10.127.255.12:445 | tcp | |
| N/A | 10.127.255.13:445 | tcp | |
| N/A | 10.127.255.14:445 | tcp | |
| N/A | 10.127.255.15:445 | tcp | |
| N/A | 10.127.255.16:445 | tcp | |
| N/A | 10.127.255.17:445 | tcp | |
| N/A | 10.127.255.18:445 | tcp | |
| N/A | 10.127.255.19:445 | tcp | |
| N/A | 10.127.255.20:445 | tcp | |
| N/A | 10.127.255.21:445 | tcp | |
| N/A | 10.127.255.22:445 | tcp | |
| N/A | 10.127.255.23:445 | tcp | |
| N/A | 10.127.255.24:445 | tcp | |
| N/A | 10.127.255.25:445 | tcp | |
| N/A | 10.127.255.26:445 | tcp | |
| N/A | 10.127.255.27:445 | tcp | |
| N/A | 10.127.255.28:445 | tcp | |
| N/A | 10.127.255.29:445 | tcp | |
| N/A | 10.127.255.30:445 | tcp | |
| N/A | 10.127.255.31:445 | tcp | |
| N/A | 10.127.255.32:445 | tcp | |
| N/A | 10.127.255.33:445 | tcp | |
| N/A | 10.127.255.34:445 | tcp | |
| N/A | 10.127.255.35:445 | tcp | |
| N/A | 10.127.255.36:445 | tcp | |
| N/A | 10.127.255.37:445 | tcp | |
| N/A | 10.127.255.38:445 | tcp | |
| N/A | 10.127.255.39:445 | tcp | |
| N/A | 10.127.255.40:445 | tcp | |
| N/A | 10.127.255.41:445 | tcp | |
| N/A | 10.127.255.42:445 | tcp | |
| N/A | 10.127.255.43:445 | tcp | |
| N/A | 10.127.255.44:445 | tcp | |
| N/A | 10.127.255.46:445 | tcp | |
| N/A | 10.127.255.47:445 | tcp | |
| N/A | 10.127.255.48:445 | tcp | |
| N/A | 10.127.255.49:445 | tcp | |
| N/A | 10.127.255.50:445 | tcp | |
| N/A | 10.127.255.51:445 | tcp | |
| N/A | 10.127.255.52:445 | tcp | |
| N/A | 10.127.255.53:445 | tcp | |
| N/A | 10.127.255.54:445 | tcp | |
| N/A | 10.127.255.55:445 | tcp | |
| N/A | 10.127.255.56:445 | tcp | |
| N/A | 10.127.255.57:445 | tcp | |
| N/A | 10.127.255.58:445 | tcp | |
| N/A | 10.127.255.59:445 | tcp | |
| N/A | 10.127.255.60:445 | tcp | |
| N/A | 10.127.255.61:445 | tcp | |
| N/A | 10.127.255.62:445 | tcp | |
| N/A | 10.127.255.63:445 | tcp | |
| N/A | 10.127.255.64:445 | tcp | |
| N/A | 10.127.255.65:445 | tcp | |
| N/A | 10.127.255.66:445 | tcp | |
| N/A | 10.127.255.67:445 | tcp | |
| N/A | 10.127.255.68:445 | tcp | |
| N/A | 10.127.255.69:445 | tcp | |
| N/A | 10.127.255.70:445 | tcp | |
| N/A | 10.127.255.71:445 | tcp | |
| N/A | 10.127.255.72:445 | tcp | |
| N/A | 10.127.255.73:445 | tcp | |
| N/A | 10.127.255.74:445 | tcp | |
| N/A | 10.127.255.75:445 | tcp | |
| N/A | 10.127.255.76:445 | tcp | |
| N/A | 10.127.255.77:445 | tcp | |
| N/A | 10.127.255.78:445 | tcp | |
| N/A | 10.127.255.79:445 | tcp | |
| N/A | 10.127.255.80:445 | tcp | |
| N/A | 10.127.255.81:445 | tcp | |
| N/A | 10.127.255.82:445 | tcp | |
| N/A | 10.127.255.83:445 | tcp | |
| N/A | 10.127.255.84:445 | tcp | |
| N/A | 10.127.255.85:445 | tcp | |
| N/A | 10.127.255.86:445 | tcp | |
| N/A | 10.127.255.87:445 | tcp | |
| N/A | 10.127.255.88:445 | tcp | |
| N/A | 10.127.255.89:445 | tcp | |
| N/A | 10.127.255.90:445 | tcp | |
| N/A | 10.127.255.91:445 | tcp | |
| N/A | 10.127.255.92:445 | tcp | |
| N/A | 10.127.255.93:445 | tcp | |
| N/A | 10.127.255.94:445 | tcp | |
| N/A | 10.127.255.95:445 | tcp | |
| N/A | 10.127.255.96:445 | tcp | |
| N/A | 10.127.255.97:445 | tcp | |
| N/A | 10.127.255.98:445 | tcp | |
| N/A | 10.127.255.99:445 | tcp | |
| N/A | 10.127.255.100:445 | tcp | |
| N/A | 10.127.255.101:445 | tcp | |
| N/A | 10.127.255.102:445 | tcp | |
| N/A | 10.127.255.103:445 | tcp | |
| N/A | 10.127.255.104:445 | tcp | |
| N/A | 10.127.255.105:445 | tcp | |
| N/A | 10.127.255.106:445 | tcp | |
| N/A | 10.127.255.107:445 | tcp | |
| N/A | 10.127.255.108:445 | tcp | |
| N/A | 10.127.255.109:445 | tcp | |
| N/A | 10.127.255.130:445 | tcp | |
| N/A | 10.127.255.131:445 | tcp | |
| N/A | 10.127.255.110:445 | tcp | |
| N/A | 10.127.255.129:445 | tcp | |
| N/A | 10.127.255.123:445 | tcp | |
| N/A | 10.127.255.125:445 | tcp | |
| N/A | 10.127.255.114:445 | tcp | |
| N/A | 10.127.255.119:445 | tcp | |
| N/A | 10.127.255.127:445 | tcp | |
| N/A | 10.127.255.113:445 | tcp | |
| N/A | 10.127.255.116:445 | tcp | |
| N/A | 10.127.255.111:445 | tcp | |
| N/A | 10.127.255.121:445 | tcp | |
| N/A | 10.127.255.112:445 | tcp | |
| N/A | 10.127.255.128:445 | tcp | |
| N/A | 10.127.255.117:445 | tcp | |
| N/A | 10.127.255.118:445 | tcp | |
| N/A | 10.127.255.120:445 | tcp | |
| N/A | 10.127.255.122:445 | tcp | |
| N/A | 10.127.255.115:445 | tcp | |
| N/A | 10.127.255.126:445 | tcp | |
| N/A | 10.127.255.124:445 | tcp | |
| N/A | 10.127.255.158:445 | tcp | |
| N/A | 10.127.255.160:445 | tcp | |
| N/A | 10.127.255.183:445 | tcp | |
| N/A | 10.127.255.132:445 | tcp | |
| N/A | 10.127.255.154:445 | tcp | |
| N/A | 10.127.255.168:445 | tcp | |
| N/A | 10.127.255.177:445 | tcp | |
| N/A | 10.127.255.181:445 | tcp | |
