Analysis Overview
SHA256
0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297
Threat Level: Known bad
The file 0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297 was found to be: Known bad.
Malicious Activity Summary
Socks5Systemz
SmokeLoader
Lumma Stealer
Glupteba
DcRat
Stealc
Windows security bypass
Glupteba payload
Stops running service(s)
Downloads MZ/PE file
Creates new service(s)
Modifies Windows Firewall
Deletes itself
Loads dropped DLL
Unexpected DNS network traffic destination
UPX packed file
Windows security modification
Reads user/profile data of web browsers
Executes dropped EXE
Reads data files stored by FTP clients
Accesses cryptocurrency files/wallets, possible credential harvesting
Manipulates WinMonFS driver.
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
Writes to the Master Boot Record (MBR)
Adds Run key to start application
Suspicious use of SetThreadContext
Drops file in System32 directory
Drops file in Windows directory
Checks for VirtualBox DLLs, possible anti-VM trick
Launches sc.exe
Program crash
Enumerates physical storage devices
Unsigned PE
Uses Task Scheduler COM API
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious behavior: GetForegroundWindowSpam
Checks processor information in registry
Checks SCSI registry key(s)
Suspicious behavior: MapViewOfSection
Creates scheduled task(s)
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-23 04:47
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-23 04:47
Reported
2024-02-23 04:52
Platform
win7-20240215-en
Max time kernel
34s
Max time network
300s
Command Line
Signatures
Glupteba
Glupteba payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
SmokeLoader
Stealc
Creates new service(s)
Downloads MZ/PE file
Stops running service(s)
Deletes itself
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\6ED9.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\6ED9.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\8519.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\938C.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\6ED9.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\6ED9.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\regsvr32.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Unexpected DNS network traffic destination
| Description | Indicator | Process | Target |
| Destination IP | 91.211.247.248 | N/A | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 2556 set thread context of 3068 | N/A | C:\Users\Admin\AppData\Local\Temp\6ED9.exe | C:\Users\Admin\AppData\Local\Temp\6ED9.exe |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe | N/A |
Creates scheduled task(s)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: MapViewOfSection
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe
"C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe"
C:\Users\Admin\AppData\Local\Temp\6ED9.exe
C:\Users\Admin\AppData\Local\Temp\6ED9.exe
C:\Users\Admin\AppData\Local\Temp\6ED9.exe
C:\Users\Admin\AppData\Local\Temp\6ED9.exe
C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\72A2.dll
C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\72A2.dll
C:\Users\Admin\AppData\Local\Temp\8519.exe
C:\Users\Admin\AppData\Local\Temp\8519.exe
C:\Users\Admin\AppData\Local\Temp\938C.exe
C:\Users\Admin\AppData\Local\Temp\938C.exe
C:\Users\Admin\AppData\Local\Temp\C121.exe
C:\Users\Admin\AppData\Local\Temp\C121.exe
C:\Users\Admin\AppData\Local\Temp\DE15.exe
C:\Users\Admin\AppData\Local\Temp\DE15.exe
C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
"C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"
C:\Users\Admin\AppData\Local\Temp\F0FA.exe
C:\Users\Admin\AppData\Local\Temp\F0FA.exe
C:\Users\Admin\AppData\Local\Temp\is-4ONE7.tmp\F0FA.tmp
"C:\Users\Admin\AppData\Local\Temp\is-4ONE7.tmp\F0FA.tmp" /SL5="$90120,4470470,54272,C:\Users\Admin\AppData\Local\Temp\F0FA.exe"
C:\Users\Admin\AppData\Local\Temp\InstallSetup4.exe
"C:\Users\Admin\AppData\Local\Temp\InstallSetup4.exe"
C:\Users\Admin\AppData\Local\Temp\FourthX.exe
"C:\Users\Admin\AppData\Local\Temp\FourthX.exe"
C:\Users\Admin\AppData\Local\Temp\BroomSetup.exe
C:\Users\Admin\AppData\Local\Temp\BroomSetup.exe
C:\Users\Admin\AppData\Local\Temp\8BF.exe
C:\Users\Admin\AppData\Local\Temp\8BF.exe
C:\Users\Admin\AppData\Local\Temp\is-40676.tmp\8BF.tmp
"C:\Users\Admin\AppData\Local\Temp\is-40676.tmp\8BF.tmp" /SL5="$2018C,4314505,54272,C:\Users\Admin\AppData\Local\Temp\8BF.exe"
C:\Windows\SysWOW64\cmd.exe
cmd /c ""C:\Users\Admin\AppData\Roaming\Temp\Task.bat" "
C:\Windows\SysWOW64\chcp.com
chcp 1251
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /tn "MalayamaraUpdate" /tr "'C:\Users\Admin\AppData\Local\Temp\Updater.exe'" /sc minute /mo 30 /F
C:\Users\Admin\AppData\Local\Temp\19FE.exe
C:\Users\Admin\AppData\Local\Temp\19FE.exe
C:\Users\Admin\AppData\Local\VSO Inspector\vsoinspector.exe
"C:\Users\Admin\AppData\Local\VSO Inspector\vsoinspector.exe" -i
C:\Users\Admin\AppData\Local\VSO Inspector\vsoinspector.exe
"C:\Users\Admin\AppData\Local\VSO Inspector\vsoinspector.exe" -s
C:\Users\Admin\AppData\Local\Temp\nsy3390.tmp
C:\Users\Admin\AppData\Local\Temp\nsy3390.tmp
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramData) -ExclusionExtension '.exe' -Force
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe delete "UTIXDCVF"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c wusa /uninstall /kb:890830 /quiet /norestart
C:\Windows\system32\wusa.exe
wusa /uninstall /kb:890830 /quiet /norestart
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe create "UTIXDCVF" binpath= "C:\ProgramData\xcfonrchdkar\vueqjgslwynd.exe" start= "auto"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe start "UTIXDCVF"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop eventlog
C:\ProgramData\xcfonrchdkar\vueqjgslwynd.exe
C:\ProgramData\xcfonrchdkar\vueqjgslwynd.exe
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramData) -ExclusionExtension '.exe' -Force
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wusa.exe
wusa /uninstall /kb:890830 /quiet /norestart
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c wusa /uninstall /kb:890830 /quiet /norestart
C:\Windows\explorer.exe
explorer.exe
C:\Windows\system32\makecab.exe
"C:\Windows\system32\makecab.exe" C:\Windows\Logs\CBS\CbsPersist_20240223044917.log C:\Windows\Logs\CBS\CbsPersist_20240223044917.cab
C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
"C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"
C:\Windows\system32\taskeng.exe
taskeng.exe {132E463E-A094-4D80-980E-6955D952F899} S-1-5-21-2248906074-2862704502-246302768-1000:GHPZRGFC\Admin:Interactive:[1]
C:\Users\Admin\AppData\Roaming\rdewbwg
C:\Users\Admin\AppData\Roaming\rdewbwg
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | selebration17io.io | udp |
| RU | 91.215.85.120:80 | selebration17io.io | tcp |
| DE | 185.172.128.19:80 | 185.172.128.19 | tcp |
| US | 8.8.8.8:53 | trmpc.com | udp |
| KR | 123.140.161.243:80 | trmpc.com | tcp |
| AU | 124.168.18.172:9001 | tcp | |
| MD | 176.123.3.222:9001 | tcp | |
| US | 8.8.8.8:53 | en.bestsup.su | udp |
| US | 104.21.29.103:80 | en.bestsup.su | tcp |
| DE | 116.203.140.74:9001 | tcp | |
| DE | 185.172.128.90:80 | 185.172.128.90 | tcp |
| US | 185.198.26.149:9001 | tcp | |
| DE | 131.188.40.189:443 | tcp | |
| DE | 185.172.128.127:80 | 185.172.128.127 | tcp |
| DE | 185.172.128.145:80 | 185.172.128.145 | tcp |
| US | 209.126.103.140:9001 | tcp | |
| NL | 158.101.203.38:9001 | tcp | |
| AT | 5.42.64.33:80 | 5.42.64.33 | tcp |
| SE | 213.113.1.191:6881 | tcp | |
| US | 8.8.8.8:53 | xmr-eu2.nanopool.org | udp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 172.67.34.170:443 | pastebin.com | tcp |
| NL | 51.15.89.13:14433 | xmr-eu2.nanopool.org | tcp |
| NL | 158.101.203.38:9001 | tcp | |
| US | 8.8.8.8:53 | pun.unipune.ac.in | udp |
| US | 8.8.8.8:53 | reg.usps.com | udp |
| US | 8.8.8.8:53 | us05web.zoom.us | udp |
| US | 8.8.8.8:53 | pun.unipune.ac.in | udp |
| US | 8.8.8.8:53 | pg.taleo.net | udp |
| US | 8.8.8.8:53 | reg.usps.com | udp |
| US | 8.8.8.8:53 | myaccount.impactconnect.net | udp |
| US | 8.8.8.8:53 | reg.usps.com | udp |
| US | 8.8.8.8:53 | bestmining.top | udp |
| US | 8.8.8.8:53 | us05web.zoom.us | udp |
| US | 8.8.8.8:53 | us04web.zoom.us | udp |
| US | 8.8.8.8:53 | pg.taleo.net | udp |
| US | 8.8.8.8:53 | 888casino.ro | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | mx1.pun.unipune.ac.in | udp |
| US | 8.8.8.8:53 | myaccount.impactconnect.net | udp |
| US | 8.8.8.8:53 | mx1.pun.unipune.ac.in | udp |
| US | 8.8.8.8:53 | bestmining.top | udp |
| US | 8.8.8.8:53 | bestmining.top | udp |
| US | 8.8.8.8:53 | us04web.zoom.us | udp |
| US | 8.8.8.8:53 | 888casino.ro | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | collection.bajajfinserv.in | udp |
| US | 8.8.8.8:53 | login.aliexpress.com | udp |
| US | 8.8.8.8:53 | miggster.com | udp |
| US | 8.8.8.8:53 | collection.bajajfinserv.in | udp |
| US | 8.8.8.8:53 | collection.bajajfinserv.in | udp |
| US | 8.8.8.8:53 | miggster.com | udp |
| US | 8.8.8.8:53 | login.aliexpress.com | udp |
| US | 8.8.8.8:53 | collection.bajajfinserv.in | udp |
| US | 8.8.8.8:53 | gmr-smtp-in.l.google.com | udp |
| US | 8.8.8.8:53 | krt-club.ru | udp |
| US | 8.8.8.8:53 | dash.paragoncheats.com | udp |
| US | 8.8.8.8:53 | support.vulcanelectronics.com | udp |
| US | 8.8.8.8:53 | collection.bajajfinserv.in | udp |
| US | 8.8.8.8:53 | krt-club.ru | udp |
| US | 8.8.8.8:53 | collection.bajajfinserv.in | udp |
| US | 8.8.8.8:53 | collection.bajajfinserv.in | udp |
| US | 8.8.8.8:53 | dash.paragoncheats.com | udp |
| US | 8.8.8.8:53 | authentification-candidat.pole-emploi.fr | udp |
| US | 8.8.8.8:53 | collection.bajajfinserv.in | udp |
| US | 8.8.8.8:53 | aspmx.l.google.com | udp |
| US | 8.8.8.8:53 | new.ppy.sh | udp |
| US | 8.8.8.8:53 | miniroyale.io | udp |
| US | 8.8.8.8:53 | secure01a.chase.com | udp |
| US | 8.8.8.8:53 | authentification-candidat.pole-emploi.fr | udp |
| US | 8.8.8.8:53 | support.vulcanelectronics.com | udp |
| US | 8.8.8.8:53 | support.vulcanelectronics.com | udp |
| US | 8.8.8.8:53 | support.vulcanelectronics.com | udp |
| US | 8.8.8.8:53 | new.ppy.sh | udp |
| US | 8.8.8.8:53 | secure01a.chase.com | udp |
| US | 8.8.8.8:53 | secure01a.chase.com | udp |
| US | 8.8.8.8:53 | miniroyale.io | udp |
| US | 8.8.8.8:53 | clangsm.com | udp |
| US | 8.8.8.8:53 | acapellas4u.co.uk | udp |
| US | 8.8.8.8:53 | clangsm.com | udp |
| GB | 23.48.165.149:443 | secure01a.chase.com | tcp |
| US | 8.8.8.8:53 | work.workplace.com | udp |
| US | 69.61.52.194:22 | clangsm.com | tcp |
| GB | 143.244.38.136:443 | miniroyale.io | tcp |
| US | 69.61.52.194:21 | clangsm.com | tcp |
| US | 8.8.8.8:53 | acapellas4u.co.uk | udp |
| US | 8.8.8.8:53 | work.workplace.com | udp |
| US | 104.21.93.29:21 | acapellas4u.co.uk | tcp |
| GB | 23.48.165.149:143 | secure01a.chase.com | tcp |
| US | 8.8.8.8:53 | forum.see-game.com | udp |
| US | 8.8.8.8:53 | areapersonal.vibbo.com | udp |
| GB | 143.244.38.136:143 | miniroyale.io | tcp |
| GB | 163.70.147.4:22 | work.workplace.com | tcp |
| US | 69.61.52.194:443 | clangsm.com | tcp |
| FR | 185.215.64.45:143 | authentification-candidat.pole-emploi.fr | tcp |
| US | 104.21.93.29:22 | acapellas4u.co.uk | tcp |
| US | 54.165.158.246:995 | support.vulcanelectronics.com | tcp |
| US | 104.21.93.29:443 | acapellas4u.co.uk | tcp |
| GB | 163.70.147.4:21 | work.workplace.com | tcp |
| US | 8.8.8.8:53 | wss.uwinnipeg.ca | udp |
| US | 8.8.8.8:53 | mx.yandex.net | udp |
| US | 8.8.8.8:53 | secure01a.chase.com | udp |
| US | 8.8.8.8:53 | forum.see-game.com | udp |
| US | 8.8.8.8:53 | areapersonal.vibbo.com | udp |
| US | 8.8.8.8:53 | correo.clangsm.com | udp |
| US | 8.8.8.8:53 | forum.vimeworld.ru | udp |
| US | 8.8.8.8:53 | www1.flightrising.com | udp |
| US | 8.8.8.8:53 | forum.vimeworld.ru | udp |
| US | 8.8.8.8:53 | wss.uwinnipeg.ca | udp |
| RU | 77.88.21.249:143 | mx.yandex.net | tcp |
| FR | 185.215.64.45:465 | authentification-candidat.pole-emploi.fr | tcp |
| FR | 185.215.64.45:80 | authentification-candidat.pole-emploi.fr | tcp |
| GB | 143.244.38.136:465 | miniroyale.io | tcp |
| US | 8.8.8.8:53 | www.acapellas4u.co.uk | udp |
| US | 8.8.8.8:53 | www1.flightrising.com | udp |
| US | 8.8.8.8:53 | mobile.twitter.com | udp |
| US | 8.8.8.8:53 | mobile.twitter.com | udp |
| GB | 108.156.39.97:22 | areapersonal.vibbo.com | tcp |
| DE | 64.190.63.222:995 | bestmining.top | tcp |
| US | 104.21.93.29:80 | www.acapellas4u.co.uk | tcp |
| HU | 37.221.209.181:21 | forum.see-game.com | tcp |
| GB | 23.48.165.132:80 | secure01a.chase.com | tcp |
| US | 172.67.203.127:21 | www.acapellas4u.co.uk | tcp |
| DE | 64.190.63.222:143 | bestmining.top | tcp |
| RU | 77.88.21.249:995 | mx.yandex.net | tcp |
| GB | 143.244.38.136:80 | miniroyale.io | tcp |
| GB | 23.48.165.132:80 | secure01a.chase.com | tcp |
| GB | 23.48.165.132:465 | secure01a.chase.com | tcp |
| HU | 37.221.209.181:22 | forum.see-game.com | tcp |
| GB | 143.244.38.136:995 | miniroyale.io | tcp |
| FR | 185.215.64.45:995 | authentification-candidat.pole-emploi.fr | tcp |
| GB | 23.48.165.132:995 | secure01a.chase.com | tcp |
| US | 75.101.237.214:995 | support.vulcanelectronics.com | tcp |
| US | 69.61.52.194:80 | correo.clangsm.com | tcp |
| US | 69.61.52.194:143 | correo.clangsm.com | tcp |
| US | 172.67.203.127:22 | www.acapellas4u.co.uk | tcp |
| GB | 143.244.38.136:80 | miniroyale.io | tcp |
| HU | 37.221.209.181:443 | forum.see-game.com | tcp |
| US | 172.67.207.241:22 | forum.vimeworld.ru | tcp |
| GB | 163.70.147.4:143 | work.workplace.com | tcp |
| GB | 23.48.165.132:143 | secure01a.chase.com | tcp |
| US | 69.61.52.194:995 | correo.clangsm.com | tcp |
| CA | 142.132.7.26:22 | wss.uwinnipeg.ca | tcp |
| HU | 37.221.209.177:2030 | tcp | |
| GB | 108.156.39.97:21 | areapersonal.vibbo.com | tcp |
| RU | 77.88.21.249:465 | mx.yandex.net | tcp |
| GB | 163.70.147.4:443 | work.workplace.com | tcp |
| FR | 185.215.64.45:80 | authentification-candidat.pole-emploi.fr | tcp |
| GB | 163.70.147.4:80 | work.workplace.com | tcp |
| US | 69.61.52.194:465 | correo.clangsm.com | tcp |
| CA | 142.132.7.26:21 | wss.uwinnipeg.ca | tcp |
| US | 172.67.203.127:443 | www.acapellas4u.co.uk | tcp |
| US | 199.58.85.136:22 | www1.flightrising.com | tcp |
| US | 69.61.52.194:80 | correo.clangsm.com | tcp |
| GB | 108.156.39.97:443 | areapersonal.vibbo.com | tcp |
| US | 104.244.42.198:22 | mobile.twitter.com | tcp |
| US | 199.58.85.136:21 | www1.flightrising.com | tcp |
| GB | 163.70.147.4:465 | work.workplace.com | tcp |
| CA | 142.132.7.26:443 | wss.uwinnipeg.ca | tcp |
| GB | 163.70.147.4:995 | work.workplace.com | tcp |
| GB | 23.48.165.149:465 | secure01a.chase.com | tcp |
| US | 8.8.8.8:53 | login.wmtransfer.com | udp |
| US | 8.8.8.8:53 | yggtorrent.is | udp |
| US | 8.8.8.8:53 | bayi.demirdokum.com.tr | udp |
| US | 8.8.8.8:53 | login.wmtransfer.com | udp |
| US | 8.8.8.8:53 | yggtorrent.is | udp |
| US | 8.8.8.8:53 | secure01a.chase.com | udp |
| GB | 23.48.165.149:995 | secure01a.chase.com | tcp |
| GB | 108.156.39.7:22 | areapersonal.vibbo.com | tcp |
| US | 104.21.74.244:22 | forum.vimeworld.ru | tcp |
| US | 172.67.207.241:443 | forum.vimeworld.ru | tcp |
| GB | 108.156.39.7:21 | areapersonal.vibbo.com | tcp |
| GB | 143.244.38.136:143 | miniroyale.io | tcp |
| HU | 37.221.209.181:143 | forum.see-game.com | tcp |
| RU | 91.227.52.69:22 | login.wmtransfer.com | tcp |
| US | 172.67.130.149:22 | yggtorrent.is | tcp |
| US | 104.21.93.29:443 | www.acapellas4u.co.uk | tcp |
| CA | 142.132.7.26:465 | wss.uwinnipeg.ca | tcp |
| CA | 142.132.7.26:80 | wss.uwinnipeg.ca | tcp |
| GB | 108.156.39.97:143 | areapersonal.vibbo.com | tcp |
| US | 172.67.207.241:21 | forum.vimeworld.ru | tcp |
| US | 199.58.85.136:443 | www1.flightrising.com | tcp |
| HU | 37.221.209.181:465 | forum.see-game.com | tcp |
| GB | 23.48.165.132:80 | secure01a.chase.com | tcp |
| US | 104.244.42.198:21 | mobile.twitter.com | tcp |
| US | 104.244.42.198:443 | mobile.twitter.com | tcp |
| RU | 91.227.52.69:21 | login.wmtransfer.com | tcp |
| US | 8.8.8.8:53 | banaozel.sahibinden.com | udp |
| US | 8.8.8.8:53 | bayi.demirdokum.com.tr | udp |
| GB | 108.156.39.7:143 | areapersonal.vibbo.com | tcp |
| GB | 143.244.38.136:465 | miniroyale.io | tcp |
| RU | 91.200.28.69:22 | login.wmtransfer.com | tcp |
| US | 104.21.3.109:22 | yggtorrent.is | tcp |
| RU | 91.227.52.69:443 | login.wmtransfer.com | tcp |
| HU | 37.221.209.181:21 | forum.see-game.com | tcp |
| US | 104.244.42.198:143 | mobile.twitter.com | tcp |
| US | 8.8.8.8:53 | email.bol.uol.com.br | udp |
| US | 8.8.8.8:53 | banaozel.sahibinden.com | udp |
| US | 8.8.8.8:53 | secure01a.chase.com | udp |
| US | 8.8.8.8:53 | forum.vimeworld.com | udp |
| US | 69.61.52.194:21 | correo.clangsm.com | tcp |
| GB | 23.48.165.132:80 | secure01a.chase.com | tcp |
| GB | 108.156.39.97:80 | areapersonal.vibbo.com | tcp |
| US | 104.21.93.29:21 | www.acapellas4u.co.uk | tcp |
| GB | 163.70.147.4:22 | work.workplace.com | tcp |
| US | 104.21.93.29:80 | www.acapellas4u.co.uk | tcp |
| US | 172.67.207.241:465 | forum.vimeworld.ru | tcp |
| US | 172.67.130.149:443 | yggtorrent.is | tcp |
| DE | 64.190.63.222:995 | bestmining.top | tcp |
| US | 104.244.42.198:465 | mobile.twitter.com | tcp |
| GB | 143.244.38.136:995 | miniroyale.io | tcp |
| GB | 108.156.39.97:995 | areapersonal.vibbo.com | tcp |
| GB | 108.156.39.97:80 | areapersonal.vibbo.com | tcp |
| US | 199.58.85.136:22 | www1.flightrising.com | tcp |
| US | 172.67.207.241:143 | forum.vimeworld.ru | tcp |
| US | 69.61.52.194:443 | correo.clangsm.com | tcp |
| HU | 37.221.209.181:22 | forum.see-game.com | tcp |
| US | 69.61.52.194:995 | correo.clangsm.com | tcp |
| US | 199.58.85.136:995 | www1.flightrising.com | tcp |
| US | 69.61.52.194:22 | correo.clangsm.com | tcp |
| TR | 213.14.45.170:21 | bayi.demirdokum.com.tr | tcp |
| US | 54.165.158.246:995 | support.vulcanelectronics.com | tcp |
| TR | 213.14.45.170:22 | bayi.demirdokum.com.tr | tcp |
| FR | 185.215.64.45:80 | authentification-candidat.pole-emploi.fr | tcp |
| GB | 163.70.147.4:443 | work.workplace.com | tcp |
| FR | 185.215.64.45:143 | authentification-candidat.pole-emploi.fr | tcp |
| US | 104.244.42.198:80 | mobile.twitter.com | tcp |
| US | 104.21.93.29:22 | www.acapellas4u.co.uk | tcp |
| RU | 77.88.21.249:465 | mx.yandex.net | tcp |
| GB | 23.48.165.132:143 | secure01a.chase.com | tcp |
| US | 8.8.8.8:53 | jwmatch.com | udp |
| US | 172.67.203.127:21 | www.acapellas4u.co.uk | tcp |
| US | 199.58.85.136:80 | www1.flightrising.com | tcp |
| HU | 37.221.209.181:80 | forum.see-game.com | tcp |
| GB | 143.244.38.136:443 | miniroyale.io | tcp |
| RU | 77.88.21.249:143 | mx.yandex.net | tcp |
| US | 172.64.154.73:21 | banaozel.sahibinden.com | tcp |
| GB | 108.156.39.97:22 | areapersonal.vibbo.com | tcp |
| US | 172.67.130.149:143 | yggtorrent.is | tcp |
| DE | 64.190.63.222:143 | bestmining.top | tcp |
| US | 172.67.130.149:80 | yggtorrent.is | tcp |
| US | 69.61.52.194:465 | correo.clangsm.com | tcp |
| TR | 213.14.45.170:443 | bayi.demirdokum.com.tr | tcp |
| US | 172.64.154.73:22 | banaozel.sahibinden.com | tcp |
| GB | 163.70.147.4:21 | work.workplace.com | tcp |
| TR | 213.14.45.170:143 | bayi.demirdokum.com.tr | tcp |
| US | 172.67.203.127:443 | www.acapellas4u.co.uk | tcp |
| US | 69.61.52.194:80 | correo.clangsm.com | tcp |
| GB | 23.48.165.149:465 | secure01a.chase.com | tcp |
| US | 104.21.74.244:465 | forum.vimeworld.ru | tcp |
| GB | 23.48.165.149:80 | secure01a.chase.com | tcp |
| US | 104.18.33.183:21 | banaozel.sahibinden.com | tcp |
| GB | 108.156.39.7:22 | areapersonal.vibbo.com | tcp |
| US | 104.244.42.198:995 | mobile.twitter.com | tcp |
| US | 104.21.3.109:143 | yggtorrent.is | tcp |
| US | 8.8.8.8:53 | mx.yandex.net | udp |
| FR | 185.215.64.45:80 | authentification-candidat.pole-emploi.fr | tcp |
| US | 8.8.8.8:53 | email.bol.uol.com.br | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | secure01a.chase.com | udp |
| US | 8.8.8.8:53 | email.bol.uol.com.br | udp |
| US | 8.8.8.8:53 | jwmatch.com | udp |
| US | 8.8.8.8:53 | exar.cc | udp |
| US | 8.8.8.8:53 | mx.hsalvador.cl | udp |
| US | 8.8.8.8:53 | yggtorrent.qa | udp |
| US | 8.8.8.8:53 | exar.cc | udp |
| US | 8.8.8.8:53 | mobile.twitter.com | udp |
| US | 8.8.8.8:53 | mail.pg.taleo.net | udp |
| US | 8.8.8.8:53 | mobile.twitter.com | udp |
| US | 172.67.130.149:22 | yggtorrent.is | tcp |
| US | 8.8.8.8:53 | miniroyale.io | udp |
| US | 8.8.8.8:53 | mx.hsalvador.cl | udp |
| TR | 213.14.45.170:80 | bayi.demirdokum.com.tr | tcp |
| US | 172.67.207.241:80 | forum.vimeworld.ru | tcp |
| US | 104.26.2.20:443 | yggtorrent.qa | tcp |
| US | 199.58.85.136:443 | www1.flightrising.com | tcp |
| US | 104.21.93.29:990 | www.acapellas4u.co.uk | tcp |
| GB | 163.70.147.4:80 | work.workplace.com | tcp |
| US | 104.26.2.20:443 | yggtorrent.qa | tcp |
| NL | 108.177.119.84:80 | accounts.google.com | tcp |
| GB | 163.70.147.4:222 | work.workplace.com | tcp |
| US | 104.244.42.198:465 | mobile.twitter.com | tcp |
| DE | 64.190.63.222:110 | bestmining.top | tcp |
| RU | 91.227.52.69:80 | login.wmtransfer.com | tcp |
| GB | 108.156.39.97:80 | areapersonal.vibbo.com | tcp |
| US | 199.58.85.136:80 | www1.flightrising.com | tcp |
| CA | 142.132.7.26:80 | wss.uwinnipeg.ca | tcp |
| GB | 23.48.165.132:80 | secure01a.chase.com | tcp |
| US | 8.8.8.8:53 | ftp.pg.taleo.net | udp |
| US | 8.8.8.8:53 | pt.worldofwarships.ru | udp |
| US | 8.8.8.8:53 | krb-xjobs.brassring.com | udp |
| GB | 143.244.38.136:80 | miniroyale.io | tcp |
| US | 8.8.8.8:53 | my.account.sony.com | udp |
| US | 8.8.8.8:53 | backyardchickens.com | udp |
| US | 8.8.8.8:53 | pwnwin.com | udp |
| US | 8.8.8.8:53 | pt.worldofwarships.ru | udp |
| US | 8.8.8.8:53 | krb-xjobs.brassring.com | udp |
| US | 104.21.93.29:80 | www.acapellas4u.co.uk | tcp |
| US | 69.61.52.194:80 | correo.clangsm.com | tcp |
| US | 8.8.8.8:53 | secure01a.chase.com | udp |
| US | 104.244.42.198:443 | mobile.twitter.com | tcp |
| BR | 200.147.4.73:80 | email.bol.uol.com.br | tcp |
| BR | 200.147.4.73:80 | email.bol.uol.com.br | tcp |
| FR | 185.215.64.45:80 | authentification-candidat.pole-emploi.fr | tcp |
| US | 8.8.8.8:53 | secure01a.chase.com | udp |
| US | 8.8.8.8:53 | op.mx.datingbuzz.com | udp |
| US | 8.8.8.8:53 | op.mx.datingbuzz.com | udp |
| US | 8.8.8.8:53 | my.account.sony.com | udp |
| US | 8.8.8.8:53 | backyardchickens.com | udp |
| US | 8.8.8.8:53 | pwnwin.com | udp |
| US | 8.8.8.8:53 | en.tera.gameforge.com | udp |
| US | 8.8.8.8:53 | idm.east.cox.net | udp |
| US | 8.8.8.8:53 | ead.ufrgs.br | udp |
| US | 8.8.8.8:53 | vadana43.iauec.ac.ir | udp |
| US | 8.8.8.8:53 | survey.caneup.in | udp |
| NL | 212.32.224.181:80 | jwmatch.com | tcp |
| US | 172.67.130.149:80 | yggtorrent.is | tcp |
| NL | 108.177.119.84:443 | accounts.google.com | tcp |
| US | 199.58.85.136:80 | www1.flightrising.com | tcp |
| CL | 216.241.12.147:80 | mx.hsalvador.cl | tcp |
| TR | 213.14.45.170:80 | bayi.demirdokum.com.tr | tcp |
| RU | 91.227.52.69:80 | login.wmtransfer.com | tcp |
| GB | 163.70.147.4:443 | work.workplace.com | tcp |
| US | 8.8.8.8:53 | signin.ebay.es | udp |
| US | 172.67.221.88:80 | exar.cc | tcp |
| TR | 213.14.45.170:443 | bayi.demirdokum.com.tr | tcp |
| US | 8.8.8.8:53 | evoice.com | udp |
| US | 8.8.8.8:53 | efisend.efidem.com | udp |
| GB | 108.156.39.97:80 | areapersonal.vibbo.com | tcp |
| GB | 23.48.165.132:80 | secure01a.chase.com | tcp |
| RU | 91.227.52.69:443 | login.wmtransfer.com | tcp |
| US | 8.8.8.8:53 | mol.mapfre.com.br | udp |
| US | 8.8.8.8:53 | capretraite-entreprises.fr | udp |
| US | 8.8.8.8:53 | xenupload.com | udp |
| US | 8.8.8.8:53 | en.tera.gameforge.com | udp |
| US | 8.8.8.8:53 | idm.east.cox.net | udp |
| US | 8.8.8.8:53 | survey.caneup.in | udp |
| US | 8.8.8.8:53 | survey.caneup.in | udp |
| US | 8.8.8.8:53 | chinashipshop.com | udp |
| US | 8.8.8.8:53 | krb-xjobs.brassring.com | udp |
| US | 8.8.8.8:53 | miniroyale.io | udp |
| US | 8.8.8.8:53 | ead.ufrgs.br | udp |
| US | 69.61.52.194:80 | correo.clangsm.com | tcp |
| US | 8.8.8.8:53 | mx0.pwnwin.com | udp |
| US | 8.8.8.8:53 | areapersonal.vibbo.com | udp |
| US | 8.8.8.8:53 | my.account.sony.com | udp |
| GB | 23.213.249.160:80 | krb-xjobs.brassring.com | tcp |
| GB | 23.48.165.151:80 | my.account.sony.com | tcp |
| US | 8.8.8.8:53 | aspmx2.googlemail.com | udp |
| US | 8.8.8.8:53 | foro-ciudad.com | udp |
| US | 40.112.58.135:80 | pwnwin.com | tcp |
| US | 8.8.8.8:53 | vadana43.iauec.ac.ir | udp |
| US | 8.8.8.8:53 | auth.supercanal-arlink.com.ar | udp |
| US | 8.8.8.8:53 | vadana43.iauec.ac.ir | udp |
| US | 8.8.8.8:53 | efisend.efidem.com | udp |
| US | 8.8.8.8:53 | evoice.com | udp |
| US | 8.8.8.8:53 | mobile.twitter.com | udp |
| US | 8.8.8.8:53 | signin.ebay.es | udp |
| US | 8.8.8.8:53 | signin.ebay.es | udp |
| US | 8.8.8.8:53 | vadana43.iauec.ac.ir | udp |
| US | 8.8.8.8:53 | mol.mapfre.com.br | udp |
| US | 8.8.8.8:53 | g91.tcsion.com | udp |
| US | 8.8.8.8:53 | g6.menofia.education | udp |
| US | 8.8.8.8:53 | capretraite-entreprises.fr | udp |
| US | 8.8.8.8:53 | capretraite-entreprises.fr | udp |
| US | 8.8.8.8:53 | mol.mapfre.com.br | udp |
| US | 8.8.8.8:53 | mol.mapfre.com.br | udp |
| US | 8.8.8.8:53 | capitalwitness.cyou | udp |
| US | 8.8.8.8:53 | login.blockchain.com | udp |
| US | 8.8.8.8:53 | kikuu.co.tz | udp |
| US | 8.8.8.8:53 | online.fortunebetng.com | udp |
| US | 8.8.8.8:53 | eca.ir | udp |
| US | 8.8.8.8:53 | xenupload.com | udp |
| US | 8.8.8.8:53 | xenupload.com | udp |
| US | 8.8.8.8:53 | chinashipshop.com | udp |
| US | 8.8.8.8:53 | xenupload.com | udp |
| US | 8.8.8.8:53 | foro-ciudad.com | udp |
| US | 8.8.8.8:53 | chinashipshop.com | udp |
| US | 8.8.8.8:53 | ftp.acapellas4u.co.uk | udp |
| US | 8.8.8.8:53 | foro-ciudad.com | udp |
| US | 8.8.8.8:53 | auth.supercanal-arlink.com.ar | udp |
| US | 8.8.8.8:53 | g91.tcsion.com | udp |
| US | 8.8.8.8:53 | work.workplace.com | udp |
| US | 8.8.8.8:53 | foro-ciudad.com | udp |
| US | 8.8.8.8:53 | ftp.forum.see-game.com | udp |
| US | 8.8.8.8:53 | mail.bestmining.top | udp |
| US | 8.8.8.8:53 | ftp.new.ppy.sh | udp |
| US | 8.8.8.8:53 | ftp.work.workplace.com | udp |
| US | 8.8.8.8:53 | kikuu.co.tz | udp |
| US | 8.8.8.8:53 | capitalwitness.cyou | udp |
| US | 8.8.8.8:53 | auth.supercanal-arlink.com.ar | udp |
| US | 8.8.8.8:53 | g6.menofia.education | udp |
| US | 8.8.8.8:53 | mail.support.vulcanelectronics.com | udp |
| US | 8.8.8.8:53 | g6.menofia.education | udp |
| US | 8.8.8.8:53 | online.fortunebetng.com | udp |
| US | 8.8.8.8:53 | mail-relay.capretraite-entreprises.fr | udp |
| US | 8.8.8.8:53 | mx.zoho.com | udp |
| US | 8.8.8.8:53 | mail.new.ppy.sh | udp |
| US | 8.8.8.8:53 | mail.miniroyale.io | udp |
| US | 8.8.8.8:53 | mx1.privateemail.com | udp |
| LT | 91.211.247.248:53 | ezczohx.ua | udp |
| US | 8.8.8.8:53 | login.blockchain.com | udp |
| US | 8.8.8.8:53 | login.blockchain.com | udp |
| US | 8.8.8.8:53 | login.blockchain.com | udp |
| US | 8.8.8.8:53 | eca.ir | udp |
| US | 8.8.8.8:53 | eca.ir | udp |
| US | 8.8.8.8:53 | eca.ir | udp |
| US | 104.26.4.105:80 | backyardchickens.com | tcp |
| US | 40.112.58.135:80 | pwnwin.com | tcp |
| BR | 200.147.4.73:80 | email.bol.uol.com.br | tcp |
| US | 199.58.85.136:80 | www1.flightrising.com | tcp |
| US | 45.60.47.167:80 | idm.east.cox.net | tcp |
| NL | 212.32.224.181:80 | jwmatch.com | tcp |
| TR | 213.14.45.170:80 | bayi.demirdokum.com.tr | tcp |
| GB | 108.156.39.89:80 | areapersonal.vibbo.com | tcp |
| RU | 91.227.52.69:80 | login.wmtransfer.com | tcp |
| FR | 185.215.64.45:80 | authentification-candidat.pole-emploi.fr | tcp |
| GB | 23.48.165.132:80 | secure01a.chase.com | tcp |
| NL | 108.177.119.84:80 | accounts.google.com | tcp |
| US | 69.61.52.194:443 | correo.clangsm.com | tcp |
| BR | 143.54.1.84:80 | ead.ufrgs.br | tcp |
| DE | 144.36.172.96:80 | capretraite-entreprises.fr | tcp |
| BR | 177.11.240.156:80 | mol.mapfre.com.br | tcp |
| GB | 143.244.38.136:443 | miniroyale.io | tcp |
| FR | 92.222.136.4:80 | efisend.efidem.com | tcp |
| US | 172.67.207.241:443 | forum.vimeworld.ru | tcp |
| US | 172.67.221.88:80 | exar.cc | tcp |
| US | 8.8.8.8:53 | my.account.sony.com | udp |
| US | 8.8.8.8:53 | my.account.sony.com | udp |
| US | 8.8.8.8:53 | mail.foro-ciudad.com | udp |
| CA | 142.132.7.26:80 | wss.uwinnipeg.ca | tcp |
| GB | 163.70.147.4:80 | ftp.work.workplace.com | tcp |
| DE | 79.110.87.192:80 | en.tera.gameforge.com | tcp |
| BH | 157.241.27.231:80 | chinashipshop.com | tcp |
| GB | 104.84.81.174:80 | signin.ebay.es | tcp |
| US | 104.21.20.49:80 | xenupload.com | tcp |
| US | 172.67.221.88:80 | exar.cc | tcp |
| US | 104.244.42.129:443 | twitter.com | tcp |
| US | 8.8.8.8:53 | email.bol.uol.com.br | udp |
| CL | 216.241.12.147:80 | mx.hsalvador.cl | tcp |
| US | 8.8.8.8:53 | signin.ebay.es | udp |
| US | 8.8.8.8:53 | mail.forum.see-game.com | udp |
| BR | 143.54.1.84:80 | ead.ufrgs.br | tcp |
| US | 8.8.8.8:53 | idm.east.cox.net | udp |
| US | 8.8.8.8:53 | secure01a.chase.com | udp |
| US | 8.8.8.8:53 | krb-xjobs.brassring.com | udp |
| US | 8.8.8.8:53 | ftp.www1.flightrising.com | udp |
| US | 8.8.8.8:53 | mobile.twitter.com | udp |
| US | 8.8.8.8:53 | mobile.twitter.com | udp |
| US | 8.8.8.8:53 | g91.tcsion.com | udp |
| US | 8.8.8.8:53 | g91.tcsion.com | udp |
| US | 45.60.47.167:80 | idm.east.cox.net | tcp |
| US | 104.26.4.105:443 | backyardchickens.com | tcp |
| US | 8.8.8.8:53 | mail.eca.ir | udp |
| US | 8.8.8.8:53 | srdelperdon.sieweb.com.pe | udp |
| US | 8.8.8.8:53 | miniroyale.io | udp |
| US | 8.8.8.8:53 | ftp.banaozel.sahibinden.com | udp |
| US | 8.8.8.8:53 | ftp.wss.uwinnipeg.ca | udp |
| US | 8.8.8.8:53 | ftp.areapersonal.vibbo.com | udp |
| US | 8.8.8.8:53 | ssh.pg.taleo.net | udp |
| US | 8.8.8.8:53 | ftp.yggtorrent.is | udp |
| US | 8.8.8.8:53 | mail.wss.uwinnipeg.ca | udp |
| US | 8.8.8.8:53 | mail.work.workplace.com | udp |
| US | 8.8.8.8:53 | ftp.mobile.twitter.com | udp |
| US | 8.8.8.8:53 | ftp.bayi.demirdokum.com.tr | udp |
| US | 8.8.8.8:53 | mail.areapersonal.vibbo.com | udp |
| US | 8.8.8.8:53 | my.account.sony.com | udp |
| US | 8.8.8.8:53 | reg.usps.com | udp |
| US | 8.8.8.8:53 | us05web.zoom.us | udp |
| US | 8.8.8.8:53 | us05web.zoom.us | udp |
| US | 8.8.8.8:53 | www.gameforge.com | udp |
| US | 8.8.8.8:53 | 888casino.ro | udp |
| US | 8.8.8.8:53 | login.aliexpress.com | udp |
| US | 8.8.8.8:53 | collection.bajajfinserv.in | udp |
| US | 8.8.8.8:53 | support.vulcanelectronics.com | udp |
| US | 8.8.8.8:53 | secure01a.chase.com | udp |
| US | 8.8.8.8:53 | collection.bajajfinserv.in | udp |
| GB | 23.48.165.153:80 | g91.tcsion.com | tcp |
| US | 8.8.8.8:53 | srdelperdon.sieweb.com.pe | udp |
| US | 8.8.8.8:53 | mail.www1.flightrising.com | udp |
| IR | 94.74.145.24:80 | mail.eca.ir | tcp |
| US | 8.8.8.8:53 | ftp.forum.vimeworld.ru | udp |
| US | 8.8.8.8:53 | mail.secure01a.chase.com | udp |
| US | 8.8.8.8:53 | ftp.login.wmtransfer.com | udp |
| DE | 47.254.149.8:80 | kikuu.co.tz | tcp |
| GB | 108.156.39.89:80 | mail.areapersonal.vibbo.com | tcp |
| DE | 144.36.172.96:80 | capretraite-entreprises.fr | tcp |
| US | 8.8.8.8:53 | mail.authentification-candidat.pole-emploi.fr | udp |
| US | 8.8.8.8:53 | signin.ebay.es | udp |
| US | 8.8.8.8:53 | us04web.zoom.us | udp |
| US | 8.8.8.8:53 | collection.bajajfinserv.in | udp |
| US | 8.8.8.8:53 | collection.bajajfinserv.in | udp |
| US | 8.8.8.8:53 | collection.bajajfinserv.in | udp |
| US | 8.8.8.8:53 | www.chinashipshop.com | udp |
| NL | 212.32.224.181:443 | jwmatch.com | tcp |
| US | 8.8.8.8:53 | collection.bajajfinserv.in | udp |
| US | 8.8.8.8:53 | mail.bayi.demirdokum.com.tr | udp |
| US | 8.8.8.8:53 | ftp.mx.hsalvador.cl | udp |
| US | 69.61.52.194:80 | correo.clangsm.com | tcp |
| US | 104.26.2.20:443 | yggtorrent.qa | tcp |
| AR | 190.113.128.133:80 | auth.supercanal-arlink.com.ar | tcp |
| US | 34.69.199.94:80 | g6.menofia.education | tcp |
| FR | 92.222.136.4:80 | efisend.efidem.com | tcp |
| GB | 143.244.38.136:80 | miniroyale.io | tcp |
| GB | 23.48.165.151:443 | collection.bajajfinserv.in | tcp |
| DE | 79.110.87.192:80 | www.gameforge.com | tcp |
| CL | 216.241.12.147:443 | mx.hsalvador.cl | tcp |
| FR | 185.215.64.45:80 | authentification-candidat.pole-emploi.fr | tcp |
| GB | 18.244.179.106:80 | 888casino.ro | tcp |
| DE | 64.190.63.222:80 | mail.bestmining.top | tcp |
| US | 104.21.20.70:80 | dash.paragoncheats.com | tcp |
| ZA | 160.119.234.38:80 | online.fortunebetng.com | tcp |
| GB | 159.8.144.76:80 | mail.foro-ciudad.com | tcp |
| TR | 213.14.45.170:80 | bayi.demirdokum.com.tr | tcp |
| US | 8.8.8.8:53 | pop.pg.taleo.net | udp |
| AR | 190.113.128.133:80 | auth.supercanal-arlink.com.ar | tcp |
| US | 8.8.8.8:53 | mail.mobile.twitter.com | udp |
| US | 8.8.8.8:53 | secure01a.chase.com | udp |
| US | 8.8.8.8:53 | mail.banaozel.sahibinden.com | udp |
| US | 34.69.199.94:80 | g6.menofia.education | tcp |
| US | 8.8.8.8:53 | ftp.jwmatch.com | udp |
| US | 8.8.8.8:53 | ftp.email.bol.uol.com.br | udp |
| US | 8.8.8.8:53 | g91.tcsion.com | udp |
| US | 8.8.8.8:53 | krb-xjobs.brassring.com | udp |
| US | 8.8.8.8:53 | www.backyardchickens.com | udp |
| US | 8.8.8.8:53 | alt1.gmr-smtp-in.l.google.com | udp |
| US | 8.8.8.8:53 | my.account.sony.com | udp |
| IN | 115.111.110.183:80 | pun.unipune.ac.in | tcp |
| RU | 91.227.52.69:80 | login.wmtransfer.com | tcp |
| GB | 104.82.235.52:80 | login.aliexpress.com | tcp |
| US | 34.192.116.162:80 | support.vulcanelectronics.com | tcp |
| US | 104.16.30.98:80 | login.blockchain.com | tcp |
| ZA | 160.119.234.38:80 | online.fortunebetng.com | tcp |
| US | 192.229.221.165:80 | reg.usps.com | tcp |
| US | 170.114.52.4:80 | us04web.zoom.us | tcp |
| US | 170.114.52.5:80 | us05web.zoom.us | tcp |
| US | 172.67.148.104:80 | krt-club.ru | tcp |
| US | 104.244.42.198:80 | mobile.twitter.com | tcp |
| BH | 157.241.27.231:80 | www.chinashipshop.com | tcp |
| NL | 108.177.119.84:80 | accounts.google.com | tcp |
| GB | 23.48.165.161:80 | collection.bajajfinserv.in | tcp |
Files
memory/1516-2-0x00000000003A0000-0x00000000003AB000-memory.dmp
memory/1516-1-0x0000000000230000-0x0000000000330000-memory.dmp
memory/1516-3-0x0000000000400000-0x0000000000816000-memory.dmp
memory/1516-5-0x0000000000400000-0x0000000000816000-memory.dmp
memory/1144-4-0x0000000002100000-0x0000000002116000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\6ED9.exe
| MD5 | 147f5f5bbc80b2ad753993e15f3f32c2 |
| SHA1 | 16d73b4abeef12cf76414338901eb7bbef46775f |
| SHA256 | 40dc1ae099f2278650c0aa599ba00f659a87996208133d6a64b0cc5cbb5fe990 |
| SHA512 | 9c43aaa68161ef04c60e3f64c3fd54426dfd387f0013f009f3da94d45f19e514cd41de7b95865c47f55e5800222fd74736659138bb96406aa37f9cdc8e5799b6 |
memory/2556-17-0x00000000047D0000-0x0000000004988000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\6ED9.exe