| N/A | 10.127.255.141:445 | tcp | |
| N/A | 10.127.255.155:445 | tcp | |
| N/A | 10.127.255.172:445 | tcp | |
| N/A | 10.127.255.166:445 | tcp | |
| N/A | 10.127.255.179:445 | tcp | |
| N/A | 10.127.255.195:445 | tcp | |
| N/A | 10.127.255.133:445 | tcp | |
| N/A | 10.127.255.134:445 | tcp | |
| N/A | 10.127.255.135:445 | tcp | |
| N/A | 10.127.255.136:445 | tcp | |
| N/A | 10.127.255.137:445 | tcp | |
| N/A | 10.127.255.138:445 | tcp | |
| N/A | 10.127.255.139:445 | tcp | |
| N/A | 10.127.255.140:445 | tcp | |
| N/A | 10.127.255.142:445 | tcp | |
| N/A | 10.127.255.143:445 | tcp | |
| N/A | 10.127.255.144:445 | tcp | |
| N/A | 10.127.255.145:445 | tcp | |
| N/A | 10.127.255.146:445 | tcp | |
| N/A | 10.127.255.147:445 | tcp | |
| N/A | 10.127.255.148:445 | tcp | |
| N/A | 10.127.255.149:445 | tcp | |
| N/A | 10.127.255.150:445 | tcp | |
| N/A | 10.127.255.151:445 | tcp | |
| N/A | 10.127.255.152:445 | tcp | |
| N/A | 10.127.255.153:445 | tcp | |
| N/A | 10.127.255.156:445 | tcp | |
| N/A | 10.127.255.157:445 | tcp | |
| N/A | 10.127.255.159:445 | tcp | |
| N/A | 10.127.255.161:445 | tcp | |
| N/A | 10.127.255.162:445 | tcp | |
| N/A | 10.127.255.163:445 | tcp | |
| N/A | 10.127.255.164:445 | tcp | |
| N/A | 10.127.255.165:445 | tcp | |
| N/A | 10.127.255.167:445 | tcp | |
| N/A | 10.127.255.169:445 | tcp | |
| N/A | 10.127.255.170:445 | tcp | |
| N/A | 10.127.255.171:445 | tcp | |
| N/A | 10.127.255.173:445 | tcp | |
| N/A | 10.127.255.174:445 | tcp | |
| N/A | 10.127.255.175:445 | tcp | |
| N/A | 10.127.255.176:445 | tcp | |
| N/A | 10.127.255.178:445 | tcp | |
| N/A | 10.127.255.180:445 | tcp | |
| N/A | 10.127.255.182:445 | tcp | |
| N/A | 10.127.255.184:445 | tcp | |
| N/A | 10.127.255.185:445 | tcp | |
| N/A | 10.127.255.186:445 | tcp | |
| N/A | 10.127.255.187:445 | tcp | |
| N/A | 10.127.255.188:445 | tcp | |
| N/A | 10.127.255.189:445 | tcp | |
| N/A | 10.127.255.190:445 | tcp | |
| N/A | 10.127.255.191:445 | tcp | |
| N/A | 10.127.255.192:445 | tcp | |
| N/A | 10.127.255.193:445 | tcp | |
| N/A | 10.127.255.194:445 | tcp | |
| N/A | 10.127.255.196:445 | tcp | |
| N/A | 10.127.255.197:445 | tcp | |
| N/A | 10.127.255.198:445 | tcp | |
| N/A | 10.127.255.199:445 | tcp | |
| N/A | 10.127.255.200:445 | tcp | |
| N/A | 10.127.255.201:445 | tcp | |
| N/A | 10.127.255.202:445 | tcp | |
| N/A | 10.127.255.203:445 | tcp | |
| N/A | 10.127.255.204:445 | tcp | |
| N/A | 10.127.255.205:445 | tcp | |
| N/A | 10.127.255.206:445 | tcp | |
| N/A | 10.127.255.207:445 | tcp | |
| N/A | 10.127.255.208:445 | tcp | |
| N/A | 10.127.255.209:445 | tcp | |
| N/A | 10.127.255.210:445 | tcp | |
| N/A | 10.127.255.211:445 | tcp | |
| N/A | 10.127.255.212:445 | tcp | |
| N/A | 10.127.255.213:445 | tcp | |
| N/A | 10.127.255.214:445 | tcp | |
| N/A | 10.127.255.215:445 | tcp | |
| N/A | 10.127.255.216:445 | tcp | |
| N/A | 10.127.255.217:445 | tcp | |
| N/A | 10.127.255.218:445 | tcp | |
| N/A | 10.127.255.219:445 | tcp | |
| N/A | 10.127.255.220:445 | tcp | |
| N/A | 10.127.255.221:445 | tcp | |
| N/A | 10.127.255.222:445 | tcp | |
| N/A | 10.127.255.223:445 | tcp | |
| N/A | 10.127.255.224:445 | tcp | |
| N/A | 10.127.255.225:445 | tcp | |
| N/A | 10.127.255.226:445 | tcp | |
| N/A | 10.127.255.227:445 | tcp | |
| N/A | 10.127.255.228:445 | tcp | |
| N/A | 10.127.255.229:445 | tcp | |
| N/A | 10.127.255.230:445 | tcp | |
| N/A | 10.127.255.231:445 | tcp | |
| N/A | 10.127.255.232:445 | tcp | |
| N/A | 10.127.255.233:445 | tcp | |
| N/A | 10.127.255.234:445 | tcp | |
| N/A | 10.127.255.235:445 | tcp | |
| N/A | 10.127.255.236:445 | tcp | |
| N/A | 10.127.255.237:445 | tcp | |
| N/A | 10.127.255.238:445 | tcp | |
| N/A | 10.127.255.239:445 | tcp | |
| N/A | 10.127.255.240:445 | tcp | |
| N/A | 10.127.255.241:445 | tcp | |
| N/A | 10.127.255.242:445 | tcp | |
| N/A | 10.127.255.243:445 | tcp | |
| N/A | 10.127.255.244:445 | tcp | |
| N/A | 10.127.255.245:445 | tcp | |
| N/A | 10.127.255.246:445 | tcp | |
| N/A | 10.127.255.247:445 | tcp | |
| N/A | 10.127.255.248:445 | tcp | |
| N/A | 10.127.255.249:445 | tcp | |
| N/A | 10.127.255.250:445 | tcp | |
| N/A | 10.127.255.251:445 | tcp | |
| N/A | 10.127.255.252:445 | tcp | |
| N/A | 10.127.255.253:445 | tcp | |
| N/A | 10.127.255.254:445 | tcp |
Files
memory/1204-54-0x000007FEFBAF1000-0x000007FEFBAF3000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2022-03-01 21:04
Reported
2022-03-01 21:09
Platform
win10v2004-en-20220112
Max time kernel
137s
Max time network
116s
Command Line
Signatures
Conti Ransomware
Modifies extensions of user files
| Description | Indicator | Process | Target |
| File renamed | C:\Users\Admin\Pictures\ImportPublish.crw => C:\Users\Admin\Pictures\ImportPublish.crw.B0fWd | C:\Windows\system32\regsvr32.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\RestoreEnter.crw => C:\Users\Admin\Pictures\RestoreEnter.crw.B0fWd | C:\Windows\system32\regsvr32.exe | N/A |
Drops startup file
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-790714498-1549421491-1643397139-1000\Control Panel\Desktop\Wallpaper = "C:\\ProgramData\\conti.png" | C:\Windows\system32\regsvr32.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.contrast-black_scale-180.png | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\my\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\uz\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\core\com-sun-tools-visualvm-modules-startup.jar | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\eclipse.inf | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\tools\themes\dark\x_2x.png | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoVL_MAK-ppd.xrm-ms | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\nashorn.jar | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\INDUST\THMBNAIL.PNG | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription3-ppd.xrm-ms | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdVL_MAK-ul-oob.xrm-ms | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_replace_signer_18.svg | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\images\s_radio_unselected_18.svg | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\js\plugins\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\sl-sl\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\themes\dark\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\vstoee100.tlb | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\core\locale\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Adobe\Products.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Wordcnvpxy.cnv | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\th-TH\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\js\plugin.js | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\email\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\TextConv\en-US\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\VisualElements\Logo.png.DATA | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\EE65D8FF-D437-4FAB-B3BC-C1431E48AD1A\root\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-compat_ja.jar | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\NEWS.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART3.BDR | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\js\nls\zh-cn\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7.png | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\bg_patterns_header.png | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherVL_KMS_Client-ul.xrm-ms | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\LISTS\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_listview_selected-hover.svg | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\js\nls\ui-strings.js | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\LTSHYPH_ES.LEX | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-multiview.jar | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\images\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\nls\tr-tr\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sample-files\js\nls\cs-cz\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt-br.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogo.scale-140.png | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_ja.jar | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-recent-files\js\nls\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\fi-fi\ui-strings.js | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\nl-nl\ui-strings.js | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\javafx.properties | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pt-br_get.svg | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\tools\@1x\[email protected] | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface_3.10.1.v20140813-1009.jar | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_Retail-pl.xrm-ms | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\tools\circle_2x.png | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProVL_KMS_Client-ppd.xrm-ms | C:\Windows\system32\regsvr32.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ECLIPSE\readme.txt | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_link_18.svg | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019VL_KMS_Client_AE-ul.xrm-ms | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_Grace-ul-oob.xrm-ms | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogoSmall.contrast-white_scale-140.png | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\access-bridge-64.jar | C:\Windows\system32\regsvr32.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-common.xml | C:\Windows\system32\regsvr32.exe | N/A |