| MD5 | 1ee45bed38e979e72454a504d63948f2 |
| SHA1 | 539333d30ea6aaeb29664ed4fff595bf369fc8c4 |
| SHA256 | ddb984750cbebcb92c19186c65b622d11b44753855af3864222bfba8b8419da1 |
| SHA512 | b20a38a306aa75cef5be1956cb014ffb4637a43025fc0e74fc8c574302a2cf51f4ec4dcaa4ddee25483f79ffca5a01ea4b3165d421986511ba6989078d38b888 |
memory/2556-21-0x00000000047D0000-0x0000000004988000-memory.dmp
memory/3068-20-0x000000007EFDE000-0x000000007EFDF000-memory.dmp
memory/2556-23-0x0000000004990000-0x0000000004B47000-memory.dmp
memory/3068-24-0x0000000000400000-0x0000000000848000-memory.dmp
memory/3068-27-0x0000000000400000-0x0000000000848000-memory.dmp
memory/3068-28-0x0000000000400000-0x0000000000848000-memory.dmp
memory/3068-29-0x0000000000400000-0x0000000000848000-memory.dmp
memory/3068-30-0x0000000000400000-0x0000000000848000-memory.dmp
memory/3068-31-0x0000000000400000-0x0000000000848000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\72A2.dll
| MD5 | 096b59d76eb04bcebd8358732264a13c |
| SHA1 | ca4988ce7f1e2a40bd24c8cffd5c56cf9f7790da |
| SHA256 | 64cbe129c5e029be7f2b32b8080c17634f2ff2e6f08fc2afff8690c1931f0bd0 |
| SHA512 | 1f0556c7e167e7fc7894398fe3af9ff0869021d469d99cb6be2b329a7ad4b83d6f52b847f88f88a8b73583fc41c8dee70874e92a34003db26037536d222cfa50 |
\Users\Admin\AppData\Local\Temp\72A2.dll
| MD5 | 6797b5ce4697becd585efa3db8a40041 |
| SHA1 | c26ebc7d911f1f5ed5d163b0f2005001c10b25e4 |
| SHA256 | ced1f0dae2bac5eae88dfb40818b16144f4e5c3a801f63aa6f5268fb0c987d15 |
| SHA512 | 015f4182f622690a84e4bdde83949c19ee325f15a51bbeca11abf6c51898c6289397424187590d66d6d1d7aff037c7a8491b0dd36f78893b342ebee54a11bb96 |
memory/3068-36-0x0000000000240000-0x0000000000246000-memory.dmp
\Users\Admin\AppData\Local\Temp\72A2.dll
| MD5 | 61460855fac38f1d8a00863c955baede |
| SHA1 | d31faa7a0464145d4e6bfe83258126beac452a39 |
| SHA256 | e1e606bf8016fdecef5b3a6abf69718dfbb45018eafea1dfc554a5eff007c12e |
| SHA512 | 9eb06ab7c202e76944463149bc6e9ed489f64720f11b1bc61c56d139bc8a9727b797e1664d1eeb4219c138a197c9d517d76c046f34a66b3729eefb6b6f358b40 |
memory/2660-40-0x00000000001B0000-0x00000000001B6000-memory.dmp
memory/3068-35-0x0000000010000000-0x00000000101A3000-memory.dmp
memory/3068-42-0x0000000002830000-0x0000000002956000-memory.dmp
memory/3068-43-0x0000000002960000-0x0000000002A6B000-memory.dmp
memory/3068-46-0x0000000002960000-0x0000000002A6B000-memory.dmp
memory/2660-47-0x0000000002570000-0x0000000002696000-memory.dmp
memory/2660-48-0x00000000026A0000-0x00000000027AB000-memory.dmp
memory/2660-52-0x00000000026A0000-0x00000000027AB000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\8519.exe
| MD5 | 10c552ce732bd03358c0513b2cd1f319 |
| SHA1 | 3ca2c43e4206dc6b3c10b9affd97b110ddf88e85 |
| SHA256 | 3189ee82c5d575584a21f169dc81e3e8c4992fd2052175e29849118e3da65bda |
| SHA512 | 5000548bb2b9f246eda2639eea603a424ca41d59f696a41c3b2c4463ae1aaf92f28c1bf6efe35f91f50c92532225c97481b79d2619a5aeb5adac90016a8fb55a |
memory/2568-56-0x00000000000F0000-0x00000000000F1000-memory.dmp
memory/2568-59-0x00000000000F0000-0x00000000000F1000-memory.dmp
memory/2568-58-0x0000000000330000-0x0000000000F34000-memory.dmp
memory/2568-61-0x00000000000F0000-0x00000000000F1000-memory.dmp
memory/2568-62-0x0000000000100000-0x0000000000101000-memory.dmp
memory/2568-64-0x0000000000100000-0x0000000000101000-memory.dmp
memory/2568-66-0x0000000000100000-0x0000000000101000-memory.dmp
memory/2568-69-0x0000000000250000-0x0000000000251000-memory.dmp
memory/2568-72-0x0000000000250000-0x0000000000251000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\938C.exe
| MD5 | 1996a23c7c764a77ccacf5808fec23b0 |
| SHA1 | 5a7141b167056bf8f01c067ebe12ed4ccc608dc7 |
| SHA256 | e40c8e14e8cb8a0667026a35e6e281c7a8a02bdf7bc39b53cfe0605e29372888 |
| SHA512 | 430c8b43c2cbb937d2528fa79c754be1a1b80c95c45c49dba323e3fe6097a7505fc437ddafab54b21d00fba9300b5fa36555535a6fa2eb656b5aa45ccf942e23 |
memory/2568-78-0x0000000000260000-0x0000000000261000-memory.dmp
memory/2568-80-0x0000000000260000-0x0000000000261000-memory.dmp
memory/2568-83-0x0000000000270000-0x0000000000271000-memory.dmp
memory/2568-85-0x0000000000270000-0x0000000000271000-memory.dmp
memory/2568-88-0x0000000000280000-0x0000000000281000-memory.dmp
memory/2568-90-0x0000000000280000-0x0000000000281000-memory.dmp
memory/2568-96-0x0000000000290000-0x0000000000291000-memory.dmp
memory/2568-105-0x000000007798F000-0x0000000077990000-memory.dmp
memory/2568-103-0x0000000000330000-0x0000000000F34000-memory.dmp
memory/2568-116-0x0000000077990000-0x0000000077991000-memory.dmp
memory/2568-122-0x000000007798F000-0x0000000077990000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\C121.exe
| MD5 | 3259d0e8fafc7839ed8e6664b083dc4a |
| SHA1 | d8e3cf75bb8065abadf9be640f7e5e83c52c3008 |
| SHA256 | b7d5d6765cf8a6685ecf21cbaa296ee9bc3ebb38be68a7b5a8541e65ad798216 |
| SHA512 | f0e783d7ae96d6489de02520ccaba2e64a7612b198b36bf7dde98a7ad4039d61ba40445980e8cdd90f5e0dcb9918ec63a3558655e0218953bd22714fc3d711c0 |
C:\Users\Admin\AppData\Local\Temp\C121.exe
| MD5 | 7c5f93e3cf0ca3a525d38ad61c6d023f |
| SHA1 | 3c0fe7c9b9a50286723bda634ce40cde46a42faf |
| SHA256 | 67764b62e9fe7546fa12b8f8af95f5258cb7af8d172ea89b6f52e0d5ab269179 |
| SHA512 | 612bdf50be463a6dc55632b6079d46fc39cd6859377442767426c48af6da076e777d07ee49daa327fa797823e68b87f3782ff8c85d1b7719a7bb87160d8bca7c |
memory/2916-129-0x0000000000B50000-0x0000000001406000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DE15.exe
| MD5 | 48c81c86a68569b6c585da608b77de24 |
| SHA1 | 01ce4382b2717f637d97b94e8e6f9ae81a62ad63 |
| SHA256 | 4ab028d9b30bc568d572a7fc0f59c53c09fb86d5a8a73ec5e89c0c029d652310 |
| SHA512 | 3e7a52aba31e1e3ec38eda9624a51a9a1e814aedd4385aca3f60b744173d094f9a5d1fa71de94d4d5e0951dd0f7116ff1765dc0cd6f5b772ed859dd82e568aea |
memory/2916-145-0x0000000074330000-0x0000000074A1E000-memory.dmp
memory/2056-155-0x0000000000220000-0x000000000022B000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
| MD5 | fc38310973cf92ef5d0eaf23758c5420 |
| SHA1 | f67e38d66151d77eb528dd37e9c492dfeb913011 |
| SHA256 | b2ae25d2170d4ddc0ca6f24766a5a11a82d92c48b33e3f7ddc39f5252cf7f73b |
| SHA512 | a041e229870805a1128582fd32fa83b1fccb8c750535ff29a903a1adf8962a412b0719f260033d9bf5b9e9c389a28b148837687441919f226b324ff69d98c77a |
C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
| MD5 | c7fe878e6fc3be20c84b5e85b97efe17 |
| SHA1 | 51ebfabdef927465e68c5843ae4f2a930b82a24b |
| SHA256 | a4a662c0c92c27d74fc00f6f5e24b1b4116da7d582607161f0570cdfcc0a6040 |
| SHA512 | 24f2fd40425ce1a1585157255b0dbb856635fa2fb08f00419693ebf8e0c774d47890aad7b69adee08b315607b0bc68375421737f4785b577110894028a013289 |
\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
| MD5 | a8c70b8503cf28727a8ab611f388ac76 |
| SHA1 | a841b20bb496d1f052fc4d479ab90b73e988fa0d |
| SHA256 | fe5a07e1f54145e52034c341c79c66de11c8ea1e8ba9a0f1c27a82211a225a2e |
| SHA512 | a7cf09cd58029d7f035672921c968ba485626263daac008b777a9291f4f51f170593a4919240c57867304fa2be8db2db7b7c62d8ed44c35b6dbc8f30601438b9 |
\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
| MD5 | d378fd2b15848b7a718dcbcf69fa0766 |
| SHA1 | fc5cd16b156ebebe3b98b97c2af85ffbf5ef10f0 |
| SHA256 | cce58fe749530e81feff898986569fa1ce4d02a9dc4d189a7e1659c0736bc102 |
| SHA512 | 2f7b7b39fc610742bf00a4eb78cdd3fa35f39eef9ca6689a4059c5929bc0b439748e8af0c2796a1bcd9f9cb096939a65736de390ee9fe956db46b1efdc5eb1c2 |
memory/2056-158-0x0000000000400000-0x00000000022D1000-memory.dmp
memory/2056-160-0x00000000023F0000-0x00000000024F0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\F0FA.exe
| MD5 | 66116a1ca2aa0d96a644b0e9b2523e53 |
| SHA1 | 1e7b886d269fab3b777f695d9208b99b2e6220e9 |
| SHA256 | 023a2023bc54ec4abe45ec7fdba3de03948f9598e9e0d470d4a95db6fbb46b3c |
| SHA512 | 48ce788ad9d8462295a7b951b260a3273f136c0f09c1e66bdba9c9d9f937b03a30a628da03c9cbe89d54c3aa6cf028b8b6f57e29921a8632fae23ce7047fc57e |
memory/3068-165-0x0000000000400000-0x0000000000848000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\F0FA.exe
| MD5 | f76037a587690e458b87cbbe8334063c |
| SHA1 | 11a72ef4c9345677f4d0152c62e5db146b28c880 |
| SHA256 | 0178edb86b934f91659e1309b19ca7ef12a92f76c8c5e3e71b494e70f1ae6387 |
| SHA512 | acd0b6b1030cd0b04bb17a93ae7a267cfafa4c63e68bc95f273e967440c12790be8a40544d671d2b9023d0207e4199c8622f1a157dc925fbb1720c527462c219 |
memory/1728-167-0x0000000000400000-0x0000000000414000-memory.dmp
memory/1048-171-0x00000000027F0000-0x0000000002BE8000-memory.dmp
memory/1048-172-0x0000000002BF0000-0x00000000034DB000-memory.dmp
memory/1048-174-0x0000000000400000-0x0000000000D1C000-memory.dmp
\Users\Admin\AppData\Local\Temp\is-4ONE7.tmp\F0FA.tmp
| MD5 | 8fe7736caca3d3b55bd9123f7d5cd780 |
| SHA1 | 68158e0909fced212d9076cc891953624e2b401d |
| SHA256 | 27821f0047bd4f5f8bfc4939bcb22c110e9de3a852f9589fb253b26b3ec25d94 |
| SHA512 | 32c20f6f8a0c333dc1aff88bebdf5e46a93711e0e481af92c13156900874b7dfef584633e13761110031d0d52cbc062ba3749b0541a2adf98e1c80f0da264553 |
\Users\Admin\AppData\Local\Temp\is-7HNV4.tmp\_isetup\_shfoldr.dll
| MD5 | 92dc6ef532fbb4a5c3201469a5b5eb63 |
| SHA1 | 3e89ff837147c16b4e41c30d6c796374e0b8e62c |
| SHA256 | 9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87 |
| SHA512 | 9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3 |
\Users\Admin\AppData\Local\Temp\is-7HNV4.tmp\_isetup\_iscrypt.dll
| MD5 | a69559718ab506675e907fe49deb71e9 |
| SHA1 | bc8f404ffdb1960b50c12ff9413c893b56f2e36f |
| SHA256 | 2f6294f9aa09f59a574b5dcd33be54e16b39377984f3d5658cda44950fa0f8fc |
| SHA512 | e52e0aa7fe3f79e36330c455d944653d449ba05b2f9abee0914a0910c3452cfa679a40441f9ac696b3ccf9445cbb85095747e86153402fc362bb30ac08249a63 |
\Users\Admin\AppData\Local\Temp\is-7HNV4.tmp\_isetup\_isdecmp.dll
| MD5 | a813d18268affd4763dde940246dc7e5 |
| SHA1 | c7366e1fd925c17cc6068001bd38eaef5b42852f |
| SHA256 | e19781aabe466dd8779cb9c8fa41bbb73375447066bb34e876cf388a6ed63c64 |
| SHA512 | b310ed4cd2e94381c00a6a370fcb7cc867ebe425d705b69caaaaffdafbab91f72d357966916053e72e68ecf712f2af7585500c58bb53ec3e1d539179fcb45fb4 |
memory/2088-180-0x00000000001D0000-0x00000000001D1000-memory.dmp
\Users\Admin\AppData\Local\Temp\InstallSetup4.exe
| MD5 | 1f198a0e192f334f8d3197bbb0bc7eed |
| SHA1 | a174e3d808eb8214fa9984ac5d357b449772c6b6 |
| SHA256 | ef16866adc5290e024ffdcdedb14ea8c124eff2a2d59bb13184a54df3edd029a |
| SHA512 | 423e46396a4877fda92828915e06812f24dea21556c21e0a73e349156c9a88b0b1b5f8cb4e6057bc2ab3b553affa570429c3fd1767552f9e7db9359442a66e1e |
C:\Users\Admin\AppData\Local\Temp\InstallSetup4.exe
| MD5 | ffd3a79fbade7aed628f253202565bb0 |
| SHA1 | dcccf899a1d061e878d1c610b578966af8bf1517 |
| SHA256 | 59061043417927ef9887d4d6c2f8ca2fdea216c23798390a1eb0be583331f82f |
| SHA512 | 78352d185a0a5f36e61a179845e65263abc7f7b07520712b305e8d1a78753527d9667a439f764f364a6fe10231b2e4d7febbeca936c9579f9eec11c001f7a0b9 |
C:\Users\Admin\AppData\Local\Temp\InstallSetup4.exe
| MD5 | fea9c8c717d93c6dc7775a7ba76ad147 |
| SHA1 | 5b2193a16299f0eb48f6f294fe74fa7638afbd08 |
| SHA256 | cc7d7efb36539348eae2c6f09d101a353fb3e12f8504e217c8687aad036c35e3 |
| SHA512 | 85222cbe8a5aa1f8b3213d41792c8634800a3e34ae586a85cda78f3123a11eb3522da0eff80a50df8bb2a9b18550f1c90fe159a8aee789c25f9c4f852a10f9cb |
C:\Users\Admin\AppData\Local\Temp\FourthX.exe
| MD5 | 02df76a7b45d874395b4274c2e5b7b1f |
| SHA1 | 1b8d7060e9fa5204fa74efeb4192a168b778e9ca |
| SHA256 | 2f84a4b95126d6047929174a1d44106d9d4f62ba23c77e10218f79eca126d7a9 |
| SHA512 | 5675e3895878a8b558aa4a31e06ea9858ece0dde7eca67d7e80033a96571786790ddaa0a53859f84222eb87e6eaa451245e41b31b8b66ab946a50072d6ab249e |
\Users\Admin\AppData\Local\Temp\FourthX.exe
| MD5 | 58c7043511ed8a16767ebc74401c4783 |
| SHA1 | 350db4eb503f57c99dc4435c81824fbadd7219f1 |
| SHA256 | 97f731221f45601793d9ded763219d315652e6a3e7d78e726bfb32bd77de4edb |
| SHA512 | 4be8aca193ec3f7a57c6c6ea90fdeea52d16f400a4fed9fb12508378ddb71322ba809479a989359956a00c06b8c3823581f969d216d6b1068aac2b945f3de8b8 |
\Users\Admin\AppData\Local\Temp\FourthX.exe
| MD5 | 47bd11c4ca54e653df8072e66150f63e |
| SHA1 | e825c61f642083c5cd69d3252269e8cde76a97bc |
| SHA256 | 9b803e7bdeb61c437d39b3dafd70a1205bda43bfb073ebf6a090ec1dfba6e06c |
| SHA512 | 7c9ca0e87f554881a02cf1b204d51166f6400a81d09a75213f0a05400233916518bd4e733f4b8097bff0d6dd8fe3a408deb7ff04c2dcafc9e1d03c1199945639 |
\Users\Admin\AppData\Local\Temp\BroomSetup.exe
| MD5 | bd29941d02e5945870812c9b88084c2a |
| SHA1 | 3bd1a439ee687dbdc3ca2a88a0f3f475344fd4b5 |
| SHA256 | de8c90d7e2a65e4fae7549dcff4ed57b75d437e73deb6159678153bf7393d635 |
| SHA512 | e22c27f54597fed8599aafad074e0fad38fdfe155699a966d62168bd156f43903264c7330d03f415cd38a5e7e0e8b18763e37d342e855e45b4bd065cc9362770 |
C:\Users\Admin\AppData\Local\Temp\BroomSetup.exe
| MD5 | e5e26d58a98b7a1be3cb218be3d92687 |
| SHA1 | d8128f0c1fdbad1693c4e51a0e614f5b5472917b |
| SHA256 | 75f4ca4c988e342ca0a381d103410df4eeb524c1e48f02c0f68db7736dd4245c |
| SHA512 | 0b837179ac3d80a4c9e0762c12642ec27b5f3f220060accca00a4add9293efbdc379cfa9bb85b58a5fc671ef559aadd4c0f51c761fa75159cde50b5d406a641b |
\Users\Admin\AppData\Local\Temp\nsyFF75.tmp\INetC.dll
| MD5 | 40d7eca32b2f4d29db98715dd45bfac5 |
| SHA1 | 124df3f617f562e46095776454e1c0c7bb791cc7 |
| SHA256 | 85e03805f90f72257dd41bfdaa186237218bbb0ec410ad3b6576a88ea11dccb9 |
| SHA512 | 5fd4f516ce23fb7e705e150d5c1c93fc7133694ba495fb73101674a528883a013a34ab258083aa7ce6072973b067a605158316a4c9159c1b4d765761f91c513d |
memory/2916-218-0x0000000074330000-0x0000000074A1E000-memory.dmp
memory/1592-230-0x0000000000240000-0x0000000000241000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\8BF.exe
| MD5 | fabee0f9fe19eb0b36f858f6e50a3e5a |
| SHA1 | 5141fc64dcf23d7fd5df87c916dd1ab467ccaac3 |
| SHA256 | 3834aa27fbe9a85008659a31f5309391f801c3d33ef59a8a77b8fc78b28b88e2 |
| SHA512 | 32a1affa2f0a70aec97bf10b4e6f7c593d4e19fccd4804b18e0f01fe5899e52e3ba163392ac5f30ddadfac8d0f9cca043ecee98acf13d1b138aec3afb91292b7 |
C:\Users\Admin\AppData\Local\Temp\8BF.exe
| MD5 | 28db5a3a807ed78b5894f6ff296dd68a |
| SHA1 | 58d630059469d9c943b9d2849f2f6813345eb30f |
| SHA256 | e082405be9aaf49fa14dbaf56fa79a21e5d1681a732a221280076acd74626d91 |
| SHA512 | 52a15428c34f1ad4d485550002b396ad2dc87c0d71524fe1bba2dd6713d7f89bcd302a928b71c7de4751f8234a95b4c5995322c11d1c15e59c49ef311b1667c6 |
C:\Users\Admin\AppData\Local\Temp\8BF.exe
| MD5 | 3b1121b3e2cd7140392652e7283a2afe |
| SHA1 | eb12e52a4623e6eed2c60b33716823cdd1cfc9bc |
| SHA256 | 2523de842f01902bb162705bb87eeaccbed547f6a9b4f0bd3e7c3b211edec76b |
| SHA512 | 4b0ff1b6a66bd2f54f2b81ae5d85ec1ebf59d8becf57462d83259253ab69fb943c048dd151730f279bfbe63e22f1cbb97606a354562a349429448f67737e8730 |
memory/1420-242-0x0000000000400000-0x0000000000414000-memory.dmp
\Users\Admin\AppData\Local\Temp\is-40676.tmp\8BF.tmp
| MD5 | d5709c2171e58c1106a886c080be01f8 |
| SHA1 | 1f7ae64452f9ba78d65c0d4e6a4d0167f26d04d1 |
| SHA256 | 4f80b4906439bec266cc9f4552f7cfd82bdeac0d7bf29da0040a673cd6576561 |
| SHA512 | 965d1eca832cbc354717170a42833212da56117485219203758aff248ceb95139ac0a208fe5eb998467307c13e0be3dd6a1b196ef141bd462cc7642c2cdb5ccd |
memory/1620-259-0x0000000000240000-0x0000000000241000-memory.dmp
C:\Users\Admin\AppData\Local\VSO Inspector\is-ULDTR.tmp
| MD5 | 6231b452e676ade27ca0ceb3a3cf874a |
| SHA1 | f8236dbf9fa3b2835bbb5a8d08dab3a155f310d1 |
| SHA256 | 9941eee1cafffad854ab2dfd49bf6e57b181efeb4e2d731ba7a28f5ab27e91cf |
| SHA512 | f5882a3cded0a4e498519de5679ea12a0ea275c220e318af1762855a94bdac8dc5413d1c5d1a55a7cc31cfebcf4647dcf1f653195536ce1826a3002cf01aa12c |
C:\Users\Admin\AppData\Local\VSO Inspector\vsoinspector.exe
| MD5 | 4946347eab868074a77120b398697529 |
| SHA1 | 51aa8ea670c04ad1f4eaa96a3f02a4b87f5f7aae |
| SHA256 | a3749dec3aaf9f2e9693242d60e4e61a2300b6fbd389d695fd203b4085d831f3 |
| SHA512 | 9f7635944721e9579b9faa80bf420efe49e7739e781cca0ad0ba5559bdba53e126597beacd010cdeda86d546069a14209f6ea3e406b987676aea699c9bce4c82 |
C:\Users\Admin\AppData\Roaming\Temp\Task.bat
| MD5 | 11bb3db51f701d4e42d3287f71a6a43e |
| SHA1 | 63a4ee82223be6a62d04bdfe40ef8ba91ae49a86 |
| SHA256 | 6be22058abfb22b40a42fb003f86b89e204a83024c03eb82cd53e2a0a047c331 |
| SHA512 | 907ad2c070cc1db89f43459a94d7f48985d939d749c9648b78572a266f0d3fde47813a129e9151dbf4a7d96d36f588172f57c88b8b947b56ed818d7d068abab2 |
memory/2056-308-0x0000000000400000-0x00000000022D1000-memory.dmp
memory/1620-309-0x00000000034F0000-0x000000000385E000-memory.dmp
memory/2400-311-0x0000000000400000-0x000000000076E000-memory.dmp
memory/2056-310-0x00000000023F0000-0x00000000024F0000-memory.dmp
\Users\Admin\AppData\Local\VSO Inspector\vsoinspector.exe
| MD5 | 97f998f8c37a9412a1d021e06b1b35bf |
| SHA1 | a006836875c85d2abc2b2867b556b28474ac6395 |
| SHA256 | ee78b8dff427f5515dcf1a451cb63e39f02d9b495991e821c3fbb194e89ec8d1 |
| SHA512 | 852d6abe971ceef6e90373096806e1c0992931094d49f1ba8e001efef128d8445ab48a2e73f98e44023d87e82a299abf8743e5a7da3eb40e4819b797b6dfdbaf |
C:\Users\Admin\AppData\Local\VSO Inspector\vsoinspector.exe
| MD5 | ab8726e4c1d3e34290f51d0b98d95904 |
| SHA1 | 5798c9c7ad60b84eec84a516f9a08bffd02b007e |
| SHA256 | 92d31ca0b3b591fffaf7594a2c0f05e8b05f949b7e105cae3362d8f094724359 |
| SHA512 | cc90465977eb60e9c6023ff9e90e69ed5b57d1920712335a1a5a925a4d1fbbbf84bc458f7cc14d7eac3d19d4e6b21737afafed1da316433841ecc5d250496f0a |
memory/2400-323-0x0000000000400000-0x000000000076E000-memory.dmp
C:\Users\Admin\AppData\Local\VSO Inspector\vsoinspector.exe
| MD5 | c2341b89865c9868b0353796f272179a |
| SHA1 | 0dffea7f5624a79c9ef9368c63aa982e50098c23 |
| SHA256 | cccd715bc054e754ce13038f6d511e27e8c7fff10a641c66b34880da11e885a4 |
| SHA512 | 467aeac781cc20cd0d36520a663b40685fc3c6e059846ba288683157a90c8bb3eafe9620ad320eff4b8ba0c9fa9d2eb6b263742898e519742b26650ca557081a |