Runs net.exe
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\bce72f157baf8064117c80e67998acc83fd27f1de64e0c9a68ad5c9209bc2bd2.dll
C:\Windows\system32\cmd.exe
cmd.exe /c net stop "SQLsafe Backup Service" /y
C:\Windows\system32\net.exe
net stop "SQLsafe Backup Service" /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop "SQLsafe Backup Service" /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop "SQLsafe Filter Service" /y
C:\Windows\system32\net.exe
net stop "SQLsafe Filter Service" /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop "SQLsafe Filter Service" /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSOLAP$SQL_2008 /y
C:\Windows\system32\net.exe
net stop MSOLAP$SQL_2008 /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSOLAP$SQL_2008 /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$BKUPEXEC /y
C:\Windows\system32\net.exe
net stop MSSQL$BKUPEXEC /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$BKUPEXEC /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$ECWDB2 /y
C:\Windows\system32\net.exe
net stop MSSQL$ECWDB2 /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$ECWDB2 /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$PRACTICEMGT /y
C:\Windows\system32\net.exe
net stop MSSQL$PRACTICEMGT /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$PRACTICEMGT /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$PRACTTICEBGC /y
C:\Windows\system32\net.exe
net stop MSSQL$PRACTTICEBGC /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$PRACTTICEBGC /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$PROFXENGAGEMENT /y
C:\Windows\system32\net.exe
net stop MSSQL$PROFXENGAGEMENT /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$PROFXENGAGEMENT /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$SBSMONITORING /y
C:\Windows\system32\net.exe
net stop MSSQL$SBSMONITORING /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$SBSMONITORING /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$SHAREPOINT /y
C:\Windows\system32\net.exe
net stop MSSQL$SHAREPOINT /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$SHAREPOINT /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$SQL_2008 /y
C:\Windows\system32\net.exe
net stop MSSQL$SQL_2008 /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$SQL_2008 /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$SYSTEM_BGC /y
C:\Windows\system32\net.exe
net stop MSSQL$SYSTEM_BGC /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$SYSTEM_BGC /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$TPS /y
C:\Windows\system32\net.exe
net stop MSSQL$TPS /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$TPS /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$TPSAMA /y
C:\Windows\system32\net.exe
net stop MSSQL$TPSAMA /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$TPSAMA /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$VEEAMSQL2008R2 /y
C:\Windows\system32\net.exe
net stop MSSQL$VEEAMSQL2008R2 /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$VEEAMSQL2008R2 /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQL$VEEAMSQL2012 /y
C:\Windows\system32\net.exe
net stop MSSQL$VEEAMSQL2012 /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQL$VEEAMSQL2012 /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop MSSQLSERVER /y
C:\Windows\system32\net.exe
net stop MSSQLSERVER /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop MSSQLSERVER /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop SQLBrowser /y
C:\Windows\system32\net.exe
net stop SQLBrowser /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop SQLBrowser /y
C:\Windows\system32\cmd.exe
cmd.exe /c net stop SQLWriter /y
C:\Windows\system32\net.exe
net stop SQLWriter /y
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop SQLWriter /y
Network
| Country | Destination | Domain | Proto |
| NL | 104.80.224.57:443 | tcp | |
| N/A | 10.127.0.1:445 | tcp | |
| N/A | 10.127.0.55:445 | tcp | |
| N/A | 10.127.0.123:445 | tcp | |
| N/A | 10.127.0.59:445 | tcp | |
| N/A | 10.127.0.28:445 | tcp | |
| N/A | 10.127.0.61:445 | tcp | |
| N/A | 10.127.0.27:445 | tcp | |
| N/A | 10.127.0.62:445 | tcp | |
| N/A | 10.127.0.43:445 | tcp | |
| N/A | 10.127.0.48:445 | tcp | |
| N/A | 10.127.0.5:445 | tcp | |
| N/A | 10.127.0.10:445 | tcp | |
| N/A | 10.127.0.54:445 | tcp | |
| N/A | 10.127.0.42:445 | tcp | |
| N/A | 10.127.0.45:445 | tcp | |
| N/A | 10.127.0.39:445 | tcp | |
| N/A | 10.127.0.51:445 | tcp | |
| N/A | 10.127.0.15:445 | tcp | |
| N/A | 10.127.0.50:445 | tcp | |
| N/A | 10.127.0.19:445 | tcp | |
| N/A | 10.127.0.21:445 | tcp | |
| N/A | 10.127.0.17:445 | tcp | |
| N/A | 10.127.0.33:445 | tcp | |
| N/A | 10.127.0.36:445 | tcp | |
| N/A | 10.127.0.16:445 | tcp | |
| N/A | 10.127.0.66:445 | tcp | |
| N/A | 10.127.0.63:445 | tcp | |
| N/A | 10.127.0.29:445 | tcp | |
| N/A | 10.127.0.37:445 | tcp | |
| N/A | 10.127.0.14:445 | tcp | |
| N/A | 10.127.0.7:445 | tcp | |
| N/A | 10.127.0.26:445 | tcp | |
| N/A | 10.127.0.18:445 | tcp | |
| N/A | 10.127.0.23:445 | tcp | |
| N/A | 10.127.0.49:445 | tcp | |
| N/A | 10.127.0.9:445 | tcp | |
| N/A | 10.127.0.13:445 | tcp | |
| N/A | 10.127.0.34:445 | tcp | |
| N/A | 10.127.0.20:445 | tcp | |
| N/A | 10.127.0.30:445 | tcp | |
| N/A | 10.127.0.65:445 | tcp | |
| N/A | 10.127.0.22:445 | tcp | |
| N/A | 10.127.0.60:445 | tcp | |
| N/A | 10.127.0.11:445 | tcp | |
| N/A | 10.127.0.41:445 | tcp | |
| N/A | 10.127.0.6:445 | tcp | |
| N/A | 10.127.0.8:445 | tcp | |
| N/A | 10.127.0.53:445 | tcp | |
| N/A | 10.127.0.52:445 | tcp | |
| N/A | 10.127.0.40:445 | tcp | |
| N/A | 10.127.0.12:445 | tcp | |
| N/A | 10.127.0.38:445 | tcp | |
| N/A | 10.127.0.25:445 | tcp | |
| N/A | 10.127.0.2:445 | tcp | |
| N/A | 10.127.0.44:445 | tcp | |
| N/A | 10.127.0.193:445 | tcp | |
| N/A | 10.127.0.47:445 | tcp | |
| N/A | 10.127.0.57:445 | tcp | |
| N/A | 10.127.0.0:445 | tcp | |
| N/A | 10.127.0.3:445 | tcp | |
| N/A | 10.127.0.4:445 | tcp | |
| N/A | 10.127.0.24:445 | tcp | |
| N/A | 10.127.0.31:445 | tcp | |
| N/A | 10.127.0.32:445 | tcp | |
| N/A | 10.127.0.35:445 | tcp | |
| N/A | 10.127.0.46:445 | tcp | |
| N/A | 10.127.0.56:445 | tcp | |
| N/A | 10.127.0.58:445 | tcp | |
| N/A | 10.127.0.64:445 | tcp | |
| N/A | 10.127.0.67:445 | tcp | |
| N/A | 10.127.0.68:445 | tcp | |
| N/A | 10.127.0.69:445 | tcp | |
| N/A | 10.127.0.70:445 | tcp | |
| N/A | 10.127.0.71:445 | tcp | |
| N/A | 10.127.0.72:445 | tcp | |
| N/A | 10.127.0.73:445 | tcp | |
| N/A | 10.127.0.74:445 | tcp | |
| N/A | 10.127.0.75:445 | tcp | |
| N/A | 10.127.0.76:445 | tcp | |
| N/A | 10.127.0.77:445 | tcp | |
| N/A | 10.127.0.78:445 | tcp | |
| N/A | 10.127.0.79:445 | tcp | |
| N/A | 10.127.0.80:445 | tcp | |
| N/A | 10.127.0.81:445 | tcp | |
| N/A | 10.127.0.82:445 | tcp | |
| N/A | 10.127.0.83:445 | tcp | |
| N/A | 10.127.0.84:445 | tcp | |
| N/A | 10.127.0.85:445 | tcp | |
| N/A | 10.127.0.86:445 | tcp | |
| N/A | 10.127.0.87:445 | tcp | |
| N/A | 10.127.0.88:445 | tcp | |
| N/A | 10.127.0.89:445 | tcp | |
| N/A | 10.127.0.90:445 | tcp | |
| N/A | 10.127.0.91:445 | tcp | |
| N/A | 10.127.0.92:445 | tcp | |
| N/A | 10.127.0.93:445 | tcp | |
| N/A | 10.127.0.94:445 | tcp | |
| N/A | 10.127.0.95:445 | tcp | |
| N/A | 10.127.0.96:445 | tcp | |
| N/A | 10.127.0.97:445 | tcp | |
| N/A | 10.127.0.98:445 | tcp | |
| N/A | 10.127.0.99:445 | tcp | |
| N/A | 10.127.0.100:445 | tcp | |
| N/A | 10.127.0.101:445 | tcp | |
| N/A | 10.127.0.102:445 | tcp | |
| N/A | 10.127.0.103:445 | tcp | |
| N/A | 10.127.0.104:445 | tcp | |
| N/A | 10.127.0.105:445 | tcp | |
| N/A | 10.127.0.106:445 | tcp | |
| N/A | 10.127.0.107:445 | tcp | |
| N/A | 10.127.0.108:445 | tcp | |
| N/A | 10.127.0.109:445 | tcp | |
| N/A | 10.127.0.110:445 | tcp | |
| N/A | 10.127.0.111:445 | tcp | |
| N/A | 10.127.0.112:445 | tcp | |
| N/A | 10.127.0.113:445 | tcp | |
| N/A | 10.127.0.114:445 | tcp | |
| N/A | 10.127.0.115:445 | tcp | |
| N/A | 10.127.0.116:445 | tcp | |
| N/A | 10.127.0.117:445 | tcp | |
| N/A | 10.127.0.118:445 | tcp | |
| N/A | 10.127.0.119:445 | tcp | |
| N/A | 10.127.0.120:445 | tcp | |
| N/A | 10.127.0.121:445 | tcp | |
| N/A | 10.127.0.122:445 | tcp | |
| N/A | 10.127.0.124:445 | tcp | |
| N/A | 10.127.0.125:445 | tcp | |
| N/A | 10.127.0.126:445 | tcp | |
| N/A | 10.127.0.127:445 | tcp | |
| N/A | 10.127.0.128:445 | tcp | |
| N/A | 10.127.0.129:445 | tcp | |
| N/A | 10.127.0.130:445 | tcp | |
| N/A | 10.127.0.131:445 | tcp | |
| N/A | 10.127.0.132:445 | tcp | |
| N/A | 10.127.0.133:445 | tcp | |
| N/A | 10.127.0.134:445 | tcp | |
| N/A | 10.127.0.135:445 | tcp | |
| N/A | 10.127.0.136:445 | tcp | |
| N/A | 10.127.0.137:445 | tcp | |
| N/A | 10.127.0.138:445 | tcp | |
| N/A | 10.127.0.139:445 | tcp | |
| N/A | 10.127.0.140:445 | tcp | |
| N/A | 10.127.0.141:445 | tcp | |
| N/A | 10.127.0.142:445 | tcp | |