memory/1728-327-0x0000000000400000-0x0000000000414000-memory.dmp
memory/2828-328-0x0000000000400000-0x000000000076E000-memory.dmp
memory/1048-329-0x00000000027F0000-0x0000000002BE8000-memory.dmp
\Users\Admin\AppData\Local\Temp\nsyFF75.tmp\INetC.dll
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Temp\nsy3390.tmp
| MD5 | 98f75ae139d548677e3c0ff45c24ed08 |
| SHA1 | 9052843267fd24e8d4dd700d121506a6ccd6935b |
| SHA256 | 83764623a1b1038a7b28ac61a156ca7cdeed91f38c0e3ceb211a3e9380cbdfbe |
| SHA512 | a2efd41d8285b4d506058c0d2e7a01a5a053e0e48932835997778b563c47b6762e3f36c2c49c327513f845735132fa4be5ea2a4609a56352c44f181f2a0d8bbb |
memory/1048-352-0x0000000002BF0000-0x00000000034DB000-memory.dmp
memory/1944-353-0x00000000002B0000-0x00000000003B0000-memory.dmp
memory/1944-354-0x00000000001B0000-0x00000000001E4000-memory.dmp
memory/1944-355-0x0000000000400000-0x00000000022DC000-memory.dmp
memory/1048-365-0x0000000000400000-0x0000000000D1C000-memory.dmp
memory/2828-367-0x0000000000400000-0x000000000076E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\4KPV6A~1\cached-microdesc-consensus.tmp
| MD5 | 6faeafc563d9d8d5431538b3cd29c2a0 |
| SHA1 | ca8cb7afa8ebee3aa6c043c60127490fbb495e7a |
| SHA256 | aaa2ea8e0ace3dba4cac7034284ad170b547743a69496525204874bf50d21635 |
| SHA512 | 9d2f9b5b44cc36974ba22b4785675891428e3630b779b77f94c3c2e1564ad2f490114a7dbd2979a9f8296048d8012df72b990c9a129d6acecbadf2f56b27040d |
memory/2088-425-0x00000000001D0000-0x00000000001D1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\4KPV6A~1\cached-microdescs.new
| MD5 | 7633edfa34707f37303e49d8841d7641 |
| SHA1 | e36cb33401d00967b1efbf0d814778cbefe3e769 |
| SHA256 | df40816abdefb2a46b710ef837a5f9a8755b6b9870f50936e8b21de9effe30cd |
| SHA512 | 07c12618aff10af0cd0e3abfbef3cd94715cca677232ade572b549f94eb7cb76aec03deb4289ce2c606bd1c6bf361738d5c7d5d201c692f5ad037842e4bacd5c |
\ProgramData\nss3.dll
| MD5 | eb335c567613806902e65e3d6934d6b9 |
| SHA1 | 6c11ba841c86b3002b4b3c2a31ebab74649ed56e |
| SHA256 | 4c57c52bb021ddbf70d5b7c71dc734f10120682cb77fe2bae0062ceba16a95a5 |
| SHA512 | fd6cb2b418ee03fe4735b636a71aaa91ff975011920ac9106784b791a576a2629da4981ebe77d1c20e9f6b4f767be9605c0ebced70ddb5647d2c1af405f006dc |
\ProgramData\mozglue.dll
| MD5 | a47c9a22d04f7a89ffb338ec0d9163f2 |
| SHA1 | c779b4e0bd380889d053a5a2e64fac7e5c9f0d85 |
| SHA256 | c67b8f01d1b007cf0abea4f89d1272a146116b398d97c0873889e4f3bc1aa2a5 |
| SHA512 | 64ebbee2f2f0884096e5b0996b30adae289549ba24f19fb3858f638148f358cd9a6f2fb370c0b2a44e821cb00b5a49468f849c97e9aa8ee413bbae11b57d72f4 |
C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
| MD5 | 69d8541afe9eb5d47b8a4ec080212d19 |
| SHA1 | 2bd9cda3c37de1569edc024935374ef90a8d186b |
| SHA256 | 5731567f5316e5c8535d8b9aa0ec8c2c839b89dbba2dd9aacbc76e46b26080b7 |
| SHA512 | 56aa8cc13b79695bf1c0e1ce51302d569411d22072dbfca1943e97a3d5fe5e6f7c66ce341f8f065de73a85c9d29c820570202aa6977d89e3e5a979ccceec0c95 |
memory/1944-462-0x0000000000400000-0x00000000022DC000-memory.dmp
memory/1592-475-0x0000000000240000-0x0000000000241000-memory.dmp
memory/1420-481-0x0000000000400000-0x0000000000414000-memory.dmp
memory/1260-482-0x000000001B430000-0x000000001B712000-memory.dmp
memory/1260-484-0x0000000001EB0000-0x0000000001EB8000-memory.dmp
memory/1260-485-0x000007FEF5A40000-0x000007FEF63DD000-memory.dmp
memory/1260-486-0x0000000002B20000-0x0000000002BA0000-memory.dmp
memory/1260-487-0x000007FEF5A40000-0x000007FEF63DD000-memory.dmp
memory/1260-488-0x0000000002B20000-0x0000000002BA0000-memory.dmp
memory/1260-490-0x0000000002B20000-0x0000000002BA0000-memory.dmp
memory/1620-491-0x00000000034F0000-0x000000000385E000-memory.dmp
memory/1260-492-0x0000000002B20000-0x0000000002BA0000-memory.dmp
memory/1260-493-0x000007FEF5A40000-0x000007FEF63DD000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\FourthX.exe
| MD5 | fabe58a3b5913e67d05e658e26364b8d |
| SHA1 | 88e90ef4a3003b00c4b3af1a723af31e3ab33b9a |
| SHA256 | 298ec1da13a2a9295e02b3889d53d558a173965ed1fce91ae60badd9f11857e6 |
| SHA512 | ba19a4f93ae9b5892a55ec523e3db9b9cc3c997b27834484e39e0f7aec0e96c93b0ce4f1559abaa8351e3bb7754ef211a929ed48f9817b519c4ab648773a50b2 |
C:\ProgramData\xcfonrchdkar\vueqjgslwynd.exe
| MD5 | 76fea50e87334c9bd1688042885094dd |
| SHA1 | 7339821d372becf0e7fb16431ca2f9c468a53320 |
| SHA256 | 0306bbca2aaee204f0937211aa5667bf1a8a174bbb10e758cab65cc92cd65a6c |
| SHA512 | 1a18bffcef1190e4b2a3bd1994557f460b5912b21dc2847f99514a7c838aba176c0b44bcfddbb1f77a878e94b153741391d170b588b4946f99ef426431cb499d |
\ProgramData\xcfonrchdkar\vueqjgslwynd.exe
| MD5 | 361e3588f3a36f468cb193a3fe81716f |
| SHA1 | e14c4082cb9b103262db16cad16bcb987533610b |
| SHA256 | deb79d0a4a4ed61a04471bef47f085a84002e3c64979b3d9f7e5e2b2e74eb775 |
| SHA512 | 553dcd9bcd76ddaba16dba635abe3bd33d49c242846dadab0272b7616c63905bd2ad3674306ce2236965f7810041a4afe707ce73bff149535eef3f7f156862c4 |
memory/2120-499-0x0000000019E80000-0x000000001A162000-memory.dmp
memory/2120-502-0x0000000000A20000-0x0000000000A28000-memory.dmp
memory/2120-503-0x000007FEF59D0000-0x000007FEF636D000-memory.dmp
memory/2120-505-0x000007FEF59D0000-0x000007FEF636D000-memory.dmp
memory/2120-506-0x0000000001440000-0x00000000014C0000-memory.dmp
memory/2120-507-0x0000000001440000-0x00000000014C0000-memory.dmp
memory/2120-504-0x0000000001440000-0x00000000014C0000-memory.dmp
C:\ProgramData\xcfonrchdkar\vueqjgslwynd.exe
| MD5 | dc301e7b410b4824b071332b3fbfe2f1 |
| SHA1 | a9deda9c23931439801ee28e848d5be2582046fa |
| SHA256 | 74c128080dda13dc7847c4d1e9681dbac8ed2754c6178d2d66312b72431cf429 |
| SHA512 | a394de8c9414d89ae9b48cb491d6c07a9bde679665581d81a66e49897d30f38f149f9e1d8c2e542c2e356b3e6a002b81f757875e6c8be24f3651c11b90365fd3 |
C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
| MD5 | 16be2fa376fb55e287a325a2d4e62ed6 |
| SHA1 | 92fd23ab86cc174272ad97788ed6f80b0eb9d5d0 |
| SHA256 | 5f40b34b635bb651a7944c455d44f1a015488843682fe5423abdca44938b94b9 |
| SHA512 | e86f8b02d92d327aa7a11e886e72c78a08153381b4f5e8d968ec874c200ca75dd7e14c77905dedc57de414ad3621c0a8d00b780396738f83bd3359f8229666b3 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-02-23 04:47
Reported
2024-02-23 04:52
Platform
win10-20240221-en
Max time kernel
300s
Max time network
303s
Command Line
Signatures
DcRat
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\CSRSS = "\"C:\\ProgramData\\Drivers\\csrss.exe\"" | C:\Users\Admin\AppData\Local\Temp\BB9F.exe | N/A |
Glupteba
Glupteba payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Lumma Stealer
SmokeLoader
Socks5Systemz
Stealc
Windows security bypass
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\Windows\rss = "0" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\Users\Admin\AppData\Local\Temp\csrss = "0" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\Windows\windefender.exe = "0" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\Windows\System32\drivers = "0" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes\csrss.exe = "0" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes\windefender.exe = "0" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes\288c47bbc1871b439df19ff4df68f076.exe = "0" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
Creates new service(s)
Downloads MZ/PE file
Modifies Windows Firewall
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\netsh.exe | N/A |
Stops running service(s)
Deletes itself
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\InstallSetup4.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\InstallSetup4.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-9A2M1.tmp\1BB7.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-9A2M1.tmp\1BB7.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-9A2M1.tmp\1BB7.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\nsf4A1.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\nsf4A1.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-EH6O8.tmp\301B.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-EH6O8.tmp\301B.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-EH6O8.tmp\301B.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\InstallSetup4.exe | N/A |
Reads data files stored by FTP clients
Reads user/profile data of web browsers
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Unexpected DNS network traffic destination
| Description | Indicator | Process | Target |
| Destination IP | 45.155.250.90 | N/A | N/A |
Windows security modification
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes\windefender.exe = "0" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes\288c47bbc1871b439df19ff4df68f076.exe = "0" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\Windows\rss = "0" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\Users\Admin\AppData\Local\Temp\csrss = "0" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\Windows\windefender.exe = "0" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\Windows\System32\drivers = "0" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes\csrss.exe = "0" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
Accesses cryptocurrency files/wallets, possible credential harvesting
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\CSRSS = "\"C:\\ProgramData\\Drivers\\csrss.exe\"" | C:\Users\Admin\AppData\Local\Temp\BB9F.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000\Software\Microsoft\Windows\CurrentVersion\Run\csrss = "\"C:\\Windows\\rss\\csrss.exe\"" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000\Software\Microsoft\Windows\CurrentVersion\Run\csrss = "\"C:\\Windows\\rss\\csrss.exe\"" | C:\Windows\rss\csrss.exe | N/A |
Checks installed software on the system
Manipulates WinMonFS driver.
| Description | Indicator | Process | Target |
| File opened for modification | \??\WinMonFS | C:\Windows\rss\csrss.exe | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PHYSICALDRIVE0 | C:\Users\Admin\AppData\Local\Temp\D610.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File opened for modification | C:\Windows\system32\MRT.exe | C:\Users\Admin\AppData\Local\Temp\FourthX.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\powershell.exe.log | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\powershell.exe.log | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 2064 set thread context of 312 | N/A | C:\Users\Admin\AppData\Local\Temp\BB9F.exe | C:\Users\Admin\AppData\Local\Temp\BB9F.exe |
Checks for VirtualBox DLLs, possible anti-VM trick
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\VBoxMiniRdrDN | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\rss | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| File created | C:\Windows\rss\csrss.exe | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| File created | C:\Windows\windefender.exe | C:\Windows\rss\csrss.exe | N/A |
| File opened for modification | C:\Windows\windefender.exe | C:\Windows\rss\csrss.exe | N/A |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\AppData\Local\Temp\BB9F.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\AppData\Roaming\agawthj |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Roaming\gbawthj | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\715.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\715.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\715.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Roaming\gbawthj | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Roaming\gbawthj | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\nsf4A1.tmp | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\nsf4A1.tmp | N/A |
Creates scheduled task(s)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-2001 = "Cabo Verde Daylight Time" | C:\Windows\windefender.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-2492 = "Aus Central W. Standard Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-742 = "New Zealand Standard Time" | C:\Windows\windefender.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-2391 = "Aleutian Daylight Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-2612 = "Bougainville Standard Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-512 = "Central Asia Standard Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-2431 = "Cuba Daylight Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-491 = "India Daylight Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-2322 = "Sakhalin Standard Time" | C:\Windows\windefender.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-151 = "Central America Daylight Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-1472 = "Magadan Standard Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-451 = "Caucasus Daylight Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-342 = "Egypt Standard Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-2571 = "Turks and Caicos Daylight Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-292 = "Central European Standard Time" | C:\Windows\windefender.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-111 = "Eastern Daylight Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-2512 = "Lord Howe Standard Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-871 = "Pakistan Daylight Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-2182 = "Astrakhan Standard Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-385 = "Namibia Standard Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-541 = "Myanmar Daylight Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-631 = "Tokyo Daylight Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-215 = "Pacific Standard Time (Mexico)" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-302 = "Romance Standard Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-232 = "Hawaiian Standard Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-231 = "Hawaiian Daylight Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-832 = "SA Eastern Standard Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-2321 = "Sakhalin Daylight Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-1862 = "Russia TZ 6 Standard Time" | C:\Windows\windefender.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-281 = "Central Europe Daylight Time" | C:\Windows\windefender.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-2492 = "Aus Central W. Standard Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-401 = "Arabic Daylight Time" | C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-511 = "Central Asia Daylight Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-362 = "GTB Standard Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-2511 = "Lord Howe Daylight Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-1931 = "Russia TZ 11 Daylight Time" | C:\Windows\windefender.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Suspicious behavior: MapViewOfSection
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\715.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\gbawthj | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\System32\cmd.exe | N/A |
| Token: SeImpersonatePrivilege | N/A | C:\Windows\System32\cmd.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-9A2M1.tmp\1BB7.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-EH6O8.tmp\301B.tmp | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\BroomSetup.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe
"C:\Users\Admin\AppData\Local\Temp\0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297.exe"
C:\Users\Admin\AppData\Local\Temp\BB9F.exe
C:\Users\Admin\AppData\Local\Temp\BB9F.exe
C:\Users\Admin\AppData\Local\Temp\BB9F.exe
C:\Users\Admin\AppData\Local\Temp\BB9F.exe
C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\C0C1.dll
C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\C0C1.dll
C:\Users\Admin\AppData\Local\Temp\D1C9.exe
C:\Users\Admin\AppData\Local\Temp\D1C9.exe
C:\Users\Admin\AppData\Local\Temp\D610.exe
C:\Users\Admin\AppData\Local\Temp\D610.exe
C:\Users\Admin\AppData\Local\Temp\F5FD.exe
C:\Users\Admin\AppData\Local\Temp\F5FD.exe
C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
"C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"
C:\Users\Admin\AppData\Local\Temp\InstallSetup4.exe
"C:\Users\Admin\AppData\Local\Temp\InstallSetup4.exe"
C:\Users\Admin\AppData\Local\Temp\BroomSetup.exe
C:\Users\Admin\AppData\Local\Temp\BroomSetup.exe
C:\Users\Admin\AppData\Local\Temp\FourthX.exe
"C:\Users\Admin\AppData\Local\Temp\FourthX.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Roaming\Temp\Task.bat" "
C:\Users\Admin\AppData\Local\Temp\nsf4A1.tmp
C:\Users\Admin\AppData\Local\Temp\nsf4A1.tmp
C:\Users\Admin\AppData\Local\Temp\715.exe
C:\Users\Admin\AppData\Local\Temp\715.exe
C:\Windows\SysWOW64\chcp.com
chcp 1251
C:\Users\Admin\AppData\Local\Temp\1BB7.exe
C:\Users\Admin\AppData\Local\Temp\1BB7.exe
C:\Users\Admin\AppData\Local\Temp\is-9A2M1.tmp\1BB7.tmp
"C:\Users\Admin\AppData\Local\Temp\is-9A2M1.tmp\1BB7.tmp" /SL5="$9023E,4470470,54272,C:\Users\Admin\AppData\Local\Temp\1BB7.exe"
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /tn "MalayamaraUpdate" /tr "'C:\Users\Admin\AppData\Local\Temp\Updater.exe'" /sc minute /mo 30 /F
C:\Users\Admin\AppData\Local\Info Tool Extension\infotoolext.exe
"C:\Users\Admin\AppData\Local\Info Tool Extension\infotoolext.exe" -i
C:\Users\Admin\AppData\Local\Info Tool Extension\infotoolext.exe
"C:\Users\Admin\AppData\Local\Info Tool Extension\infotoolext.exe" -s
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Users\Admin\AppData\Local\Temp\301B.exe