| N/A | 10.127.0.143:445 | tcp | |
| N/A | 10.127.0.144:445 | tcp | |
| N/A | 10.127.0.145:445 | tcp | |
| N/A | 10.127.0.146:445 | tcp | |
| N/A | 10.127.0.147:445 | tcp | |
| N/A | 10.127.0.148:445 | tcp | |
| N/A | 10.127.0.149:445 | tcp | |
| N/A | 10.127.0.150:445 | tcp | |
| N/A | 10.127.0.151:445 | tcp | |
| N/A | 10.127.0.152:445 | tcp | |
| N/A | 10.127.0.153:445 | tcp | |
| N/A | 10.127.0.154:445 | tcp | |
| N/A | 10.127.0.155:445 | tcp | |
| N/A | 10.127.0.156:445 | tcp | |
| N/A | 10.127.0.157:445 | tcp | |
| N/A | 10.127.0.158:445 | tcp | |
| N/A | 10.127.0.159:445 | tcp | |
| N/A | 10.127.0.160:445 | tcp | |
| N/A | 10.127.0.161:445 | tcp | |
| N/A | 10.127.0.162:445 | tcp | |
| N/A | 10.127.0.163:445 | tcp | |
| N/A | 10.127.0.164:445 | tcp | |
| N/A | 10.127.0.165:445 | tcp | |
| N/A | 10.127.0.166:445 | tcp | |
| N/A | 10.127.0.167:445 | tcp | |
| N/A | 10.127.0.168:445 | tcp | |
| N/A | 10.127.0.169:445 | tcp | |
| N/A | 10.127.0.170:445 | tcp | |
| N/A | 10.127.0.171:445 | tcp | |
| N/A | 10.127.0.172:445 | tcp | |
| N/A | 10.127.0.173:445 | tcp | |
| N/A | 10.127.0.174:445 | tcp | |
| N/A | 10.127.0.175:445 | tcp | |
| N/A | 10.127.0.176:445 | tcp | |
| N/A | 10.127.0.177:445 | tcp | |
| N/A | 10.127.0.178:445 | tcp | |
| N/A | 10.127.0.179:445 | tcp | |
| N/A | 10.127.0.180:445 | tcp | |
| N/A | 10.127.0.181:445 | tcp | |
| N/A | 10.127.0.182:445 | tcp | |
| N/A | 10.127.0.183:445 | tcp | |
| N/A | 10.127.0.184:445 | tcp | |
| N/A | 10.127.0.185:445 | tcp | |
| N/A | 10.127.0.186:445 | tcp | |
| N/A | 10.127.0.187:445 | tcp | |
| N/A | 10.127.0.188:445 | tcp | |
| N/A | 10.127.0.189:445 | tcp | |
| N/A | 10.127.0.190:445 | tcp | |
| N/A | 10.127.0.191:445 | tcp | |
| N/A | 10.127.0.192:445 | tcp | |
| N/A | 10.127.0.194:445 | tcp | |
| N/A | 10.127.0.195:445 | tcp | |
| N/A | 10.127.0.196:445 | tcp | |
| N/A | 10.127.0.197:445 | tcp | |
| N/A | 10.127.0.198:445 | tcp | |
| N/A | 10.127.0.199:445 | tcp | |
| N/A | 10.127.0.200:445 | tcp | |
| N/A | 10.127.0.201:445 | tcp | |
| N/A | 10.127.0.202:445 | tcp | |
| N/A | 10.127.0.203:445 | tcp | |
| N/A | 10.127.0.204:445 | tcp | |
| N/A | 10.127.0.205:445 | tcp | |
| N/A | 10.127.0.206:445 | tcp | |
| N/A | 10.127.0.207:445 | tcp | |
| N/A | 10.127.0.208:445 | tcp | |
| N/A | 10.127.0.209:445 | tcp | |
| N/A | 10.127.0.210:445 | tcp | |
| N/A | 10.127.0.211:445 | tcp | |
| N/A | 10.127.0.212:445 | tcp | |
| N/A | 10.127.0.213:445 | tcp | |
| N/A | 10.127.0.214:445 | tcp | |
| N/A | 10.127.0.215:445 | tcp | |
| N/A | 10.127.0.216:445 | tcp | |
| N/A | 10.127.0.217:445 | tcp | |
| N/A | 10.127.0.218:445 | tcp | |
| N/A | 10.127.0.219:445 | tcp | |
| N/A | 10.127.0.220:445 | tcp | |
| N/A | 10.127.0.221:445 | tcp | |
| N/A | 10.127.0.222:445 | tcp | |
| N/A | 10.127.0.223:445 | tcp | |
| N/A | 10.127.0.224:445 | tcp | |
| N/A | 10.127.0.225:445 | tcp | |
| N/A | 10.127.0.226:445 | tcp | |
| N/A | 10.127.0.227:445 | tcp | |
| N/A | 10.127.0.228:445 | tcp | |
| N/A | 10.127.0.229:445 | tcp | |
| N/A | 10.127.0.230:445 | tcp | |
| N/A | 10.127.0.231:445 | tcp | |
| N/A | 10.127.0.232:445 | tcp | |
| N/A | 10.127.0.233:445 | tcp | |
| N/A | 10.127.0.234:445 | tcp | |
| N/A | 10.127.0.235:445 | tcp | |
| N/A | 10.127.0.236:445 | tcp | |
| N/A | 10.127.0.237:445 | tcp | |
| N/A | 10.127.0.238:445 | tcp | |
| N/A | 10.127.0.239:445 | tcp | |
| N/A | 10.127.0.240:445 | tcp | |
| N/A | 10.127.0.241:445 | tcp | |
| N/A | 10.127.0.242:445 | tcp | |
| N/A | 10.127.0.243:445 | tcp | |
| N/A | 10.127.0.244:445 | tcp | |
| N/A | 10.127.0.245:445 | tcp | |
| N/A | 10.127.0.246:445 | tcp | |
| N/A | 10.127.0.247:445 | tcp | |
| N/A | 10.127.0.248:445 | tcp | |
| N/A | 10.127.0.249:445 | tcp | |
| N/A | 10.127.0.250:445 | tcp | |
| N/A | 10.127.0.251:445 | tcp | |
| N/A | 10.127.0.252:445 | tcp | |
| N/A | 10.127.0.253:445 | tcp | |
| N/A | 10.127.0.254:445 | tcp | |
| US | 8.8.8.8:53 | geo.prod.do.dsp.mp.microsoft.com | udp |
| IE | 51.104.167.48:443 | geo.prod.do.dsp.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | kv601.prod.do.dsp.mp.microsoft.com | udp |
| NL | 104.74.226.34:443 | kv601.prod.do.dsp.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | cp601.prod.do.dsp.mp.microsoft.com | udp |
| NL | 104.74.226.34:443 | cp601.prod.do.dsp.mp.microsoft.com | tcp |
| NL | 104.74.226.34:443 | cp601.prod.do.dsp.mp.microsoft.com | tcp |
| US | 204.79.197.200:443 | tcp | |
| US | 204.79.197.200:443 | tcp | |
| N/A | 10.127.255.59:445 | tcp | |
| N/A | 10.127.255.33:445 | tcp | |
| N/A | 10.127.255.10:445 | tcp | |
| N/A | 10.127.255.23:445 | tcp | |
| N/A | 10.127.255.18:445 | tcp | |
| N/A | 10.127.255.25:445 | tcp | |
| N/A | 10.127.255.28:445 | tcp | |
| N/A | 10.127.255.22:445 | tcp | |
| N/A | 10.127.255.2:445 | tcp | |
| N/A | 10.127.255.20:445 | tcp | |
| N/A | 10.127.255.52:445 | tcp | |
| N/A | 10.127.255.11:445 | tcp | |
| N/A | 10.127.255.58:445 | tcp | |
| N/A | 10.127.255.46:445 | tcp | |
| N/A | 10.127.255.50:445 | tcp | |
| N/A | 10.127.255.8:445 | tcp | |
| N/A | 10.127.255.32:445 | tcp | |
| N/A | 10.127.255.61:445 | tcp | |
| N/A | 10.127.255.24:445 | tcp | |
| N/A | 10.127.255.39:445 | tcp | |
| N/A | 10.127.255.1:445 | tcp | |
| N/A | 10.127.255.60:445 | tcp | |
| N/A | 10.127.255.19:445 | tcp | |
| N/A | 10.127.255.5:445 | tcp | |
| N/A | 10.127.255.26:445 | tcp | |
| N/A | 10.127.255.63:445 | tcp | |
| N/A | 10.127.255.21:445 | tcp | |
| N/A | 10.127.255.56:445 | tcp | |
| N/A | 10.127.255.3:445 | tcp | |
| N/A | 10.127.255.7:445 | tcp | |
| N/A | 10.127.255.145:445 | tcp | |
| N/A | 10.127.255.9:445 | tcp | |
| N/A | 10.127.255.42:445 | tcp | |
| N/A | 10.127.255.57:445 | tcp | |
| N/A | 10.127.255.17:445 | tcp | |
| N/A | 10.127.255.15:445 | tcp | |
| N/A | 10.127.255.48:445 | tcp | |
| N/A | 10.127.255.38:445 | tcp | |
| N/A | 10.127.255.53:445 | tcp | |
| N/A | 10.127.255.0:445 | tcp | |
| N/A | 10.127.255.47:445 | tcp | |
| N/A | 10.127.255.14:445 | tcp | |
| N/A | 10.127.255.45:445 | tcp | |
| N/A | 10.127.255.30:445 | tcp | |
| N/A | 10.127.255.55:445 | tcp | |
| N/A | 10.127.255.64:445 | tcp | |
| N/A | 10.127.255.206:445 | tcp | |
| N/A | 10.127.255.40:445 | tcp | |
| N/A | 10.127.255.27:445 | tcp | |
| N/A | 10.127.255.41:445 | tcp | |
| N/A | 10.127.255.49:445 | tcp | |
| N/A | 10.127.255.37:445 | tcp | |
| N/A | 10.127.255.4:445 | tcp | |
| N/A | 10.127.255.31:445 | tcp | |
| N/A | 10.127.255.36:445 | tcp | |
| N/A | 10.127.255.16:445 | tcp | |
| N/A | 10.127.255.43:445 | tcp | |
| N/A | 10.127.255.12:445 | tcp | |
| N/A | 10.127.255.34:445 | tcp | |
| N/A | 10.127.255.44:445 | tcp | |
| N/A | 10.127.255.62:445 | tcp | |
| N/A | 10.127.255.13:445 | tcp | |
| N/A | 10.127.255.54:445 | tcp | |
| N/A | 10.127.255.29:445 | tcp | |
| N/A | 10.127.255.6:445 | tcp | |
| N/A | 10.127.255.51:445 | tcp | |
| N/A | 10.127.255.35:445 | tcp | |
| N/A | 10.127.255.105:445 | tcp | |
| N/A | 10.127.255.126:445 | tcp | |
| N/A | 10.127.255.79:445 | tcp | |
| N/A | 10.127.255.107:445 | tcp | |
| N/A | 10.127.255.71:445 | tcp | |
| N/A | 10.127.255.67:445 | tcp | |
| N/A | 10.127.255.92:445 | tcp | |
| N/A | 10.127.255.110:445 | tcp | |
| N/A | 10.127.255.109:445 | tcp | |
| N/A | 10.127.255.108:445 | tcp | |
| N/A | 10.127.255.85:445 | tcp | |
| N/A | 10.127.255.101:445 | tcp | |
| N/A | 10.127.255.91:445 | tcp | |
| N/A | 10.127.255.100:445 | tcp | |
| N/A | 10.127.255.119:445 | tcp | |
| N/A | 10.127.255.118:445 | tcp | |
| N/A | 10.127.255.116:445 | tcp | |
| N/A | 10.127.255.102:445 | tcp | |
| N/A | 10.127.255.128:445 | tcp | |
| N/A | 10.127.255.84:445 | tcp | |
| N/A | 10.127.255.82:445 | tcp | |
| N/A | 10.127.255.124:445 | tcp | |
| N/A | 10.127.255.77:445 | tcp | |
| N/A | 10.127.255.99:445 | tcp | |
| N/A | 10.127.255.80:445 | tcp | |
| N/A | 10.127.255.95:445 | tcp | |
| N/A | 10.127.255.97:445 | tcp | |
| N/A | 10.127.255.113:445 | tcp | |
| N/A | 10.127.255.74:445 | tcp | |
| N/A | 10.127.255.94:445 | tcp | |
| N/A | 10.127.255.78:445 | tcp | |
| N/A | 10.127.255.120:445 | tcp | |
| N/A | 10.127.255.89:445 | tcp | |
| N/A | 10.127.255.90:445 | tcp | |
| N/A | 10.127.255.65:445 | tcp | |
| N/A | 10.127.255.68:445 | tcp | |
| N/A | 10.127.255.104:445 | tcp | |
| N/A | 10.127.255.75:445 | tcp | |
| N/A | 10.127.255.112:445 | tcp | |
| N/A | 10.127.255.117:445 | tcp | |
| N/A | 10.127.255.72:445 | tcp | |
| N/A | 10.127.255.129:445 | tcp | |
| N/A | 10.127.255.96:445 | tcp | |
| N/A | 10.127.255.114:445 | tcp | |
| N/A | 10.127.255.76:445 | tcp | |
| N/A | 10.127.255.66:445 | tcp | |
| N/A | 10.127.255.69:445 | tcp | |
| N/A | 10.127.255.70:445 | tcp | |
| N/A | 10.127.255.73:445 | tcp | |
| N/A | 10.127.255.81:445 | tcp | |
| N/A | 10.127.255.83:445 | tcp | |
| N/A | 10.127.255.86:445 | tcp | |
| N/A | 10.127.255.87:445 | tcp | |
| N/A | 10.127.255.88:445 | tcp | |
| N/A | 10.127.255.93:445 | tcp | |
| N/A | 10.127.255.98:445 | tcp | |
| N/A | 10.127.255.103:445 | tcp | |
| N/A | 10.127.255.106:445 | tcp | |
| N/A | 10.127.255.111:445 | tcp | |
| N/A | 10.127.255.115:445 | tcp | |
| N/A | 10.127.255.121:445 | tcp | |
| N/A | 10.127.255.122:445 | tcp | |
| N/A | 10.127.255.123:445 | tcp | |
| N/A | 10.127.255.125:445 | tcp | |
| N/A | 10.127.255.127:445 | tcp | |