C:\Users\Admin\AppData\Local\Temp\301B.exe
C:\Users\Admin\AppData\Local\Temp\is-EH6O8.tmp\301B.tmp
"C:\Users\Admin\AppData\Local\Temp\is-EH6O8.tmp\301B.tmp" /SL5="$702D8,4314505,54272,C:\Users\Admin\AppData\Local\Temp\301B.exe"
C:\Users\Admin\AppData\Local\Temp\34AF.exe
C:\Users\Admin\AppData\Local\Temp\34AF.exe
C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
"C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\System32\cmd.exe
C:\Windows\Sysnative\cmd.exe /C "netsh advfirewall firewall add rule name="csrss" dir=in action=allow program="C:\Windows\rss\csrss.exe" enable=yes"
C:\Windows\system32\netsh.exe
netsh advfirewall firewall add rule name="csrss" dir=in action=allow program="C:\Windows\rss\csrss.exe" enable=yes
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramData) -ExclusionExtension '.exe' -Force
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe delete "UTIXDCVF"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c wusa /uninstall /kb:890830 /quiet /norestart
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe create "UTIXDCVF" binpath= "C:\ProgramData\xcfonrchdkar\vueqjgslwynd.exe" start= "auto"
C:\Windows\system32\wusa.exe
wusa /uninstall /kb:890830 /quiet /norestart
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe start "UTIXDCVF"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop eventlog
C:\Windows\rss\csrss.exe
C:\Windows\rss\csrss.exe
C:\ProgramData\xcfonrchdkar\vueqjgslwynd.exe
C:\ProgramData\xcfonrchdkar\vueqjgslwynd.exe
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramData) -ExclusionExtension '.exe' -Force
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Users\Admin\AppData\Roaming\agawthj
C:\Users\Admin\AppData\Roaming\agawthj
C:\Users\Admin\AppData\Roaming\gbawthj
C:\Users\Admin\AppData\Roaming\gbawthj
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 312 -s 14376
C:\Windows\system32\WerFault.exe
"C:\Windows\system32\WerFault.exe" -k -lc PoW32kWatchdog PoW32kWatchdog-20240223-0450.dm
C:\Windows\SYSTEM32\schtasks.exe
schtasks /CREATE /SC ONLOGON /RL HIGHEST /TR "C:\Windows\rss\csrss.exe" /TN csrss /F
C:\Windows\SYSTEM32\schtasks.exe
schtasks /delete /tn ScheduledUpdate /f
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10596 -s 492
C:\Users\Admin\AppData\Local\Temp\csrss\injector\injector.exe
C:\Users\Admin\AppData\Local\Temp\csrss\injector\injector.exe taskmgr.exe C:\Users\Admin\AppData\Local\Temp\csrss\injector\NtQuerySystemInformationHook.dll
C:\Windows\SYSTEM32\schtasks.exe
schtasks /CREATE /SC ONLOGON /RL HIGHEST /TR "C:\Windows\rss\csrss.exe" /TN csrss /F
C:\Windows\windefender.exe
"C:\Windows\windefender.exe"
C:\Windows\SysWOW64\cmd.exe
cmd.exe /C sc sdset WinDefender D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPLOCRSDRCWDWO;;;BA)(D;;WPDT;;;BA)(A;;CCLCSWLOCRRC;;;IU)(A;;CCLCSWLOCRRC;;;SU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)
C:\Windows\SysWOW64\sc.exe
sc sdset WinDefender D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPLOCRSDRCWDWO;;;BA)(D;;WPDT;;;BA)(A;;CCLCSWLOCRRC;;;IU)(A;;CCLCSWLOCRRC;;;SU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)
C:\Windows\windefender.exe
C:\Windows\windefender.exe
Network
| Country | Destination | Domain | Proto |
| US | 20.231.121.79:80 | tcp | |
| US | 8.8.8.8:53 | selebration17io.io | udp |
| RU | 91.215.85.120:80 | selebration17io.io | tcp |
| US | 8.8.8.8:53 | 120.85.215.91.in-addr.arpa | udp |
| N/A | 127.0.0.1:49801 | tcp | |
| NL | 185.142.239.49:4444 | tcp | |
| SG | 116.12.180.237:7443 | tcp | |
| UA | 193.218.118.100:9001 | tcp | |
| IL | 80.66.135.13:9001 | tcp | |
| DE | 194.140.117.58:993 | tcp | |
| DE | 185.172.128.19:80 | 185.172.128.19 | tcp |
| US | 8.8.8.8:53 | 19.128.172.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | resergvearyinitiani.shop | udp |
| US | 172.67.217.100:443 | resergvearyinitiani.shop | tcp |
| US | 8.8.8.8:53 | technologyenterdo.shop | udp |
| US | 104.21.80.118:443 | technologyenterdo.shop | tcp |
| US | 8.8.8.8:53 | lighterepisodeheighte.fun | udp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 8.8.8.8:53 | 118.80.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.217.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | detectordiscusser.shop | udp |
| US | 104.21.60.92:443 | detectordiscusser.shop | tcp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 8.8.8.8:53 | turkeyunlikelyofw.shop | udp |
| US | 172.67.202.191:443 | turkeyunlikelyofw.shop | tcp |
| US | 8.8.8.8:53 | 92.60.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | trmpc.com | udp |
| US | 8.8.8.8:53 | associationokeo.shop | udp |
| KR | 211.181.24.132:80 | trmpc.com | tcp |
| US | 104.21.10.242:443 | associationokeo.shop | tcp |
| US | 8.8.8.8:53 | 191.202.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.10.21.104.in-addr.arpa | udp |
| DE | 185.172.128.90:80 | 185.172.128.90 | tcp |
| US | 8.8.8.8:53 | 132.24.181.211.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.128.172.185.in-addr.arpa | udp |
| DE | 185.172.128.127:80 | 185.172.128.127 | tcp |
| US | 8.8.8.8:53 | 127.128.172.185.in-addr.arpa | udp |
| DE | 185.172.128.145:80 | 185.172.128.145 | tcp |
| US | 8.8.8.8:53 | en.bestsup.su | udp |
| US | 104.21.29.103:80 | en.bestsup.su | tcp |
| US | 8.8.8.8:53 | 145.128.172.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.29.21.104.in-addr.arpa | udp |
| GB | 109.150.12.235:443 | tcp | |
| DE | 131.188.40.189:443 | tcp | |
| US | 8.8.8.8:53 | 189.40.188.131.in-addr.arpa | udp |
| FI | 95.217.36.40:9993 | tcp | |
| LT | 217.117.29.93:443 | tcp | |
| US | 8.8.8.8:53 | 93.29.117.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.36.217.95.in-addr.arpa | udp |
| AT | 5.42.64.33:80 | 5.42.64.33 | tcp |
| US | 8.8.8.8:53 | 33.64.42.5.in-addr.arpa | udp |
| LT | 217.117.29.93:443 | tcp | |
| FI | 95.217.36.40:9993 | tcp | |
| CA | 68.67.32.31:9001 | tcp | |
| US | 8.8.8.8:53 | 31.32.67.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sjyey.com | udp |
| AR | 186.13.17.220:80 | sjyey.com | tcp |
| US | 8.8.8.8:53 | 220.17.13.186.in-addr.arpa | udp |
| AR | 186.13.17.220:80 | sjyey.com | tcp |
| US | 8.8.8.8:53 | blog.insideafrika.store | udp |
| US | 8.8.8.8:53 | blog.insideafrika.store | udp |
| US | 8.8.8.8:53 | cmrfalabella.com | udp |
| US | 8.8.8.8:53 | cmrfalabella.com | udp |
| US | 8.8.8.8:53 | tplinkrepeater.net | udp |
| US | 104.21.56.52:22 | blog.insideafrika.store | tcp |
| US | 8.8.8.8:53 | tplinkrepeater.net | udp |
| US | 104.21.56.52:443 | blog.insideafrika.store | tcp |
| US | 3.224.42.34:22 | tplinkrepeater.net | tcp |
| US | 8.8.8.8:53 | esinav.istanbul.edu.tr | udp |
| US | 104.21.56.52:21 | blog.insideafrika.store | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 104.21.56.52:143 | blog.insideafrika.store | tcp |
| US | 3.224.42.34:21 | tplinkrepeater.net | tcp |
| US | 8.8.8.8:53 | esinav.istanbul.edu.tr | udp |
| US | 172.67.177.254:22 | blog.insideafrika.store | tcp |
| US | 3.224.42.34:443 | tplinkrepeater.net | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 104.21.56.52:465 | blog.insideafrika.store | tcp |
| TR | 194.27.136.247:22 | esinav.istanbul.edu.tr | tcp |
| US | 8.8.8.8:53 | miaula.seguelrobotics.com | udp |
| US | 8.8.8.8:53 | mail1.falabella.cl.cmrfalabella.com | udp |
| US | 104.21.56.52:80 | blog.insideafrika.store | tcp |
| NL | 108.177.119.84:22 | accounts.google.com | tcp |
| N/A | 127.0.0.1:15078 | tcp | |
| US | 172.67.177.254:21 | blog.insideafrika.store | tcp |
| NL | 108.177.119.84:21 | accounts.google.com | tcp |
| TR | 194.27.136.247:21 | esinav.istanbul.edu.tr | tcp |
| US | 8.8.8.8:53 | miaula.seguelrobotics.com | udp |
| US | 172.67.177.254:143 | blog.insideafrika.store | tcp |
| US | 8.8.8.8:53 | xim4.com | udp |
| US | 104.21.56.52:995 | blog.insideafrika.store | tcp |
| US | 8.8.8.8:53 | cmrfalabella.com | udp |
| US | 3.227.55.118:22 | miaula.seguelrobotics.com | tcp |
| US | 172.67.177.254:465 | blog.insideafrika.store | tcp |
| TR | 194.27.136.247:443 | esinav.istanbul.edu.tr | tcp |
| US | 3.224.42.34:143 | tplinkrepeater.net | tcp |
| US | 172.67.177.254:995 | blog.insideafrika.store | tcp |
| US | 8.8.8.8:53 | xim4.com | udp |
| US | 3.227.55.118:21 | miaula.seguelrobotics.com | tcp |
| NL | 108.177.119.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.alipay.com | udp |
| US | 104.21.24.113:22 | xim4.com | tcp |
| US | 172.67.218.91:22 | xim4.com | tcp |
| US | 3.224.42.34:465 | tplinkrepeater.net | tcp |
| US | 3.224.42.34:80 | tplinkrepeater.net | tcp |
| US | 8.8.8.8:53 | accounts.alipay.com | udp |
| US | 8.8.8.8:53 | webbanking.bancopan.com.br | udp |
| US | 8.8.8.8:53 | webbanking.bancopan.com.br | udp |
| US | 8.8.8.8:53 | bdvenlinea.banvenez.com | udp |
| US | 8.8.8.8:53 | cmrfalabella.com | udp |
| US | 8.8.8.8:53 | webbanking.bancopan.com.br | udp |
| US | 8.8.8.8:53 | bdvenlinea.banvenez.com | udp |
| US | 8.8.8.8:53 | vrchat.com | udp |
| US | 8.8.8.8:53 | 52.56.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | vrchat.com | udp |
| US | 8.8.8.8:53 | meualelo.com.br | udp |
| US | 8.8.8.8:53 | webbanking.bancopan.com.br | udp |
| US | 8.8.8.8:53 | meualelo.com.br | udp |
| US | 8.8.8.8:53 | hrkgame.com | udp |
| US | 8.8.8.8:53 | hrkgame.com | udp |
| US | 8.8.8.8:53 | users.nexusmods.com | udp |
| US | 8.8.8.8:53 | alt1.gmr-smtp-in.l.google.com | udp |
| TR | 194.27.136.247:80 | esinav.istanbul.edu.tr | tcp |
| US | 8.8.8.8:53 | users.nexusmods.com | udp |
| US | 8.8.8.8:53 | ver.zapitv.com | udp |
| NL | 108.177.119.84:80 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | smartr.me | udp |
| US | 8.8.8.8:53 | smartr.me | udp |
| US | 8.8.8.8:53 | certifiedfieldassociate.com | udp |
| US | 8.8.8.8:53 | certifiedfieldassociate.com | udp |
| US | 8.8.8.8:53 | mascotapuntos.com | udp |
| US | 8.8.8.8:53 | mascotapuntos.com | udp |
| US | 8.8.8.8:53 | ver.zapitv.com | udp |
| US | 8.8.8.8:53 | 34.42.224.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | web.roblox.com | udp |
| US | 8.8.8.8:53 | badlion.net | udp |
| US | 8.8.8.8:53 | web.roblox.com | udp |
| US | 104.21.56.52:443 | blog.insideafrika.store | tcp |
| US | 8.8.8.8:53 | badlion.net | udp |
| US | 8.8.8.8:53 | login3.id.hp.com | udp |
| US | 8.8.8.8:53 | mail1.falabella.cl.cmrfalabella.com | udp |
| US | 8.8.8.8:53 | login3.id.hp.com | udp |
| US | 3.227.55.118:80 | miaula.seguelrobotics.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 3.227.55.118:80 | miaula.seguelrobotics.com | tcp |
| US | 8.8.8.8:53 | jobs.partneragencies.net | udp |
| US | 8.8.8.8:53 | hb.redlink.com.ar | udp |
| US | 8.8.8.8:53 | hb.redlink.com.ar | udp |
| US | 8.8.8.8:53 | jobs.partneragencies.net | udp |
| US | 104.21.24.113:80 | xim4.com | tcp |
| US | 8.8.8.8:53 | 118.55.227.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cmrfalabella.com | udp |
| US | 8.8.8.8:53 | lpse.sultengprov.go.id | udp |
| US | 8.8.8.8:53 | lpse.sultengprov.go.id | udp |
| US | 8.8.8.8:53 | diverhotel.tk | udp |
| US | 8.8.8.8:53 | diverhotel.tk | udp |
| US | 8.8.8.8:53 | 247.136.27.194.in-addr.arpa | udp |
| US | 8.8.8.8:53 | support.edubrite.com | udp |
| US | 8.8.8.8:53 | support.edubrite.com | udp |
| US | 8.8.8.8:53 | account.envato.com | udp |
| US | 8.8.8.8:53 | account.envato.com | udp |
| US | 104.21.24.113:80 | xim4.com | tcp |
| US | 8.8.8.8:53 | ajg.tjsc.jus.br | udp |
| US | 8.8.8.8:53 | cmrfalabella.com | udp |
| US | 8.8.8.8:53 | 84.119.177.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ajg.tjsc.jus.br | udp |
| US | 8.8.8.8:53 | mail1.falabella.cl.cmrfalabella.com | udp |
| US | 8.8.8.8:53 | en.aion.gameforge.com | udp |
| US | 8.8.8.8:53 | en.aion.gameforge.com | udp |
| US | 8.8.8.8:53 | metin2eth.ro | udp |
| US | 8.8.8.8:53 | metin2eth.ro | udp |
| US | 8.8.8.8:53 | transsolucoes.com.br | udp |
| US | 3.224.42.34:80 | tplinkrepeater.net | tcp |
| CN | 110.75.129.2:80 | accounts.alipay.com | tcp |
| US | 8.8.8.8:53 | transsolucoes.com.br | udp |
| US | 8.8.8.8:53 | platform.mangahigh.com | udp |
| CN | 110.76.30.76:80 | accounts.alipay.com | tcp |
| US | 3.224.42.34:80 | tplinkrepeater.net | tcp |
| CN | 110.75.129.2:80 | accounts.alipay.com | tcp |
| US | 8.8.8.8:53 | tutormathphysics.com | udp |
| US | 8.8.8.8:53 | tutormathphysics.com | udp |
| US | 8.8.8.8:53 | login.caixa.gov.br | udp |
| US | 8.8.8.8:53 | login.caixa.gov.br | udp |
| US | 8.8.8.8:53 | tinhte.vn | udp |
| US | 8.8.8.8:53 | tinhte.vn | udp |
| US | 8.8.8.8:53 | gra105.truehost.cloud | udp |
| US | 8.8.8.8:53 | webbanking.bancopan.com.br | udp |
| US | 8.8.8.8:53 | gra105.truehost.cloud | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | webbanking.bancopan.com.br | udp |
| US | 8.8.8.8:53 | webbanking.bancopan.com.br | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | clientes.vidasecurity.cl | udp |
| US | 8.8.8.8:53 | webbanking.bancopan.com.br | udp |
| US | 8.8.8.8:53 | almaany.com | udp |
| US | 8.8.8.8:53 | clientes.vidasecurity.cl | udp |
| US | 8.8.8.8:53 | cmrfalabella.com | udp |
| US | 8.8.8.8:53 | almaany.com | udp |
| US | 8.8.8.8:53 | airworld.site | udp |
| US | 8.8.8.8:53 | airworld.site | udp |
| US | 8.8.8.8:53 | kissanime.ac | udp |
| US | 8.8.8.8:53 | webbanking.bancopan.com.br | udp |
| US | 8.8.8.8:53 | kissanime.ac | udp |
| US | 8.8.8.8:53 | scener.com | udp |
| US | 8.8.8.8:53 | scener.com | udp |
| US | 8.8.8.8:53 | gunbound.ca | udp |
| AR | 186.13.17.220:80 | sjyey.com | tcp |
| US | 8.8.8.8:53 | gunbound.ca | udp |
| US | 8.8.8.8:53 | aspmx.l.google.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | eservice.incometax.gov.eg | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | eservice.incometax.gov.eg | udp |
| US | 8.8.8.8:53 | acsunity.honeywell.com | udp |
| US | 8.8.8.8:53 | acsunity.honeywell.com | udp |
| US | 8.8.8.8:53 | dd.samsunglife.co.th | udp |
| US | 8.8.8.8:53 | krunker.io | udp |
| US | 8.8.8.8:53 | krunker.io | udp |
| US | 8.8.8.8:53 | cmrfalabella.com | udp |
| US | 8.8.8.8:53 | dd.samsunglife.co.th | udp |
| US | 8.8.8.8:53 | valu.com.eg | udp |
| US | 8.8.8.8:53 | valu.com.eg | udp |
| US | 8.8.8.8:53 | join.secondlife.com | udp |
| US | 8.8.8.8:53 | webbanking.bancopan.com.br | udp |
| US | 8.8.8.8:53 | join.secondlife.com | udp |
| US | 8.8.8.8:53 | accountscenter.facebook.com | udp |
| US | 8.8.8.8:53 | accountscenter.facebook.com | udp |
| US | 8.8.8.8:53 | concurso.institutoconsulplan.org.br | udp |
| US | 8.8.8.8:53 | concurso.institutoconsulplan.org.br | udp |
| US | 8.8.8.8:53 | id.cisco.com | udp |
| US | 8.8.8.8:53 | id.cisco.com | udp |
| US | 8.8.8.8:53 | 99offsale.com | udp |
| US | 8.8.8.8:53 | mx.zoho.com | udp |
| US | 8.8.8.8:53 | 99offsale.com | udp |
| US | 8.8.8.8:53 | sv.gamebank.vn | udp |
| US | 8.8.8.8:53 | sv.gamebank.vn | udp |
| US | 8.8.8.8:53 | myaccount.infotelconnect.com | udp |
| US | 8.8.8.8:53 | myaccount.infotelconnect.com | udp |
| US | 8.8.8.8:53 | sso.acesso.gov.br | udp |
| US | 8.8.8.8:53 | thulasi.psc.kerala.gov.in | udp |
| US | 8.8.8.8:53 | sso.acesso.gov.br | udp |
| US | 8.8.8.8:53 | thulasi.psc.kerala.gov.in | udp |
| US | 8.8.8.8:53 | giris.turkiye.gov.tr | udp |
| US | 8.8.8.8:53 | giris.turkiye.gov.tr | udp |
| US | 8.8.8.8:53 | ufabett.online | udp |
| US | 8.8.8.8:53 | ufabett.online | udp |
| US | 8.8.8.8:53 | mercado-brasileiro.com | udp |
| TR | 194.27.136.247:80 | esinav.istanbul.edu.tr | tcp |
| US | 8.8.8.8:53 | mercado-brasileiro.com | udp |
| US | 8.8.8.8:53 | serwer.mx | udp |
| US | 8.8.8.8:53 | agcareersolutions.com | udp |
| US | 8.8.8.8:53 | serwer.mx | udp |
| US | 8.8.8.8:53 | agcareersolutions.com | udp |
| CN | 110.76.30.76:80 | accounts.alipay.com | tcp |
| US | 8.8.8.8:53 | sipd.kemendagri.go.id | udp |
| US | 8.8.8.8:53 | sipd.kemendagri.go.id | udp |
| US | 8.8.8.8:53 | riso.com.tw | udp |
| US | 8.8.8.8:53 | riso.com.tw | udp |
| US | 8.8.8.8:53 | crowdsourcera.xyz | udp |
| US | 8.8.8.8:53 | crowdsourcera.xyz | udp |
| US | 8.8.8.8:53 | everskies.com | udp |
| US | 8.8.8.8:53 | everskies.com | udp |
| US | 8.8.8.8:53 | app.proworkflow.com | udp |
| US | 8.8.8.8:53 | app.proworkflow.com | udp |
| US | 8.8.8.8:53 | chess24.com | udp |
| US | 8.8.8.8:53 | chess24.com | udp |
| US | 8.8.8.8:53 | diaadiaeducacao.pr.gov.br | udp |
| US | 8.8.8.8:53 | eu-smtp-inbound-1.mimecast.com | udp |
| US | 8.8.8.8:53 | diaadiaeducacao.pr.gov.br | udp |
| US | 8.8.8.8:53 | studijos.liemsis.lt | udp |
| US | 8.8.8.8:53 | studijos.liemsis.lt | udp |
| US | 8.8.8.8:53 | mascotapuntos-com.mail.protection.outlook.com | udp |
| US | 8.8.8.8:53 | enabiz.gov.tr | udp |
| US | 8.8.8.8:53 | clientes.totalenergies.es | udp |
| US | 8.8.8.8:53 | djponline.pajak.go.id | udp |
| US | 8.8.8.8:53 | enabiz.gov.tr | udp |
| US | 8.8.8.8:53 | djponline.pajak.go.id | udp |
| US | 8.8.8.8:53 | nfqf-haylage.co.uk | udp |
| US | 8.8.8.8:53 | cloud1.hosting-europa.eu | udp |
| US | 8.8.8.8:53 | nfqf-haylage.co.uk | udp |
| US | 8.8.8.8:53 | vsl.co.at | udp |
| US | 8.8.8.8:53 | tplinkrepeater.net | udp |
| US | 8.8.8.8:53 | vsl.co.at | udp |
| US | 8.8.8.8:53 | magico.one | udp |
| US | 8.8.8.8:53 | baji999.com | udp |
| US | 8.8.8.8:53 | magico.one | udp |
| US | 8.8.8.8:53 | baji999.com | udp |
| US | 8.8.8.8:53 | challonge.com | udp |
| US | 8.8.8.8:53 | epicslot88.com | udp |
| US | 8.8.8.8:53 | challonge.com | udp |
| US | 8.8.8.8:53 | epicslot88.com | udp |
| US | 8.8.8.8:53 | api.splitscreenstudios.com | udp |
| US | 8.8.8.8:53 | api.splitscreenstudios.com | udp |
| US | 8.8.8.8:53 | sadad.shaparak.ir | udp |
| US | 8.8.8.8:53 | sadad.shaparak.ir | udp |
| US | 8.8.8.8:53 | jobs.lidl.com | udp |
| US | 8.8.8.8:53 | jobs.lidl.com | udp |
| US | 8.8.8.8:53 | idp.impots.gouv.fr | udp |
| US | 8.8.8.8:53 | simonrodriguez.com.bo | udp |
| US | 8.8.8.8:53 | simonrodriguez.com.bo | udp |
| US | 8.8.8.8:53 | idp.impots.gouv.fr | udp |
| US | 8.8.8.8:53 | bigo.tv | udp |
| US | 8.8.8.8:53 | bigo.tv | udp |
| US | 8.8.8.8:53 | login.paysafecard.com | udp |
| US | 8.8.8.8:53 | vahan.nic.in | udp |
| US | 8.8.8.8:53 | zerochan.net | udp |
| US | 8.8.8.8:53 | zerochan.net | udp |
| US | 8.8.8.8:53 | vahan.nic.in | udp |
| US | 8.8.8.8:53 | login.paysafecard.com | udp |
| US | 8.8.8.8:53 | smkn1binjai.ujiandaring.id | udp |
| US | 8.8.8.8:53 | smkn1binjai.ujiandaring.id | udp |
| US | 8.8.8.8:53 | bloqueio.procon.sp.gov.br | udp |
| US | 8.8.8.8:53 | mail1.falabella.cl.cmrfalabella.com | udp |
| US | 8.8.8.8:53 | bloqueio.procon.sp.gov.br | udp |
| US | 8.8.8.8:53 | premium184.web-hosting.com | udp |
| US | 8.8.8.8:53 | premium184.web-hosting.com | udp |
| US | 8.8.8.8:53 | roobet.com | udp |
| US | 8.8.8.8:53 | roobet.com | udp |
| US | 8.8.8.8:53 | es-es.facebook.com | udp |
| US | 8.8.8.8:53 | thongtinhoso.hutech.edu.vn | udp |
| US | 8.8.8.8:53 | es-es.facebook.com | udp |
| US | 8.8.8.8:53 | thongtinhoso.hutech.edu.vn | udp |
| US | 8.8.8.8:53 | combatsiege.com | udp |
| US | 8.8.8.8:53 | combatsiege.com | udp |
| US | 8.8.8.8:53 | monespaceprive.msa.fr | udp |
| US | 8.8.8.8:53 | monespaceprive.msa.fr | udp |
| US | 8.8.8.8:53 | bizbazar.com.np | udp |
| US | 8.8.8.8:53 | bizbazar.com.np | udp |
| US | 8.8.8.8:53 | norwellschools.okta.com | udp |
| US | 8.8.8.8:53 | norwellschools.okta.com | udp |
| US | 8.8.8.8:53 | ggsipu.wheebox.com | udp |
| US | 8.8.8.8:53 | ggsipu.wheebox.com | udp |
| US | 8.8.8.8:53 | daominhha.net | udp |
| US | 8.8.8.8:53 | daominhha.net | udp |
| US | 8.8.8.8:53 | klase.eduka.lt | udp |
| US | 8.8.8.8:53 | klase.eduka.lt | udp |
| US | 8.8.8.8:53 | sso.acesso.gov.br | udp |
| US | 8.8.8.8:53 | embudasartesportal.sissonline.com.br | udp |
| US | 8.8.8.8:53 | embudasartesportal.sissonline.com.br | udp |
| US | 8.8.8.8:53 | mfo3.pl | udp |
| US | 8.8.8.8:53 | k12online.vn | udp |
| US | 8.8.8.8:53 | k12online.vn | udp |
| US | 8.8.8.8:53 | alfonsougarte.cubicol.pe | udp |
| US | 8.8.8.8:53 | alfonsougarte.cubicol.pe | udp |
| US | 8.8.8.8:53 | ltvnsplsk28.hostex.lt | udp |
| US | 8.8.8.8:53 | ltvnsplsk28.hostex.lt | udp |
| US | 8.8.8.8:53 | hyundai.naviextras.com | udp |
| US | 8.8.8.8:53 | hyundai.naviextras.com | udp |
| US | 8.8.8.8:53 | pulsoregional5.milaulas.com | udp |
| US | 8.8.8.8:53 | pulsoregional5.milaulas.com | udp |
| US | 8.8.8.8:53 | vosmms.com | udp |
| US | 8.8.8.8:53 | 113.24.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | vosmms.com | udp |
| US | 8.8.8.8:53 | auth.discogs.com | udp |
| US | 8.8.8.8:53 | performancemanager8.successfactors.com | udp |
| US | 8.8.8.8:53 | auth.discogs.com | udp |
| US | 8.8.8.8:53 | performancemanager8.successfactors.com | udp |
| US | 8.8.8.8:53 | cmrfalabella.com | udp |
| US | 8.8.8.8:53 | croquis.cafe | udp |
| US | 8.8.8.8:53 | croquis.cafe | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | abbonamentiunicocampania.it | udp |
| US | 8.8.8.8:53 | conta.nubank.com.br | udp |
| US | 8.8.8.8:53 | abbonamentiunicocampania.it | udp |
| US | 8.8.8.8:53 | conta.nubank.com.br | udp |
| US | 8.8.8.8:53 | sitara.tapera.go.id | udp |
| US | 8.8.8.8:53 | sitara.tapera.go.id | udp |
| US | 8.8.8.8:53 | th-th.facebook.com | udp |
| US | 8.8.8.8:53 | net2ftp.cluster028.hosting.ovh.net | udp |
| US | 8.8.8.8:53 | th-th.facebook.com | udp |
| US | 8.8.8.8:53 | ovidsp.dc1.ovid.com | udp |
| US | 8.8.8.8:53 | net2ftp.cluster028.hosting.ovh.net | udp |
| US | 8.8.8.8:53 | ovidsp.dc1.ovid.com | udp |
| US | 8.8.8.8:53 | auth.esfera.com.vc | udp |
| US | 8.8.8.8:53 | diverhotel.tk | udp |
| US | 8.8.8.8:53 | auth.esfera.com.vc | udp |
| US | 8.8.8.8:53 | auth.riotgames.com | udp |
| US | 8.8.8.8:53 | auth.riotgames.com | udp |
| US | 8.8.8.8:53 | lp.bigfarm.goodgamestudios.com | udp |
| US | 8.8.8.8:53 | lp.bigfarm.goodgamestudios.com | udp |
| US | 8.8.8.8:53 | metin2eth.ro | udp |
| US | 8.8.8.8:53 | accounts.alipay.com | udp |
| US | 8.8.8.8:53 | mx.core.locaweb.com.br | udp |
| US | 8.8.8.8:53 | login.caixa.gov.br | udp |
| US | 8.8.8.8:53 | webbanking.bancopan.com.br | udp |
| US | 8.8.8.8:53 | mail.tutormathphysics.com | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | airworld.site | udp |
| US | 8.8.8.8:53 | park-mx.above.com | udp |
| US | 8.8.8.8:53 | aspmx3.googlemail.com | udp |
| US | 8.8.8.8:53 | us-smtp-inbound-1.mimecast.com | udp |
| US | 8.8.8.8:53 | honeywell-com.mail.protection.outlook.com | udp |
| US | 8.8.8.8:53 | acsunity.honeywell.com | udp |
| US | 8.8.8.8:53 | mx1.privateemail.com | udp |
| US | 8.8.8.8:53 | mx9.valu.com.eg | udp |
| US | 8.8.8.8:53 | valu.com.eg | udp |
| US | 8.8.8.8:53 | join.secondlife.com | udp |
| US | 104.18.193.54:80 | account.envato.com | tcp |
| US | 104.22.34.185:80 | platform.mangahigh.com | tcp |
| VN | 171.244.37.50:80 | tinhte.vn | tcp |
| US | 104.25.113.15:80 | almaany.com | tcp |
| US | 172.67.173.178:80 | gunbound.ca | tcp |
| BR | 200.9.164.12:80 | ajg.tjsc.jus.br | tcp |
| FR | 51.75.130.83:80 | gra105.truehost.cloud | tcp |
| CA | 174.142.187.169:80 | support.edubrite.com | tcp |
| TH | 43.249.35.149:80 | mail.tutormathphysics.com | tcp |
| BR | 186.202.150.241:80 | transsolucoes.com.br | tcp |
| US | 103.224.182.253:80 | kissanime.ac | tcp |
| CL | 179.0.2.124:80 | clientes.vidasecurity.cl | tcp |
| US | 76.76.21.21:80 | scener.com | tcp |
| DE | 79.110.87.192:80 | en.aion.gameforge.com | tcp |
| US | 104.18.8.28:80 | krunker.io | tcp |
| EG | 102.212.67.40:80 | valu.com.eg | tcp |
| US | 8.8.8.8:53 | join.secondlife.com | udp |
| US | 8.8.8.8:53 | id.cisco.com | udp |
| US | 8.8.8.8:53 | 99offsale.com | udp |
| US | 8.8.8.8:53 | mx.zoho.com | udp |
| US | 8.8.8.8:53 | sso.acesso.gov.br | udp |
| US | 8.8.8.8:53 | pop.thulasi.psc.kerala.gov.in | udp |
| US | 8.8.8.8:53 | ufabett.online | udp |
| US | 8.8.8.8:53 | agcareersolutions.com | udp |
| US | 8.8.8.8:53 | riso.com.tw | udp |
| US | 8.8.8.8:53 | smartr.me | udp |
| US | 8.8.8.8:53 | mail.chess24.com | udp |
| US | 8.8.8.8:53 | diaadiaeducacao.pr.gov.br | udp |
| US | 8.8.8.8:53 | mascotapuntos-com.mail.protection.outlook.com | udp |
| US | 8.8.8.8:53 | mail.nfqf-haylage.co.uk | udp |
| US | 8.8.8.8:53 | mail-proxy.massresponse.com | udp |
| US | 172.67.173.178:80 | gunbound.ca | tcp |
| EG | 102.212.67.40:80 | valu.com.eg | tcp |
| GB | 92.123.241.50:80 | store.steampowered.com | tcp |
| GB | 23.214.154.77:80 | steamcommunity.com | tcp |
| TH | 58.137.124.236:80 | dd.samsunglife.co.th | tcp |
| US | 8.8.8.8:53 | sjyey.com | udp |
| KR | 211.181.24.132:80 | sjyey.com | tcp |
| SE | 45.155.250.90:53 | bwvdnbh.com | udp |
| IN | 13.233.54.93:80 | baji999.com | tcp |
| US | 8.8.8.8:53 | web.roblox.com | udp |
| IN | 103.251.43.179:80 | pop.thulasi.psc.kerala.gov.in | tcp |
| US | 104.18.8.28:80 | krunker.io | tcp |
| EG | 196.46.22.227:80 | eservice.incometax.gov.eg | tcp |
| AT | 62.240.131.80:80 | vsl.co.at | tcp |
| ZA | 156.38.230.159:80 | mail.nfqf-haylage.co.uk | tcp |
| US | 104.21.24.113:80 | xim4.com | tcp |
| IN | 13.233.54.93:80 | baji999.com | tcp |
| ID | 103.28.106.147:80 | djponline.pajak.go.id | tcp |
| PT | 85.88.141.236:80 | clientes.totalenergies.es | tcp |
| TR | 212.175.172.9:80 | enabiz.gov.tr | tcp |
| LT | 193.219.156.215:80 | studijos.liemsis.lt | tcp |
| US | 8.8.8.8:53 | mx.bigo.tv | udp |
| US | 8.8.8.8:53 | login3.id.hp.com | udp |
| US | 8.8.8.8:53 | 54.193.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.34.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.113.25.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.173.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.164.9.200.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.187.142.174.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.21.76.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.87.110.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.35.249.43.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.182.224.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.8.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.2.0.179.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.202.186.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sso.acesso.gov.br | udp |
| US | 8.8.8.8:53 | 77.154.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.241.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.5.a.f.b.9.d.2.ip6.arpa | udp |
| US | 8.8.8.8:53 | 8.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.54.233.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.131.240.62.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.22.46.196.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 236.141.88.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.172.175.212.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.106.28.103.in-addr.arpa | udp |
| KR | 211.181.24.132:80 | sjyey.com | tcp |
| US | 8.8.8.8:53 | 209.178.17.96.in-addr.arpa | udp |
| KR | 211.181.24.132:80 | sjyey.com | tcp |
| IT | 185.196.8.22:80 | bwvdnbh.com | tcp |
| NL | 45.155.249.96:2023 | tcp | |
| US | 8.8.8.8:53 | 62ae8793-07e8-42fb-8fa2-402cbb5c0e77.uuid.statsexplorer.org | udp |
| US | 8.8.8.8:53 | 22.8.196.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.249.155.45.in-addr.arpa | udp |
| KR | 211.181.24.132:80 | sjyey.com | tcp |
| US | 8.8.8.8:53 | 129.134.221.88.in-addr.arpa | udp |
| KR | 211.181.24.132:80 | sjyey.com | tcp |
| KR | 211.181.24.132:80 | sjyey.com | tcp |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:51427 | tcp | |
| N/A | 127.0.0.1:51435 | tcp | |
| N/A | 127.0.0.1:51438 | tcp | |
| N/A | 127.0.0.1:51447 | tcp | |
| N/A | 127.0.0.1:51450 | tcp | |
| N/A | 127.0.0.1:51452 | tcp | |
| N/A | 127.0.0.1:51460 | tcp | |
| N/A | 127.0.0.1:51465 | tcp | |
| N/A | 127.0.0.1:51473 | tcp | |
| N/A | 127.0.0.1:51476 | tcp | |
| N/A | 127.0.0.1:51479 | tcp | |
| N/A | 127.0.0.1:51482 | tcp | |
| N/A | 127.0.0.1:51485 | tcp | |
| N/A | 127.0.0.1:51487 | tcp | |
| N/A | 127.0.0.1:51495 | tcp | |
| N/A | 127.0.0.1:51500 | tcp | |
| N/A | 127.0.0.1:51506 | tcp | |
| N/A | 127.0.0.1:51509 | tcp | |
| N/A | 127.0.0.1:51512 | tcp | |
| N/A | 127.0.0.1:51519 | tcp | |
| N/A | 127.0.0.1:51522 | tcp | |
| N/A | 127.0.0.1:51525 | tcp | |
| N/A | 127.0.0.1:51528 | tcp | |
| N/A | 127.0.0.1:51532 | tcp | |
| N/A | 127.0.0.1:51535 | tcp | |
| N/A | 127.0.0.1:51540 | tcp | |
| N/A | 127.0.0.1:51544 | tcp | |
| N/A | 127.0.0.1:51548 | tcp | |
| N/A | 127.0.0.1:51551 | tcp | |
| N/A | 127.0.0.1:51555 | tcp | |
| N/A | 127.0.0.1:51560 | tcp | |
| N/A | 127.0.0.1:51564 | tcp | |
| N/A | 127.0.0.1:51568 | tcp | |
| N/A | 127.0.0.1:51575 | tcp | |
| N/A | 127.0.0.1:51583 | tcp | |
| N/A | 127.0.0.1:51586 | tcp | |
| N/A | 127.0.0.1:51589 | tcp | |
| N/A | 127.0.0.1:51596 | tcp | |
| N/A | 127.0.0.1:51602 | tcp | |
| N/A | 127.0.0.1:51605 | tcp | |
| N/A | 127.0.0.1:51608 | tcp | |
| N/A | 127.0.0.1:51618 | tcp | |
| N/A | 127.0.0.1:51622 | tcp | |
| N/A | 127.0.0.1:51625 | tcp | |
| N/A | 127.0.0.1:51630 | tcp | |
| N/A | 127.0.0.1:51635 | tcp | |
| N/A | 127.0.0.1:51638 | tcp | |
| N/A | 127.0.0.1:51641 | tcp | |
| N/A | 127.0.0.1:51652 | tcp | |
| N/A | 127.0.0.1:51655 | tcp | |
| N/A | 127.0.0.1:51659 | tcp | |
| N/A | 127.0.0.1:51665 | tcp | |
| N/A | 127.0.0.1:51670 | tcp | |
| N/A | 127.0.0.1:51674 | tcp | |
| N/A | 127.0.0.1:51677 | tcp | |
| N/A | 127.0.0.1:51683 | tcp | |
| N/A | 127.0.0.1:51686 | tcp | |
| N/A | 127.0.0.1:51691 | tcp | |
| N/A | 127.0.0.1:51696 | tcp | |
| N/A | 127.0.0.1:51698 | tcp | |
| N/A | 127.0.0.1:51702 | tcp | |
| N/A | 127.0.0.1:51708 | tcp | |
| N/A | 127.0.0.1:51713 | tcp | |
| N/A | 127.0.0.1:51717 | tcp | |
| N/A | 127.0.0.1:51719 | tcp | |
| N/A | 127.0.0.1:51723 | tcp | |
| N/A | 127.0.0.1:51733 | tcp | |
| N/A | 127.0.0.1:51738 | tcp | |
| N/A | 127.0.0.1:51741 | tcp | |
| N/A | 127.0.0.1:51752 | tcp | |
| N/A | 127.0.0.1:51755 | tcp | |
| N/A | 127.0.0.1:51761 | tcp | |
| N/A | 127.0.0.1:51763 | tcp | |
| N/A | 127.0.0.1:51767 | tcp | |
| N/A | 127.0.0.1:51769 | tcp | |
| N/A | 127.0.0.1:51774 | tcp | |
| N/A | 127.0.0.1:51780 | tcp | |
| N/A | 127.0.0.1:51784 | tcp | |
| N/A | 127.0.0.1:51793 | tcp | |
| N/A | 127.0.0.1:51803 | tcp | |
| N/A | 127.0.0.1:51810 | tcp | |
| N/A | 127.0.0.1:51814 | tcp | |
| N/A | 127.0.0.1:51817 | tcp | |
| N/A | 127.0.0.1:51820 | tcp | |
| N/A | 127.0.0.1:51830 | tcp | |
| N/A | 127.0.0.1:51833 | tcp | |
| N/A | 127.0.0.1:51836 | tcp | |
| N/A | 127.0.0.1:51840 | tcp | |
| N/A | 127.0.0.1:51843 | tcp | |
| N/A | 127.0.0.1:51847 | tcp | |
| N/A | 127.0.0.1:51855 | tcp | |
| N/A | 127.0.0.1:51859 | tcp | |
| N/A | 127.0.0.1:51863 | tcp | |
| N/A | 127.0.0.1:51866 | tcp | |
| N/A | 127.0.0.1:51869 | tcp | |
| N/A | 127.0.0.1:51875 | tcp | |
| N/A | 127.0.0.1:51883 | tcp | |
| N/A | 127.0.0.1:51887 | tcp | |
| N/A | 127.0.0.1:51895 | tcp | |
| N/A | 127.0.0.1:51897 | tcp | |
| N/A | 127.0.0.1:51901 | tcp | |
| N/A | 127.0.0.1:51905 | tcp | |
| N/A | 127.0.0.1:51907 | tcp | |
| N/A | 127.0.0.1:51911 | tcp | |
| N/A | 127.0.0.1:51914 | tcp | |
| N/A | 127.0.0.1:51916 | tcp | |
| N/A | 127.0.0.1:51921 | tcp | |
| N/A | 127.0.0.1:51930 | tcp | |
| N/A | 127.0.0.1:51933 | tcp | |
| N/A | 127.0.0.1:51937 | tcp | |
| N/A | 127.0.0.1:51943 | tcp | |
| N/A | 127.0.0.1:51945 | tcp | |
| N/A | 127.0.0.1:51951 | tcp | |
| N/A | 127.0.0.1:51953 | tcp | |
| N/A | 127.0.0.1:51957 | tcp | |
| N/A | 127.0.0.1:51960 | tcp | |
| N/A | 127.0.0.1:51974 | tcp | |
| N/A | 127.0.0.1:51978 | tcp | |
| N/A | 127.0.0.1:51987 | tcp | |
| N/A | 127.0.0.1:51990 | tcp | |
| N/A | 127.0.0.1:51993 | tcp | |
| N/A | 127.0.0.1:51995 | tcp | |
| N/A | 127.0.0.1:51998 | tcp | |
| N/A | 127.0.0.1:52012 | tcp | |
| N/A | 127.0.0.1:52014 | tcp | |
| N/A | 127.0.0.1:52017 | tcp | |
| N/A | 127.0.0.1:52019 | tcp | |
| N/A | 127.0.0.1:52022 | tcp | |
| N/A | 127.0.0.1:52034 | tcp | |
| N/A | 127.0.0.1:52037 | tcp | |
| N/A | 127.0.0.1:52040 | tcp | |
| N/A | 127.0.0.1:52044 | tcp | |
| N/A | 127.0.0.1:52048 | tcp | |
| N/A | 127.0.0.1:52055 | tcp | |
| N/A | 127.0.0.1:52058 | tcp | |
| N/A | 127.0.0.1:52062 | tcp | |
| N/A | 127.0.0.1:52065 | tcp | |
| N/A | 127.0.0.1:52068 | tcp | |
| N/A | 127.0.0.1:52070 | tcp | |
| N/A | 127.0.0.1:52077 | tcp | |
| N/A | 127.0.0.1:52084 | tcp | |
| N/A | 127.0.0.1:52090 | tcp | |
| N/A | 127.0.0.1:52101 | tcp | |
| N/A | 127.0.0.1:52103 | tcp | |
| N/A | 127.0.0.1:52107 | tcp | |
| N/A | 127.0.0.1:52109 | tcp | |
| N/A | 127.0.0.1:52116 | tcp | |
| N/A | 127.0.0.1:52118 | tcp | |
| N/A | 127.0.0.1:52122 | tcp | |
| N/A | 127.0.0.1:52127 | tcp | |
| N/A | 127.0.0.1:52131 | tcp | |
| N/A | 127.0.0.1:52135 | tcp | |
| N/A | 127.0.0.1:52139 | tcp | |
| N/A | 127.0.0.1:52142 | tcp | |
| N/A | 127.0.0.1:52146 | tcp | |
| N/A | 127.0.0.1:52151 | tcp | |
| N/A | 127.0.0.1:52154 | tcp | |
| N/A | 127.0.0.1:52166 | tcp | |
| N/A | 127.0.0.1:52169 | tcp | |
| N/A | 127.0.0.1:52172 | tcp | |
| N/A | 127.0.0.1:52175 | tcp | |
| N/A | 127.0.0.1:52177 | tcp | |
| N/A | 127.0.0.1:52184 | tcp | |
| N/A | 127.0.0.1:52191 | tcp | |
| N/A | 127.0.0.1:52194 | tcp | |
| N/A | 127.0.0.1:52197 | tcp | |
| N/A | 127.0.0.1:52207 | tcp | |
| N/A | 127.0.0.1:52210 | tcp | |
| N/A | 127.0.0.1:52213 | tcp | |
| N/A | 127.0.0.1:52225 | tcp | |
| N/A | 127.0.0.1:52228 | tcp | |
| N/A | 127.0.0.1:52231 | tcp | |
| N/A | 127.0.0.1:52234 | tcp | |
| N/A | 127.0.0.1:52239 | tcp | |
| N/A | 127.0.0.1:52242 | tcp | |
| N/A | 127.0.0.1:52247 | tcp | |
| N/A | 127.0.0.1:52251 | tcp | |
| N/A | 127.0.0.1:52254 | tcp | |
| N/A | 127.0.0.1:52263 | tcp | |
| N/A | 127.0.0.1:52266 | tcp | |
| N/A | 127.0.0.1:52271 | tcp | |
| N/A | 127.0.0.1:52273 | tcp | |
| N/A | 127.0.0.1:52276 | tcp | |
| N/A | 127.0.0.1:52279 | tcp | |
| N/A | 127.0.0.1:52286 | tcp | |
| N/A | 127.0.0.1:52295 | tcp | |
| N/A | 127.0.0.1:52298 | tcp | |
| N/A | 127.0.0.1:52301 | tcp | |
| N/A | 127.0.0.1:52305 | tcp | |
| N/A | 127.0.0.1:52310 | tcp | |
| N/A | 127.0.0.1:52313 | tcp | |
| N/A | 127.0.0.1:52317 | tcp | |
| N/A | 127.0.0.1:52320 | tcp | |
| N/A | 127.0.0.1:52323 | tcp | |
| N/A | 127.0.0.1:52325 | tcp | |
| N/A | 127.0.0.1:52330 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:52343 | tcp | |
| N/A | 127.0.0.1:52346 | tcp | |
| N/A | 127.0.0.1:52351 | tcp | |
| N/A | 127.0.0.1:52354 | tcp | |
| N/A | 127.0.0.1:52361 | tcp | |
| N/A | 127.0.0.1:52366 | tcp | |
| N/A | 127.0.0.1:52370 | tcp | |
| N/A | 127.0.0.1:52374 | tcp | |
| N/A | 127.0.0.1:52378 | tcp | |
| N/A | 127.0.0.1:52381 | tcp | |
| N/A | 127.0.0.1:52387 | tcp | |
| N/A | 127.0.0.1:52391 | tcp | |
| N/A | 127.0.0.1:52393 | tcp | |
| N/A | 127.0.0.1:52395 | tcp | |
| N/A | 127.0.0.1:52404 | tcp | |
| N/A | 127.0.0.1:52410 | tcp | |
| N/A | 127.0.0.1:52413 | tcp | |
| N/A | 127.0.0.1:52421 | tcp | |
| N/A | 127.0.0.1:52426 | tcp | |
| N/A | 127.0.0.1:52429 | tcp | |
| N/A | 127.0.0.1:52434 | tcp | |
| N/A | 127.0.0.1:52438 | tcp | |
| N/A | 127.0.0.1:52441 | tcp | |
| N/A | 127.0.0.1:52444 | tcp | |
| N/A | 127.0.0.1:52449 | tcp | |
| N/A | 127.0.0.1:52451 | tcp | |
| N/A | 127.0.0.1:52459 | tcp | |