| N/A | 10.127.255.130:445 | tcp | |
| N/A | 10.127.255.131:445 | tcp | |
| N/A | 10.127.255.132:445 | tcp | |
| N/A | 10.127.255.133:445 | tcp | |
| N/A | 10.127.255.134:445 | tcp | |
| N/A | 10.127.255.135:445 | tcp | |
| N/A | 10.127.255.136:445 | tcp | |
| N/A | 10.127.255.137:445 | tcp | |
| N/A | 10.127.255.138:445 | tcp | |
| N/A | 10.127.255.139:445 | tcp | |
| N/A | 10.127.255.140:445 | tcp | |
| N/A | 10.127.255.141:445 | tcp | |
| N/A | 10.127.255.142:445 | tcp | |
| N/A | 10.127.255.143:445 | tcp | |
| N/A | 10.127.255.144:445 | tcp | |
| N/A | 10.127.255.146:445 | tcp | |
| N/A | 10.127.255.147:445 | tcp | |
| N/A | 10.127.255.148:445 | tcp | |
| N/A | 10.127.255.149:445 | tcp | |
| N/A | 10.127.255.150:445 | tcp | |
| N/A | 10.127.255.151:445 | tcp | |
| N/A | 10.127.255.152:445 | tcp | |
| N/A | 10.127.255.153:445 | tcp | |
| N/A | 10.127.255.154:445 | tcp | |
| N/A | 10.127.255.155:445 | tcp | |
| N/A | 10.127.255.156:445 | tcp | |
| N/A | 10.127.255.157:445 | tcp | |
| N/A | 10.127.255.158:445 | tcp | |
| N/A | 10.127.255.159:445 | tcp | |
| N/A | 10.127.255.160:445 | tcp | |
| N/A | 10.127.255.161:445 | tcp | |
| N/A | 10.127.255.162:445 | tcp | |
| N/A | 10.127.255.163:445 | tcp | |
| N/A | 10.127.255.164:445 | tcp | |
| N/A | 10.127.255.165:445 | tcp | |
| N/A | 10.127.255.166:445 | tcp | |
| N/A | 10.127.255.167:445 | tcp | |
| N/A | 10.127.255.168:445 | tcp | |
| N/A | 10.127.255.169:445 | tcp | |
| N/A | 10.127.255.170:445 | tcp | |
| N/A | 10.127.255.171:445 | tcp | |
| N/A | 10.127.255.172:445 | tcp | |
| N/A | 10.127.255.173:445 | tcp | |
| N/A | 10.127.255.174:445 | tcp | |
| N/A | 10.127.255.175:445 | tcp | |
| N/A | 10.127.255.176:445 | tcp | |
| N/A | 10.127.255.177:445 | tcp | |
| N/A | 10.127.255.178:445 | tcp | |
| N/A | 10.127.255.179:445 | tcp | |
| N/A | 10.127.255.180:445 | tcp | |
| N/A | 10.127.255.181:445 | tcp | |
| N/A | 10.127.255.182:445 | tcp | |
| N/A | 10.127.255.183:445 | tcp | |
| N/A | 10.127.255.184:445 | tcp | |
| N/A | 10.127.255.185:445 | tcp | |
| N/A | 10.127.255.186:445 | tcp | |
| N/A | 10.127.255.187:445 | tcp | |
| N/A | 10.127.255.188:445 | tcp | |
| N/A | 10.127.255.189:445 | tcp | |
| N/A | 10.127.255.190:445 | tcp | |
| N/A | 10.127.255.191:445 | tcp | |
| N/A | 10.127.255.192:445 | tcp | |
| N/A | 10.127.255.193:445 | tcp | |
| N/A | 10.127.255.194:445 | tcp | |
| N/A | 10.127.255.195:445 | tcp | |
| N/A | 10.127.255.196:445 | tcp | |
| N/A | 10.127.255.197:445 | tcp | |
| N/A | 10.127.255.198:445 | tcp | |
| N/A | 10.127.255.199:445 | tcp | |
| N/A | 10.127.255.200:445 | tcp | |
| N/A | 10.127.255.201:445 | tcp | |
| N/A | 10.127.255.202:445 | tcp | |
| N/A | 10.127.255.203:445 | tcp | |
| N/A | 10.127.255.204:445 | tcp | |
| N/A | 10.127.255.205:445 | tcp | |
| N/A | 10.127.255.207:445 | tcp | |
| N/A | 10.127.255.208:445 | tcp | |
| N/A | 10.127.255.209:445 | tcp | |
| N/A | 10.127.255.210:445 | tcp | |
| N/A | 10.127.255.211:445 | tcp | |
| N/A | 10.127.255.212:445 | tcp | |
| N/A | 10.127.255.213:445 | tcp | |
| N/A | 10.127.255.214:445 | tcp | |
| N/A | 10.127.255.215:445 | tcp | |
| N/A | 10.127.255.216:445 | tcp | |
| N/A | 10.127.255.217:445 | tcp | |
| N/A | 10.127.255.218:445 | tcp | |
| N/A | 10.127.255.219:445 | tcp | |
| N/A | 10.127.255.220:445 | tcp | |
| N/A | 10.127.255.221:445 | tcp | |
| N/A | 10.127.255.222:445 | tcp | |
| N/A | 10.127.255.223:445 | tcp | |
| N/A | 10.127.255.224:445 | tcp | |
| N/A | 10.127.255.225:445 | tcp | |
| N/A | 10.127.255.226:445 | tcp | |
| N/A | 10.127.255.227:445 | tcp | |
| N/A | 10.127.255.228:445 | tcp | |
| N/A | 10.127.255.229:445 | tcp | |
| N/A | 10.127.255.230:445 | tcp | |
| N/A | 10.127.255.231:445 | tcp | |
| N/A | 10.127.255.232:445 | tcp | |
| N/A | 10.127.255.233:445 | tcp | |
| N/A | 10.127.255.234:445 | tcp | |
| N/A | 10.127.255.235:445 | tcp | |
| N/A | 10.127.255.236:445 | tcp | |
| N/A | 10.127.255.237:445 | tcp | |
| N/A | 10.127.255.238:445 | tcp | |
| N/A | 10.127.255.239:445 | tcp | |
| N/A | 10.127.255.240:445 | tcp | |
| N/A | 10.127.255.241:445 | tcp | |
| N/A | 10.127.255.242:445 | tcp | |
| N/A | 10.127.255.243:445 | tcp | |
| N/A | 10.127.255.244:445 | tcp | |
| N/A | 10.127.255.245:445 | tcp | |
| N/A | 10.127.255.246:445 | tcp | |
| N/A | 10.127.255.247:445 | tcp | |
| N/A | 10.127.255.248:445 | tcp | |
| N/A | 10.127.255.249:445 | tcp | |
| N/A | 10.127.255.250:445 | tcp | |
| N/A | 10.127.255.251:445 | tcp | |
| N/A | 10.127.255.252:445 | tcp | |
| N/A | 10.127.255.253:445 | tcp | |
| N/A | 10.127.255.254:445 | tcp | |
| US | 13.107.4.50:80 | tcp | |
| US | 13.107.4.50:80 | tcp |