| N/A | 127.0.0.1:52466 | tcp | |
| N/A | 127.0.0.1:52469 | tcp | |
| N/A | 127.0.0.1:52472 | tcp | |
| N/A | 127.0.0.1:52476 | tcp | |
| N/A | 127.0.0.1:52482 | tcp | |
| N/A | 127.0.0.1:52486 | tcp | |
| N/A | 127.0.0.1:52489 | tcp | |
| N/A | 127.0.0.1:52494 | tcp | |
| N/A | 127.0.0.1:52502 | tcp | |
| N/A | 127.0.0.1:52505 | tcp | |
| N/A | 127.0.0.1:52507 | tcp | |
| N/A | 127.0.0.1:52513 | tcp | |
| N/A | 127.0.0.1:52521 | tcp | |
| N/A | 127.0.0.1:52526 | tcp | |
| N/A | 127.0.0.1:52532 | tcp | |
| N/A | 127.0.0.1:52535 | tcp | |
| N/A | 127.0.0.1:52539 | tcp | |
| N/A | 127.0.0.1:52542 | tcp | |
| N/A | 127.0.0.1:52545 | tcp | |
| N/A | 127.0.0.1:52547 | tcp | |
| N/A | 127.0.0.1:52550 | tcp | |
| N/A | 127.0.0.1:52552 | tcp | |
| N/A | 127.0.0.1:52560 | tcp | |
| N/A | 127.0.0.1:52562 | tcp | |
| N/A | 127.0.0.1:52566 | tcp | |
| N/A | 127.0.0.1:52572 | tcp | |
| N/A | 127.0.0.1:52575 | tcp | |
| N/A | 127.0.0.1:52578 | tcp | |
| N/A | 127.0.0.1:52591 | tcp | |
| N/A | 127.0.0.1:52593 | tcp | |
| N/A | 127.0.0.1:52597 | tcp | |
| N/A | 127.0.0.1:52602 | tcp | |
| N/A | 127.0.0.1:52608 | tcp | |
| N/A | 127.0.0.1:52611 | tcp | |
| N/A | 127.0.0.1:52615 | tcp | |
| N/A | 127.0.0.1:52620 | tcp | |
| N/A | 127.0.0.1:52623 | tcp | |
| N/A | 127.0.0.1:52628 | tcp | |
| N/A | 127.0.0.1:52632 | tcp | |
| N/A | 127.0.0.1:52636 | tcp | |
| N/A | 127.0.0.1:52639 | tcp | |
| N/A | 127.0.0.1:52644 | tcp | |
| N/A | 127.0.0.1:52647 | tcp | |
| N/A | 127.0.0.1:52649 | tcp | |
| N/A | 127.0.0.1:52653 | tcp | |
| N/A | 127.0.0.1:52658 | tcp | |
| N/A | 127.0.0.1:52666 | tcp | |
| N/A | 127.0.0.1:52671 | tcp | |
| N/A | 127.0.0.1:52676 | tcp | |
| N/A | 127.0.0.1:52679 | tcp | |
| N/A | 127.0.0.1:52683 | tcp | |
| N/A | 127.0.0.1:52690 | tcp | |
| N/A | 127.0.0.1:52693 | tcp | |
| N/A | 127.0.0.1:52697 | tcp | |
| N/A | 127.0.0.1:52700 | tcp | |
| N/A | 127.0.0.1:52704 | tcp | |
| N/A | 127.0.0.1:52710 | tcp | |
| N/A | 127.0.0.1:52714 | tcp | |
| N/A | 127.0.0.1:52718 | tcp | |
| N/A | 127.0.0.1:52720 | tcp | |
| N/A | 127.0.0.1:52723 | tcp | |
| N/A | 127.0.0.1:52728 | tcp | |
| N/A | 127.0.0.1:52736 | tcp | |
| N/A | 127.0.0.1:52738 | tcp | |
| N/A | 127.0.0.1:52744 | tcp | |
| N/A | 127.0.0.1:52746 | tcp | |
| N/A | 127.0.0.1:52752 | tcp | |
| N/A | 127.0.0.1:52760 | tcp | |
| N/A | 127.0.0.1:52763 | tcp | |
| N/A | 127.0.0.1:52766 | tcp | |
| N/A | 127.0.0.1:52768 | tcp | |
| N/A | 127.0.0.1:52784 | tcp | |
| N/A | 127.0.0.1:52786 | tcp | |
| N/A | 127.0.0.1:52788 | tcp | |
| N/A | 127.0.0.1:52791 | tcp | |
| N/A | 127.0.0.1:52800 | tcp | |
| N/A | 127.0.0.1:52804 | tcp | |
| N/A | 127.0.0.1:52808 | tcp | |
| N/A | 127.0.0.1:52813 | tcp | |
| N/A | 127.0.0.1:52817 | tcp | |
| N/A | 127.0.0.1:52820 | tcp | |
| N/A | 127.0.0.1:52822 | tcp | |
| N/A | 127.0.0.1:52824 | tcp | |
| N/A | 127.0.0.1:52829 | tcp | |
| N/A | 127.0.0.1:52840 | tcp | |
| N/A | 127.0.0.1:52845 | tcp | |
| N/A | 127.0.0.1:52850 | tcp | |
| N/A | 127.0.0.1:52853 | tcp | |
| N/A | 127.0.0.1:52856 | tcp | |
| N/A | 127.0.0.1:52859 | tcp | |
| N/A | 127.0.0.1:52861 | tcp | |
| N/A | 127.0.0.1:52866 | tcp | |
| N/A | 127.0.0.1:52874 | tcp | |
| N/A | 127.0.0.1:52877 | tcp | |
| N/A | 127.0.0.1:52881 | tcp | |
| N/A | 127.0.0.1:52883 | tcp | |
| N/A | 127.0.0.1:52887 | tcp | |
| N/A | 127.0.0.1:52897 | tcp | |
| N/A | 127.0.0.1:52902 | tcp | |
| N/A | 127.0.0.1:52904 | tcp | |
| N/A | 127.0.0.1:52907 | tcp | |
| N/A | 127.0.0.1:52913 | tcp | |
| N/A | 127.0.0.1:52920 | tcp | |
| N/A | 127.0.0.1:52924 | tcp | |
| N/A | 127.0.0.1:52929 | tcp | |
| N/A | 127.0.0.1:52931 | tcp | |
| N/A | 127.0.0.1:52934 | tcp | |
| N/A | 127.0.0.1:52938 | tcp | |
| N/A | 127.0.0.1:52946 | tcp | |
| N/A | 127.0.0.1:52948 | tcp | |
| N/A | 127.0.0.1:52957 | tcp | |
| N/A | 127.0.0.1:52962 | tcp | |
| N/A | 127.0.0.1:52965 | tcp | |
| N/A | 127.0.0.1:52970 | tcp | |
| N/A | 127.0.0.1:52974 | tcp | |
| N/A | 127.0.0.1:52979 | tcp | |
| N/A | 127.0.0.1:52981 | tcp | |
| N/A | 127.0.0.1:52984 | tcp | |
| N/A | 127.0.0.1:52986 | tcp | |
| N/A | 127.0.0.1:52993 | tcp | |
| N/A | 127.0.0.1:52996 | tcp | |
| N/A | 127.0.0.1:52999 | tcp | |
| N/A | 127.0.0.1:53001 | tcp | |
| N/A | 127.0.0.1:53006 | tcp | |
| N/A | 127.0.0.1:53010 | tcp | |
| N/A | 127.0.0.1:53017 | tcp | |
| N/A | 127.0.0.1:53020 | tcp | |
| N/A | 127.0.0.1:53026 | tcp | |
| N/A | 127.0.0.1:53031 | tcp | |
| N/A | 127.0.0.1:53034 | tcp | |
| N/A | 127.0.0.1:53040 | tcp | |
| N/A | 127.0.0.1:53043 | tcp | |
| N/A | 127.0.0.1:53047 | tcp | |
| N/A | 127.0.0.1:53057 | tcp | |
| N/A | 127.0.0.1:53059 | tcp | |
| N/A | 127.0.0.1:53063 | tcp | |
| N/A | 127.0.0.1:53065 | tcp | |
| N/A | 127.0.0.1:53069 | tcp | |
| N/A | 127.0.0.1:53077 | tcp | |
| N/A | 127.0.0.1:53079 | tcp | |
| N/A | 127.0.0.1:53084 | tcp | |
| N/A | 127.0.0.1:53087 | tcp | |
| N/A | 127.0.0.1:53092 | tcp | |
| N/A | 127.0.0.1:53098 | tcp | |
| N/A | 127.0.0.1:53100 | tcp | |
| N/A | 127.0.0.1:53106 | tcp | |
| N/A | 127.0.0.1:53109 | tcp | |
| N/A | 127.0.0.1:53112 | tcp | |
| N/A | 127.0.0.1:53117 | tcp | |
| N/A | 127.0.0.1:53120 | tcp | |
| N/A | 127.0.0.1:53125 | tcp | |
| N/A | 127.0.0.1:53128 | tcp | |
| N/A | 127.0.0.1:53132 | tcp | |
| N/A | 127.0.0.1:53135 | tcp | |
| N/A | 127.0.0.1:53138 | tcp | |
| N/A | 127.0.0.1:53148 | tcp | |
| N/A | 127.0.0.1:53154 | tcp | |
| N/A | 127.0.0.1:53155 | tcp | |
| N/A | 127.0.0.1:53161 | tcp | |
| N/A | 127.0.0.1:53169 | tcp | |
| N/A | 127.0.0.1:53171 | tcp | |
| N/A | 127.0.0.1:53173 | tcp | |
| N/A | 127.0.0.1:53175 | tcp | |
| N/A | 127.0.0.1:53187 | tcp | |
| N/A | 127.0.0.1:53190 | tcp | |
| N/A | 127.0.0.1:53193 | tcp | |
| N/A | 127.0.0.1:53196 | tcp | |
| N/A | 127.0.0.1:53202 | tcp | |
| N/A | 127.0.0.1:53207 | tcp | |
| N/A | 127.0.0.1:53210 | tcp | |
| N/A | 127.0.0.1:53213 | tcp | |
| N/A | 127.0.0.1:53216 | tcp | |
| N/A | 127.0.0.1:53222 | tcp | |
| N/A | 127.0.0.1:53227 | tcp | |
| N/A | 127.0.0.1:53231 | tcp | |
| N/A | 127.0.0.1:53233 | tcp | |
| N/A | 127.0.0.1:53242 | tcp | |
| N/A | 127.0.0.1:53247 | tcp | |
| N/A | 127.0.0.1:53250 | tcp | |
| N/A | 127.0.0.1:53253 | tcp | |
| N/A | 127.0.0.1:53257 | tcp | |
| N/A | 127.0.0.1:53262 | tcp | |
| N/A | 127.0.0.1:53266 | tcp | |
| N/A | 127.0.0.1:53271 | tcp | |
| N/A | 127.0.0.1:53277 | tcp | |
| N/A | 127.0.0.1:53280 | tcp | |
| N/A | 127.0.0.1:53284 | tcp | |
| N/A | 127.0.0.1:53287 | tcp | |
| N/A | 127.0.0.1:53289 | tcp | |
| N/A | 127.0.0.1:53293 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:53301 | tcp | |
| N/A | 127.0.0.1:53308 | tcp | |
| N/A | 127.0.0.1:53312 | tcp | |
| N/A | 127.0.0.1:53314 | tcp | |
| N/A | 127.0.0.1:53318 | tcp | |
| N/A | 127.0.0.1:53325 | tcp | |
| N/A | 127.0.0.1:53331 | tcp | |
| N/A | 127.0.0.1:53336 | tcp | |
| N/A | 127.0.0.1:53340 | tcp | |
| N/A | 127.0.0.1:53342 | tcp | |
| N/A | 127.0.0.1:53346 | tcp | |
| N/A | 127.0.0.1:53349 | tcp | |
| N/A | 127.0.0.1:53354 | tcp | |
| N/A | 127.0.0.1:53362 | tcp | |
| N/A | 127.0.0.1:53365 | tcp | |
| N/A | 127.0.0.1:53373 | tcp | |
| N/A | 127.0.0.1:53378 | tcp | |
| N/A | 127.0.0.1:53380 | tcp | |
| N/A | 127.0.0.1:53382 | tcp | |
| N/A | 127.0.0.1:53386 | tcp | |
| N/A | 127.0.0.1:53390 | tcp | |
| N/A | 127.0.0.1:53397 | tcp | |
| N/A | 127.0.0.1:53401 | tcp | |
| N/A | 127.0.0.1:53406 | tcp | |
| N/A | 127.0.0.1:53409 | tcp | |
| N/A | 127.0.0.1:53413 | tcp | |
| N/A | 127.0.0.1:53417 | tcp | |
| N/A | 127.0.0.1:53423 | tcp | |
| N/A | 127.0.0.1:53428 | tcp | |
| N/A | 127.0.0.1:53431 | tcp | |
| N/A | 127.0.0.1:53438 | tcp | |
| N/A | 127.0.0.1:53442 | tcp | |
| N/A | 127.0.0.1:53444 | tcp | |
| N/A | 127.0.0.1:53449 | tcp | |
| N/A | 127.0.0.1:53452 | tcp | |
| N/A | 127.0.0.1:53455 | tcp | |
| N/A | 127.0.0.1:53466 | tcp | |
| N/A | 127.0.0.1:53470 | tcp | |
| N/A | 127.0.0.1:53474 | tcp | |
| N/A | 127.0.0.1:53479 | tcp | |
| N/A | 127.0.0.1:53481 | tcp | |
| N/A | 127.0.0.1:53484 | tcp | |
| N/A | 127.0.0.1:53488 | tcp | |
| N/A | 127.0.0.1:53491 | tcp | |
| N/A | 127.0.0.1:53497 | tcp | |
| N/A | 127.0.0.1:53502 | tcp | |
| N/A | 127.0.0.1:53508 | tcp | |
| N/A | 127.0.0.1:53510 | tcp | |
| N/A | 127.0.0.1:53513 | tcp | |
| N/A | 127.0.0.1:53518 | tcp | |
| N/A | 127.0.0.1:53520 | tcp | |
| N/A | 127.0.0.1:53524 | tcp | |
| N/A | 127.0.0.1:53528 | tcp | |
| N/A | 127.0.0.1:53531 | tcp | |
| N/A | 127.0.0.1:53534 | tcp | |
| N/A | 127.0.0.1:53542 | tcp | |
| N/A | 127.0.0.1:53548 | tcp | |
| N/A | 127.0.0.1:53554 | tcp | |
| N/A | 127.0.0.1:53557 | tcp | |
| N/A | 127.0.0.1:53560 | tcp | |
| N/A | 127.0.0.1:53565 | tcp | |
| N/A | 127.0.0.1:53568 | tcp | |
| N/A | 127.0.0.1:53572 | tcp | |
| N/A | 127.0.0.1:53581 | tcp | |
| N/A | 127.0.0.1:53585 | tcp | |
| N/A | 127.0.0.1:53589 | tcp | |
| N/A | 127.0.0.1:53597 | tcp | |
| N/A | 127.0.0.1:53601 | tcp | |
| N/A | 127.0.0.1:53604 | tcp | |
| N/A | 127.0.0.1:53607 | tcp | |
| N/A | 127.0.0.1:53615 | tcp | |
| N/A | 127.0.0.1:53621 | tcp | |
| N/A | 127.0.0.1:53624 | tcp | |
| N/A | 127.0.0.1:53626 | tcp | |
| N/A | 127.0.0.1:53634 | tcp | |
| N/A | 127.0.0.1:53639 | tcp | |
| N/A | 127.0.0.1:53641 | tcp | |
| N/A | 127.0.0.1:53644 | tcp | |
| N/A | 127.0.0.1:53651 | tcp | |
| N/A | 127.0.0.1:53659 | tcp | |
| N/A | 127.0.0.1:53662 | tcp | |
| N/A | 127.0.0.1:53666 | tcp | |
| N/A | 127.0.0.1:53673 | tcp | |
| N/A | 127.0.0.1:53676 | tcp | |
| N/A | 127.0.0.1:53680 | tcp | |
| N/A | 127.0.0.1:53682 | tcp | |
| N/A | 127.0.0.1:53685 | tcp | |
| N/A | 127.0.0.1:53689 | tcp | |
| N/A | 127.0.0.1:53693 | tcp | |
| N/A | 127.0.0.1:53698 | tcp | |
| N/A | 127.0.0.1:53703 | tcp | |
| N/A | 127.0.0.1:53713 | tcp | |
| N/A | 127.0.0.1:53716 | tcp | |
| N/A | 127.0.0.1:53719 | tcp | |
| N/A | 127.0.0.1:53725 | tcp | |
| N/A | 127.0.0.1:53730 | tcp | |
| N/A | 127.0.0.1:53732 | tcp | |
| N/A | 127.0.0.1:53734 | tcp | |
| N/A | 127.0.0.1:53740 | tcp | |
| N/A | 127.0.0.1:53744 | tcp | |
| N/A | 127.0.0.1:53750 | tcp | |
| N/A | 127.0.0.1:53753 | tcp | |
| N/A | 127.0.0.1:53759 | tcp | |
| N/A | 127.0.0.1:53762 | tcp | |
| N/A | 127.0.0.1:53769 | tcp | |
| N/A | 127.0.0.1:53776 | tcp | |
| N/A | 127.0.0.1:53780 | tcp | |
| N/A | 127.0.0.1:53787 | tcp | |
| N/A | 127.0.0.1:53791 | tcp | |
| N/A | 127.0.0.1:53794 | tcp | |
| N/A | 127.0.0.1:53798 | tcp | |
| N/A | 127.0.0.1:53803 | tcp | |
| N/A | 127.0.0.1:53809 | tcp | |
| N/A | 127.0.0.1:53812 | tcp | |
| N/A | 127.0.0.1:53817 | tcp | |
| N/A | 127.0.0.1:53822 | tcp | |
| N/A | 127.0.0.1:53827 | tcp | |
| N/A | 127.0.0.1:53830 | tcp | |
| N/A | 127.0.0.1:53832 | tcp | |
| N/A | 127.0.0.1:53840 | tcp | |
| N/A | 127.0.0.1:53846 | tcp | |
| N/A | 127.0.0.1:53849 | tcp | |
| N/A | 127.0.0.1:53852 | tcp | |
| N/A | 127.0.0.1:53857 | tcp | |
| N/A | 127.0.0.1:53864 | tcp | |
| N/A | 127.0.0.1:53868 | tcp | |
| N/A | 127.0.0.1:53874 | tcp | |
| N/A | 127.0.0.1:53881 | tcp | |
| N/A | 127.0.0.1:53883 | tcp | |
| N/A | 127.0.0.1:53885 | tcp | |
| N/A | 127.0.0.1:53889 | tcp | |
| N/A | 127.0.0.1:53895 | tcp | |
| N/A | 127.0.0.1:53901 | tcp | |
| N/A | 127.0.0.1:53907 | tcp | |
| N/A | 127.0.0.1:53912 | tcp | |
| N/A | 127.0.0.1:53915 | tcp | |
| N/A | 127.0.0.1:53918 | tcp | |
| N/A | 127.0.0.1:53921 | tcp | |
| N/A | 127.0.0.1:53927 | tcp | |
| N/A | 127.0.0.1:53931 | tcp | |
| N/A | 127.0.0.1:53935 | tcp | |
| N/A | 127.0.0.1:53939 | tcp | |
| N/A | 127.0.0.1:53944 | tcp | |
| N/A | 127.0.0.1:53950 | tcp | |
| N/A | 127.0.0.1:53954 | tcp | |
| N/A | 127.0.0.1:53957 | tcp | |
| N/A | 127.0.0.1:53966 | tcp | |
| N/A | 127.0.0.1:53970 | tcp | |
| N/A | 127.0.0.1:53974 | tcp | |
| N/A | 127.0.0.1:53978 | tcp | |
| N/A | 127.0.0.1:53984 | tcp | |
| N/A | 127.0.0.1:53989 | tcp | |
| N/A | 127.0.0.1:53991 | tcp | |
| N/A | 127.0.0.1:53993 | tcp | |
| N/A | 127.0.0.1:53995 | tcp | |
| N/A | 127.0.0.1:54003 | tcp | |
| N/A | 127.0.0.1:54005 | tcp | |
| N/A | 127.0.0.1:54011 | tcp | |
| N/A | 127.0.0.1:54014 | tcp | |
| N/A | 127.0.0.1:54023 | tcp | |
| N/A | 127.0.0.1:54027 | tcp | |
| N/A | 127.0.0.1:54032 | tcp | |
| N/A | 127.0.0.1:54037 | tcp | |
| N/A | 127.0.0.1:54039 | tcp | |
| N/A | 127.0.0.1:54043 | tcp | |
| N/A | 127.0.0.1:54051 | tcp | |
| N/A | 127.0.0.1:54056 | tcp | |
| N/A | 127.0.0.1:54059 | tcp | |
| N/A | 127.0.0.1:54066 | tcp | |
| N/A | 127.0.0.1:54069 | tcp | |
| N/A | 127.0.0.1:54072 | tcp | |
| N/A | 127.0.0.1:54076 | tcp | |
| N/A | 127.0.0.1:54078 | tcp | |
| N/A | 127.0.0.1:54081 | tcp | |
| N/A | 127.0.0.1:54083 | tcp | |
| N/A | 127.0.0.1:54088 | tcp | |
| N/A | 127.0.0.1:54092 | tcp | |
| N/A | 127.0.0.1:54099 | tcp | |
| N/A | 127.0.0.1:54104 | tcp | |
| N/A | 127.0.0.1:54108 | tcp | |
| N/A | 127.0.0.1:54112 | tcp | |
| N/A | 127.0.0.1:54114 | tcp | |
| N/A | 127.0.0.1:54122 | tcp | |
| N/A | 127.0.0.1:54125 | tcp | |
| N/A | 127.0.0.1:54129 | tcp | |
| N/A | 127.0.0.1:54133 | tcp | |
| N/A | 127.0.0.1:54141 | tcp | |
| N/A | 127.0.0.1:54145 | tcp | |
| N/A | 127.0.0.1:54150 | tcp | |
| N/A | 127.0.0.1:54155 | tcp | |
| N/A | 127.0.0.1:54158 | tcp | |
| N/A | 127.0.0.1:54161 | tcp | |
| N/A | 127.0.0.1:54165 | tcp | |
| N/A | 127.0.0.1:54170 | tcp | |
| N/A | 127.0.0.1:54178 | tcp | |
| N/A | 127.0.0.1:54180 | tcp | |
| N/A | 127.0.0.1:54182 | tcp | |
| N/A | 127.0.0.1:54189 | tcp | |
| N/A | 127.0.0.1:54195 | tcp | |
| N/A | 127.0.0.1:54198 | tcp | |
| N/A | 127.0.0.1:54201 | tcp | |
| N/A | 127.0.0.1:54205 | tcp | |
| N/A | 127.0.0.1:54208 | tcp | |
| N/A | 127.0.0.1:54211 | tcp | |
| N/A | 127.0.0.1:54213 | tcp | |
| N/A | 127.0.0.1:54218 | tcp | |
| N/A | 127.0.0.1:54222 | tcp | |
| N/A | 127.0.0.1:54225 | tcp | |
| N/A | 127.0.0.1:54229 | tcp | |
| N/A | 127.0.0.1:54232 | tcp | |
| N/A | 127.0.0.1:54236 | tcp | |
| N/A | 127.0.0.1:54240 | tcp | |
| N/A | 127.0.0.1:54243 | tcp | |
| N/A | 127.0.0.1:54246 | tcp | |
| N/A | 127.0.0.1:54256 | tcp | |
| N/A | 127.0.0.1:54258 | tcp | |
| N/A | 127.0.0.1:54261 | tcp | |
| N/A | 127.0.0.1:54266 | tcp | |
| N/A | 127.0.0.1:54270 | tcp | |
| N/A | 127.0.0.1:54273 | tcp | |
| N/A | 127.0.0.1:54275 | tcp | |
| N/A | 127.0.0.1:54281 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:54287 | tcp | |
| N/A | 127.0.0.1:54290 | tcp | |
| N/A | 127.0.0.1:54297 | tcp | |
| N/A | 127.0.0.1:54299 | tcp | |
| N/A | 127.0.0.1:54303 | tcp | |
| N/A | 127.0.0.1:54306 | tcp | |
| N/A | 127.0.0.1:54311 | tcp | |
| N/A | 127.0.0.1:54315 | tcp | |
| N/A | 127.0.0.1:54319 | tcp | |
| N/A | 127.0.0.1:54322 | tcp | |
| N/A | 127.0.0.1:54326 | tcp | |
| N/A | 127.0.0.1:54331 | tcp | |
| N/A | 127.0.0.1:54339 | tcp | |
| N/A | 127.0.0.1:54341 | tcp | |
| N/A | 127.0.0.1:54344 | tcp | |
| N/A | 127.0.0.1:54351 | tcp | |
| N/A | 127.0.0.1:54361 | tcp | |
| N/A | 127.0.0.1:54363 | tcp | |
| N/A | 127.0.0.1:54366 | tcp | |
| N/A | 127.0.0.1:54368 | tcp | |
| N/A | 127.0.0.1:54373 | tcp | |
| N/A | 127.0.0.1:54381 | tcp | |
| N/A | 127.0.0.1:54384 | tcp | |
| N/A | 127.0.0.1:54388 | tcp | |
| N/A | 127.0.0.1:54391 | tcp | |
| N/A | 127.0.0.1:54394 | tcp | |
| N/A | 127.0.0.1:54398 | tcp | |
| N/A | 127.0.0.1:54403 | tcp | |
| N/A | 127.0.0.1:54405 | tcp | |
| N/A | 127.0.0.1:54408 | tcp | |
| N/A | 127.0.0.1:54417 | tcp | |
| N/A | 127.0.0.1:54420 | tcp | |
| N/A | 127.0.0.1:54423 | tcp | |
| N/A | 127.0.0.1:54435 | tcp | |
| N/A | 127.0.0.1:54440 | tcp | |
| N/A | 127.0.0.1:54443 | tcp | |
| N/A | 127.0.0.1:54450 | tcp | |
| N/A | 127.0.0.1:54453 | tcp | |
| N/A | 127.0.0.1:54458 | tcp | |
| N/A | 127.0.0.1:54463 | tcp | |
| US | 8.8.8.8:53 | server7.statsexplorer.org | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | stun.stunprotocol.org | udp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| BG | 185.82.216.108:443 | server7.statsexplorer.org | tcp |
| N/A | 127.0.0.1:54468 | tcp | |
| N/A | 127.0.0.1:54472 | tcp | |
| N/A | 127.0.0.1:54483 | tcp | |
| N/A | 127.0.0.1:54485 | tcp | |
| N/A | 127.0.0.1:54488 | tcp | |
| N/A | 127.0.0.1:54490 | tcp | |
| N/A | 127.0.0.1:54492 | tcp | |
| N/A | 127.0.0.1:54496 | tcp | |
| N/A | 127.0.0.1:54504 | tcp | |
| N/A | 127.0.0.1:54510 | tcp | |
| N/A | 127.0.0.1:54513 | tcp | |
| N/A | 127.0.0.1:54518 | tcp | |
| N/A | 127.0.0.1:54522 | tcp | |
| N/A | 127.0.0.1:54530 | tcp | |
| N/A | 127.0.0.1:54537 | tcp | |
| N/A | 127.0.0.1:54547 | tcp | |
| N/A | 127.0.0.1:54550 | tcp | |
| N/A | 127.0.0.1:54552 | tcp | |
| N/A | 127.0.0.1:54556 | tcp | |
| N/A | 127.0.0.1:54559 | tcp | |
| N/A | 127.0.0.1:54561 | tcp | |
| N/A | 127.0.0.1:54566 | tcp | |
| N/A | 127.0.0.1:54570 | tcp | |
| N/A | 127.0.0.1:54572 | tcp | |
| N/A | 127.0.0.1:54574 | tcp | |
| N/A | 127.0.0.1:54576 | tcp | |
| N/A | 127.0.0.1:54582 | tcp | |
| N/A | 127.0.0.1:54586 | tcp | |
| N/A | 127.0.0.1:54596 | tcp | |
| N/A | 127.0.0.1:54599 | tcp | |
| N/A | 127.0.0.1:54601 | tcp | |
| N/A | 127.0.0.1:54605 | tcp | |
| N/A | 127.0.0.1:54608 | tcp | |
| N/A | 127.0.0.1:54612 | tcp | |
| N/A | 127.0.0.1:54614 | tcp | |
| N/A | 127.0.0.1:54616 | tcp | |
| N/A | 127.0.0.1:54623 | tcp | |
| N/A | 127.0.0.1:54625 | tcp | |
| N/A | 127.0.0.1:54629 | tcp | |
| N/A | 127.0.0.1:54637 | tcp | |
| N/A | 127.0.0.1:54640 | tcp | |
| N/A | 127.0.0.1:54647 | tcp | |
| N/A | 127.0.0.1:54651 | tcp | |
| N/A | 127.0.0.1:54657 | tcp | |
| N/A | 127.0.0.1:54663 | tcp | |
| N/A | 127.0.0.1:54665 | tcp | |
| N/A | 127.0.0.1:54667 | tcp | |
| N/A | 127.0.0.1:54671 | tcp | |
| N/A | 127.0.0.1:54673 | tcp | |
| N/A | 127.0.0.1:54678 | tcp | |
| N/A | 127.0.0.1:54687 | tcp | |
| N/A | 127.0.0.1:54689 | tcp | |
| N/A | 127.0.0.1:54697 | tcp | |
| N/A | 127.0.0.1:54703 | tcp | |
| N/A | 127.0.0.1:54706 | tcp | |
| N/A | 127.0.0.1:54710 | tcp | |
| N/A | 127.0.0.1:54715 | tcp | |
| N/A | 127.0.0.1:54718 | tcp | |
| N/A | 127.0.0.1:54725 | tcp | |
| N/A | 127.0.0.1:54728 | tcp | |
| N/A | 127.0.0.1:54731 | tcp | |
| N/A | 127.0.0.1:54734 | tcp | |
| N/A | 127.0.0.1:54738 | tcp | |
| N/A | 127.0.0.1:54741 | tcp | |
| N/A | 127.0.0.1:54744 | tcp | |
| N/A | 127.0.0.1:54754 | tcp | |
| N/A | 127.0.0.1:54757 | tcp | |
| N/A | 127.0.0.1:54760 | tcp | |
| N/A | 127.0.0.1:54762 | tcp | |
| N/A | 127.0.0.1:54764 | tcp | |
| N/A | 127.0.0.1:54773 | tcp | |
| N/A | 127.0.0.1:54779 | tcp | |
| N/A | 127.0.0.1:54783 | tcp | |
| N/A | 127.0.0.1:54787 | tcp | |
| N/A | 127.0.0.1:54792 | tcp | |
| N/A | 127.0.0.1:54794 | tcp | |
| N/A | 127.0.0.1:54798 | tcp | |
| N/A | 127.0.0.1:54802 | tcp | |
| N/A | 127.0.0.1:54806 | tcp | |
| N/A | 127.0.0.1:54812 | tcp | |
| N/A | 127.0.0.1:54816 | tcp | |
| N/A | 127.0.0.1:54824 | tcp | |
| N/A | 127.0.0.1:54826 | tcp | |
| N/A | 127.0.0.1:54831 | tcp | |
| N/A | 127.0.0.1:54835 | tcp | |
| N/A | 127.0.0.1:54837 | tcp | |
| N/A | 127.0.0.1:54841 | tcp | |
| N/A | 127.0.0.1:54849 | tcp | |
| N/A | 127.0.0.1:54853 | tcp | |
| N/A | 127.0.0.1:54856 | tcp | |
| N/A | 127.0.0.1:54858 | tcp | |
| N/A | 127.0.0.1:54865 | tcp | |
| N/A | 127.0.0.1:54869 | tcp | |
| N/A | 127.0.0.1:54872 | tcp | |
| N/A | 127.0.0.1:54876 | tcp | |
| N/A | 127.0.0.1:54880 | tcp | |
| N/A | 127.0.0.1:54882 | tcp | |
| N/A | 127.0.0.1:54893 | tcp | |
| N/A | 127.0.0.1:54895 | tcp | |
| N/A | 127.0.0.1:54903 | tcp | |
| N/A | 127.0.0.1:54906 | tcp | |
| N/A | 127.0.0.1:54913 | tcp | |
| N/A | 127.0.0.1:54917 | tcp | |
| N/A | 127.0.0.1:54919 | tcp | |
| N/A | 127.0.0.1:54923 | tcp | |
| N/A | 127.0.0.1:54929 | tcp | |
| N/A | 127.0.0.1:54932 | tcp | |
| N/A | 127.0.0.1:54934 | tcp | |
| N/A | 127.0.0.1:54937 | tcp | |
| N/A | 127.0.0.1:54947 | tcp | |
| N/A | 127.0.0.1:54953 | tcp | |
| N/A | 127.0.0.1:54957 | tcp | |
| N/A | 127.0.0.1:54961 | tcp | |
| N/A | 127.0.0.1:54964 | tcp | |
| N/A | 127.0.0.1:54968 | tcp | |
| N/A | 127.0.0.1:54972 | tcp | |
| N/A | 127.0.0.1:54975 | tcp | |
| N/A | 127.0.0.1:54978 | tcp | |
| N/A | 127.0.0.1:54985 | tcp | |
| N/A | 127.0.0.1:54989 | tcp | |
| N/A | 127.0.0.1:54991 | tcp | |
| N/A | 127.0.0.1:54996 | tcp | |
| N/A | 127.0.0.1:55000 | tcp | |
| N/A | 127.0.0.1:55003 | tcp | |
| N/A | 127.0.0.1:55006 | tcp | |
| N/A | 127.0.0.1:55011 | tcp | |
| N/A | 127.0.0.1:55016 | tcp | |
| N/A | 127.0.0.1:55019 | tcp | |
| N/A | 127.0.0.1:55025 | tcp | |
| N/A | 127.0.0.1:55031 | tcp | |
| N/A | 127.0.0.1:55033 | tcp | |
| N/A | 127.0.0.1:55037 | tcp | |
| N/A | 127.0.0.1:55043 | tcp | |
| N/A | 127.0.0.1:55047 | tcp | |
| N/A | 127.0.0.1:55054 | tcp | |
| N/A | 127.0.0.1:55061 | tcp | |
| N/A | 127.0.0.1:55064 | tcp | |
| N/A | 127.0.0.1:55068 | tcp | |
| N/A | 127.0.0.1:55074 | tcp | |
| N/A | 127.0.0.1:55077 | tcp | |
| N/A | 127.0.0.1:55081 | tcp | |
| N/A | 127.0.0.1:55085 | tcp | |
| N/A | 127.0.0.1:55089 | tcp | |
| N/A | 127.0.0.1:55093 | tcp | |
| N/A | 127.0.0.1:55096 | tcp | |
| N/A | 127.0.0.1:55100 | tcp | |
| N/A | 127.0.0.1:55106 | tcp | |
| N/A | 127.0.0.1:55111 | tcp | |
| N/A | 127.0.0.1:55117 | tcp | |
| N/A | 127.0.0.1:55120 | tcp | |
| N/A | 127.0.0.1:55125 | tcp | |
| N/A | 127.0.0.1:55128 | tcp | |
| N/A | 127.0.0.1:55132 | tcp | |
| N/A | 127.0.0.1:55134 | tcp | |
| N/A | 127.0.0.1:55136 | tcp | |
| N/A | 127.0.0.1:55142 | tcp | |
| N/A | 127.0.0.1:55146 | tcp | |
| N/A | 127.0.0.1:55153 | tcp | |
| N/A | 127.0.0.1:55156 | tcp | |
| N/A | 127.0.0.1:55158 | tcp | |
| N/A | 127.0.0.1:55163 | tcp | |
| N/A | 127.0.0.1:55172 | tcp | |
| N/A | 127.0.0.1:55174 | tcp | |
| N/A | 127.0.0.1:55177 | tcp | |
| N/A | 127.0.0.1:55187 | tcp | |
| N/A | 127.0.0.1:55190 | tcp | |
| N/A | 127.0.0.1:55193 | tcp | |
| N/A | 127.0.0.1:55199 | tcp | |
| N/A | 127.0.0.1:55202 | tcp | |
| N/A | 127.0.0.1:55206 | tcp | |
| N/A | 127.0.0.1:55209 | tcp | |
| N/A | 127.0.0.1:55213 | tcp | |
| N/A | 127.0.0.1:55219 | tcp | |
| N/A | 127.0.0.1:55222 | tcp | |
| N/A | 127.0.0.1:55228 | tcp | |
| N/A | 127.0.0.1:55234 | tcp | |
| N/A | 127.0.0.1:55240 | tcp | |
| N/A | 127.0.0.1:55242 | tcp | |
| N/A | 127.0.0.1:55245 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:55250 | tcp | |
| N/A | 127.0.0.1:55259 | tcp | |
| N/A | 127.0.0.1:55261 | tcp | |
| N/A | 127.0.0.1:55263 | tcp | |
| N/A | 127.0.0.1:55265 | tcp | |
| N/A | 127.0.0.1:55268 | tcp | |
| N/A | 127.0.0.1:55276 | tcp | |
| N/A | 127.0.0.1:55280 | tcp | |
| N/A | 127.0.0.1:55282 | tcp | |
| N/A | 127.0.0.1:55285 | tcp | |
| N/A | 127.0.0.1:55288 | tcp | |
| N/A | 127.0.0.1:55296 | tcp | |
| N/A | 127.0.0.1:55299 | tcp | |
| N/A | 127.0.0.1:55306 | tcp | |
| N/A | 127.0.0.1:55310 | tcp | |
| N/A | 127.0.0.1:55312 | tcp | |
| N/A | 127.0.0.1:55314 | tcp | |
| N/A | 127.0.0.1:55317 | tcp | |
| N/A | 127.0.0.1:55320 | tcp | |
| N/A | 127.0.0.1:55331 | tcp | |
| N/A | 127.0.0.1:55334 | tcp | |
| N/A | 127.0.0.1:55337 | tcp | |
| N/A | 127.0.0.1:55339 | tcp | |
| N/A | 127.0.0.1:55348 | tcp | |
| N/A | 127.0.0.1:55350 | tcp | |
| N/A | 127.0.0.1:55355 | tcp | |
| N/A | 127.0.0.1:55360 | tcp | |
| N/A | 127.0.0.1:55363 | tcp | |
| N/A | 127.0.0.1:55366 | tcp | |
| N/A | 127.0.0.1:55369 | tcp | |
| N/A | 127.0.0.1:55379 | tcp | |
| N/A | 127.0.0.1:55381 | tcp | |
| N/A | 127.0.0.1:55386 | tcp | |
| N/A | 127.0.0.1:55392 | tcp | |
| N/A | 127.0.0.1:55396 | tcp | |
| N/A | 127.0.0.1:55402 | tcp | |
| N/A | 127.0.0.1:55406 | tcp | |
| N/A | 127.0.0.1:55410 | tcp | |
| N/A | 127.0.0.1:55420 | tcp | |
| N/A | 127.0.0.1:55424 | tcp | |
| N/A | 127.0.0.1:55426 | tcp | |
| N/A | 127.0.0.1:55429 | tcp | |
| N/A | 127.0.0.1:55432 | tcp | |
| N/A | 127.0.0.1:55434 | tcp | |
| N/A | 127.0.0.1:55438 | tcp | |
| N/A | 127.0.0.1:55446 | tcp | |
| N/A | 127.0.0.1:55450 | tcp | |
| N/A | 127.0.0.1:55458 | tcp | |
| N/A | 127.0.0.1:55461 | tcp | |
| N/A | 127.0.0.1:55465 | tcp | |
| N/A | 127.0.0.1:55469 | tcp | |
| N/A | 127.0.0.1:55475 | tcp | |
| N/A | 127.0.0.1:55477 | tcp | |
| N/A | 127.0.0.1:55482 | tcp | |
| N/A | 127.0.0.1:55487 | tcp | |
| N/A | 127.0.0.1:55490 | tcp | |
| N/A | 127.0.0.1:55498 | tcp | |
| N/A | 127.0.0.1:55501 | tcp | |
| N/A | 127.0.0.1:55504 | tcp | |
| N/A | 127.0.0.1:55515 | tcp | |
| N/A | 127.0.0.1:55517 | tcp | |
| N/A | 127.0.0.1:55522 | tcp | |
| N/A | 127.0.0.1:55525 | tcp | |
| N/A | 127.0.0.1:55529 | tcp | |
| N/A | 127.0.0.1:55536 | tcp | |
| N/A | 127.0.0.1:55542 | tcp | |
| N/A | 127.0.0.1:55546 | tcp | |
| N/A | 127.0.0.1:55549 | tcp | |
| N/A | 127.0.0.1:55554 | tcp | |
| N/A | 127.0.0.1:55559 | tcp | |
| N/A | 127.0.0.1:55563 | tcp | |
| N/A | 127.0.0.1:55570 | tcp | |
| N/A | 127.0.0.1:55575 | tcp | |
| N/A | 127.0.0.1:55579 | tcp | |
| N/A | 127.0.0.1:55587 | tcp | |
| N/A | 127.0.0.1:55589 | tcp | |
| N/A | 127.0.0.1:55595 | tcp | |
| N/A | 127.0.0.1:55597 | tcp | |
| N/A | 127.0.0.1:55600 | tcp | |
| N/A | 127.0.0.1:55609 | tcp | |
| N/A | 127.0.0.1:55613 | tcp | |
| N/A | 127.0.0.1:55616 | tcp | |
| N/A | 127.0.0.1:55619 | tcp | |
| N/A | 127.0.0.1:55621 | tcp | |
| N/A | 127.0.0.1:55630 | tcp | |
| N/A | 127.0.0.1:55633 | tcp | |
| N/A | 127.0.0.1:55639 | tcp | |
| N/A | 127.0.0.1:55643 | tcp | |
| N/A | 127.0.0.1:55644 | tcp | |
| N/A | 127.0.0.1:55650 | tcp | |
| N/A | 127.0.0.1:55653 | tcp | |
| N/A | 127.0.0.1:55658 | tcp | |
| N/A | 127.0.0.1:55660 | tcp | |
| N/A | 127.0.0.1:55664 | tcp | |
| N/A | 127.0.0.1:55666 | tcp | |
| N/A | 127.0.0.1:55671 | tcp | |
| N/A | 127.0.0.1:55674 | tcp | |
| N/A | 127.0.0.1:55679 | tcp | |
| N/A | 127.0.0.1:55683 | tcp | |
| N/A | 127.0.0.1:55690 | tcp | |
| N/A | 127.0.0.1:55694 | tcp | |
| N/A | 127.0.0.1:55696 | tcp | |
| N/A | 127.0.0.1:55702 | tcp | |
| N/A | 127.0.0.1:55707 | tcp | |
| N/A | 127.0.0.1:55709 | tcp | |
| N/A | 127.0.0.1:55713 | tcp | |
| N/A | 127.0.0.1:55720 | tcp | |
| N/A | 127.0.0.1:55724 | tcp | |
| N/A | 127.0.0.1:55728 | tcp | |
| N/A | 127.0.0.1:55730 | tcp | |
| N/A | 127.0.0.1:55733 | tcp | |
| N/A | 127.0.0.1:55737 | tcp | |
| N/A | 127.0.0.1:55740 | tcp | |
| N/A | 127.0.0.1:55744 | tcp | |
| N/A | 127.0.0.1:55746 | tcp | |
| N/A | 127.0.0.1:55752 | tcp | |
| N/A | 127.0.0.1:55757 | tcp | |
| N/A | 127.0.0.1:55760 | tcp | |
| N/A | 127.0.0.1:55763 | tcp | |
| N/A | 127.0.0.1:55766 | tcp | |
| N/A | 127.0.0.1:55768 | tcp | |
| N/A | 127.0.0.1:55770 | tcp | |
| N/A | 127.0.0.1:55772 | tcp | |
| N/A | 127.0.0.1:55778 | tcp | |
| N/A | 127.0.0.1:55788 | tcp | |
| N/A | 127.0.0.1:55790 | tcp | |
| N/A | 127.0.0.1:55796 | tcp | |
| N/A | 127.0.0.1:55799 | tcp | |
| N/A | 127.0.0.1:55804 | tcp | |
| N/A | 127.0.0.1:55807 | tcp | |
| N/A | 127.0.0.1:55810 | tcp | |
| N/A | 127.0.0.1:55813 | tcp | |
| N/A | 127.0.0.1:55818 | tcp | |
| N/A | 127.0.0.1:55824 | tcp | |
| N/A | 127.0.0.1:55826 | tcp | |
| N/A | 127.0.0.1:55828 | tcp | |
| N/A | 127.0.0.1:55836 | tcp | |
| N/A | 127.0.0.1:55840 | tcp | |
| N/A | 127.0.0.1:55842 | tcp | |
| N/A | 127.0.0.1:55844 | tcp | |
| N/A | 127.0.0.1:55848 | tcp | |
| N/A | 127.0.0.1:55851 | tcp | |
| N/A | 127.0.0.1:55856 | tcp | |
| N/A | 127.0.0.1:55860 | tcp | |
| N/A | 127.0.0.1:55866 | tcp | |
| N/A | 127.0.0.1:55869 | tcp | |
| N/A | 127.0.0.1:55876 | tcp | |
| N/A | 127.0.0.1:55880 | tcp | |
| N/A | 127.0.0.1:55882 | tcp | |
| N/A | 127.0.0.1:55884 | tcp | |
| N/A | 127.0.0.1:55888 | tcp | |
| N/A | 127.0.0.1:55890 | tcp | |
| N/A | 127.0.0.1:55893 | tcp | |
| N/A | 127.0.0.1:55896 | tcp | |
| N/A | 127.0.0.1:55901 | tcp | |
| N/A | 127.0.0.1:55902 | tcp | |
| N/A | 127.0.0.1:55908 | tcp | |
| N/A | 127.0.0.1:55915 | tcp | |
| N/A | 127.0.0.1:55921 | tcp | |
| N/A | 127.0.0.1:55925 | tcp | |
| N/A | 127.0.0.1:55928 | tcp | |
| N/A | 127.0.0.1:55930 | tcp | |
| N/A | 127.0.0.1:55933 | tcp | |
| N/A | 127.0.0.1:55935 | tcp | |
| N/A | 127.0.0.1:55940 | tcp | |
| N/A | 127.0.0.1:55946 | tcp | |
| N/A | 127.0.0.1:55951 | tcp | |
| N/A | 127.0.0.1:55955 | tcp | |
| N/A | 127.0.0.1:55958 | tcp | |
| N/A | 127.0.0.1:55961 | tcp | |
| N/A | 127.0.0.1:55966 | tcp | |
| N/A | 127.0.0.1:55970 | tcp | |
| N/A | 127.0.0.1:55973 | tcp | |
| N/A | 127.0.0.1:55979 | tcp | |
| N/A | 127.0.0.1:55983 | tcp | |
| N/A | 127.0.0.1:55986 | tcp | |
| N/A | 127.0.0.1:55989 | tcp | |
| N/A | 127.0.0.1:55995 | tcp | |
| N/A | 127.0.0.1:55998 | tcp | |
| N/A | 127.0.0.1:56001 | tcp | |
| N/A | 127.0.0.1:56004 | tcp | |
| N/A | 127.0.0.1:56011 | tcp | |
| N/A | 127.0.0.1:56014 | tcp | |
| N/A | 127.0.0.1:56016 | tcp | |
| N/A | 127.0.0.1:56018 | tcp | |
| N/A | 127.0.0.1:56026 | tcp | |
| N/A | 127.0.0.1:56029 | tcp | |
| N/A | 127.0.0.1:56036 | tcp | |
| N/A | 127.0.0.1:56038 | tcp | |
| N/A | 127.0.0.1:56041 | tcp | |
| N/A | 127.0.0.1:56043 | tcp | |
| N/A | 127.0.0.1:56050 | tcp | |
| N/A | 127.0.0.1:56054 | tcp | |
| N/A | 127.0.0.1:56057 | tcp | |
| N/A | 127.0.0.1:56059 | tcp | |
| N/A | 127.0.0.1:56061 | tcp | |
| N/A | 127.0.0.1:56063 | tcp | |
| N/A | 127.0.0.1:56067 | tcp | |
| N/A | 127.0.0.1:56077 | tcp | |
| N/A | 127.0.0.1:56079 | tcp | |
| N/A | 127.0.0.1:56083 | tcp | |
| N/A | 127.0.0.1:56086 | tcp | |
| N/A | 127.0.0.1:56090 | tcp | |
| N/A | 127.0.0.1:56096 | tcp | |
| N/A | 127.0.0.1:56100 | tcp | |
| N/A | 127.0.0.1:56102 | tcp | |
| N/A | 127.0.0.1:56105 | tcp | |
| N/A | 127.0.0.1:56108 | tcp | |
| N/A | 127.0.0.1:56117 | tcp | |
| N/A | 127.0.0.1:56119 | tcp | |
| N/A | 127.0.0.1:56122 | tcp | |
| N/A | 127.0.0.1:56124 | tcp | |
| N/A | 127.0.0.1:56126 | tcp | |
| N/A | 127.0.0.1:56130 | tcp | |
| N/A | 127.0.0.1:56134 | tcp | |
| N/A | 127.0.0.1:56141 | tcp | |
| N/A | 127.0.0.1:56145 | tcp | |
| N/A | 127.0.0.1:56147 | tcp | |
| N/A | 127.0.0.1:56150 | tcp | |
| N/A | 127.0.0.1:56158 | tcp | |
| N/A | 127.0.0.1:56162 | tcp | |
| N/A | 127.0.0.1:56165 | tcp | |
| N/A | 127.0.0.1:56167 | tcp | |
| N/A | 127.0.0.1:56171 | tcp | |
| N/A | 127.0.0.1:56177 | tcp | |
| N/A | 127.0.0.1:56179 | tcp | |
| N/A | 127.0.0.1:56182 | tcp | |
| N/A | 127.0.0.1:56183 | tcp | |
| N/A | 127.0.0.1:56193 | tcp | |
| N/A | 127.0.0.1:56196 | tcp | |
| N/A | 127.0.0.1:56199 | tcp | |
| N/A | 127.0.0.1:56201 | tcp | |
| N/A | 127.0.0.1:56208 | tcp | |
| N/A | 127.0.0.1:56211 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:56216 | tcp | |
| N/A | 127.0.0.1:56222 | tcp | |
| N/A | 127.0.0.1:56225 | tcp | |
| N/A | 127.0.0.1:56227 | tcp | |
| N/A | 127.0.0.1:56230 | tcp | |
| N/A | 127.0.0.1:56235 | tcp | |
| N/A | 127.0.0.1:56240 | tcp | |
| N/A | 127.0.0.1:56243 | tcp | |
| N/A | 127.0.0.1:56247 | tcp | |
| N/A | 127.0.0.1:56251 | tcp | |
| N/A | 127.0.0.1:56254 | tcp | |
| N/A | 127.0.0.1:56259 | tcp | |
| N/A | 127.0.0.1:56261 | tcp | |
| N/A | 127.0.0.1:56263 | tcp | |
| N/A | 127.0.0.1:56265 | tcp | |
| N/A | 127.0.0.1:56267 | tcp | |
| N/A | 127.0.0.1:56269 | tcp | |
| N/A | 127.0.0.1:56271 | tcp | |
| N/A | 127.0.0.1:56273 | tcp | |
| N/A | 127.0.0.1:56275 | tcp | |
| N/A | 127.0.0.1:56277 | tcp | |
| N/A | 127.0.0.1:56279 | tcp | |
| N/A | 127.0.0.1:56281 | tcp | |
| N/A | 127.0.0.1:56283 | tcp | |
| N/A | 127.0.0.1:56285 | tcp | |
| N/A | 127.0.0.1:56287 | tcp | |
| N/A | 127.0.0.1:56289 | tcp | |
| N/A | 127.0.0.1:56291 | tcp | |
| N/A | 127.0.0.1:56293 | tcp | |
| N/A | 127.0.0.1:56295 | tcp | |
| N/A | 127.0.0.1:56297 | tcp | |
| N/A | 127.0.0.1:56299 | tcp | |
| N/A | 127.0.0.1:56301 | tcp | |
| N/A | 127.0.0.1:56303 | tcp | |
| N/A | 127.0.0.1:56305 | tcp | |
| N/A | 127.0.0.1:56307 | tcp | |
| N/A | 127.0.0.1:56309 | tcp | |
| N/A | 127.0.0.1:56311 | tcp | |
| N/A | 127.0.0.1:56313 | tcp | |
| N/A | 127.0.0.1:56315 | tcp | |
| N/A | 127.0.0.1:56317 | tcp | |
| N/A | 127.0.0.1:56319 | tcp | |
| N/A | 127.0.0.1:56321 | tcp | |
| N/A | 127.0.0.1:56323 | tcp | |
| N/A | 127.0.0.1:56325 | tcp | |
| N/A | 127.0.0.1:56327 | tcp | |
| N/A | 127.0.0.1:56329 | tcp | |
| N/A | 127.0.0.1:56331 | tcp | |
| N/A | 127.0.0.1:56333 | tcp | |
| N/A | 127.0.0.1:56335 | tcp | |
| N/A | 127.0.0.1:56337 | tcp | |
| N/A | 127.0.0.1:56339 | tcp | |
| N/A | 127.0.0.1:56341 | tcp | |
| N/A | 127.0.0.1:56343 | tcp | |
| N/A | 127.0.0.1:56345 | tcp | |
| N/A | 127.0.0.1:56347 | tcp | |
| N/A | 127.0.0.1:56349 | tcp | |
| N/A | 127.0.0.1:56351 | tcp | |
| N/A | 127.0.0.1:56353 | tcp | |
| N/A | 127.0.0.1:56356 | tcp | |
| N/A | 127.0.0.1:56358 | tcp | |
| N/A | 127.0.0.1:56360 | tcp | |
| N/A | 127.0.0.1:56362 | tcp | |
| N/A | 127.0.0.1:56364 | tcp | |
| N/A | 127.0.0.1:56366 | tcp | |
| N/A | 127.0.0.1:56368 | tcp | |
| N/A | 127.0.0.1:56370 | tcp | |
| N/A | 127.0.0.1:56372 | tcp | |
| N/A | 127.0.0.1:56374 | tcp | |
| N/A | 127.0.0.1:56376 | tcp | |
| N/A | 127.0.0.1:56378 | tcp | |
| N/A | 127.0.0.1:56380 | tcp | |
| N/A | 127.0.0.1:56382 | tcp | |
| N/A | 127.0.0.1:56384 | tcp | |
| N/A | 127.0.0.1:56386 | tcp | |
| N/A | 127.0.0.1:56387 | tcp | |
| N/A | 127.0.0.1:56390 | tcp | |
| N/A | 127.0.0.1:56392 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:56395 | tcp | |
| N/A | 127.0.0.1:56397 | tcp | |
| N/A | 127.0.0.1:56399 | tcp | |
| N/A | 127.0.0.1:56401 | tcp | |
| N/A | 127.0.0.1:56403 | tcp | |
| N/A | 127.0.0.1:56405 | tcp | |
| N/A | 127.0.0.1:56407 | tcp | |
| N/A | 127.0.0.1:56409 | tcp | |
| N/A | 127.0.0.1:56411 | tcp | |
| N/A | 127.0.0.1:56413 | tcp | |
| N/A | 127.0.0.1:56415 | tcp | |
| N/A | 127.0.0.1:56417 | tcp | |
| N/A | 127.0.0.1:56419 | tcp | |
| N/A | 127.0.0.1:56421 | tcp | |
| N/A | 127.0.0.1:56423 | tcp | |
| N/A | 127.0.0.1:56425 | tcp | |
| N/A | 127.0.0.1:56427 | tcp | |
| N/A | 127.0.0.1:56429 | tcp | |
| N/A | 127.0.0.1:56431 | tcp | |
| N/A | 127.0.0.1:56433 | tcp | |
| N/A | 127.0.0.1:56435 | tcp | |
| N/A | 127.0.0.1:56437 | tcp | |
| N/A | 127.0.0.1:56439 | tcp | |
| N/A | 127.0.0.1:56441 | tcp | |
| N/A | 127.0.0.1:56443 | tcp | |
| N/A | 127.0.0.1:56445 | tcp | |
| N/A | 127.0.0.1:56447 | tcp | |
| N/A | 127.0.0.1:56449 | tcp | |
| N/A | 127.0.0.1:56451 | tcp | |
| N/A | 127.0.0.1:56453 | tcp | |
| N/A | 127.0.0.1:56455 | tcp | |
| N/A | 127.0.0.1:56457 | tcp | |
| N/A | 127.0.0.1:56459 | tcp | |
| N/A | 127.0.0.1:56461 | tcp | |
| N/A | 127.0.0.1:56463 | tcp | |
| N/A | 127.0.0.1:56465 | tcp | |
| N/A | 127.0.0.1:56467 | tcp | |
| N/A | 127.0.0.1:56469 | tcp | |
| N/A | 127.0.0.1:56471 | tcp | |
| N/A | 127.0.0.1:56473 | tcp | |
| N/A | 127.0.0.1:56475 | tcp | |
| N/A | 127.0.0.1:56477 | tcp | |
| N/A | 127.0.0.1:56479 | tcp | |
| N/A | 127.0.0.1:56481 | tcp | |
| N/A | 127.0.0.1:56483 | tcp | |
| N/A | 127.0.0.1:56485 | tcp | |
| N/A | 127.0.0.1:56487 | tcp | |
| N/A | 127.0.0.1:56489 | tcp | |
| N/A | 127.0.0.1:56491 | tcp | |
| N/A | 127.0.0.1:56493 | tcp | |
| N/A | 127.0.0.1:56495 | tcp | |
| N/A | 127.0.0.1:56497 | tcp | |
| N/A | 127.0.0.1:56499 | tcp | |
| N/A | 127.0.0.1:56501 | tcp | |
| N/A | 127.0.0.1:56503 | tcp | |
| N/A | 127.0.0.1:56505 | tcp | |
| N/A | 127.0.0.1:56507 | tcp | |
| N/A | 127.0.0.1:56509 | tcp | |
| N/A | 127.0.0.1:56511 | tcp | |
| N/A | 127.0.0.1:56513 | tcp | |
| N/A | 127.0.0.1:56515 | tcp | |
| N/A | 127.0.0.1:56517 | tcp | |
| N/A | 127.0.0.1:56519 | tcp | |
| N/A | 127.0.0.1:56521 | tcp | |
| N/A | 127.0.0.1:56523 | tcp | |
| N/A | 127.0.0.1:56525 | tcp | |
| N/A | 127.0.0.1:56527 | tcp | |
| N/A | 127.0.0.1:56529 | tcp | |
| N/A | 127.0.0.1:56531 | tcp | |
| N/A | 127.0.0.1:56533 | tcp | |
| N/A | 127.0.0.1:56536 | tcp | |
| N/A | 127.0.0.1:56538 | tcp | |
| N/A | 127.0.0.1:56540 | tcp | |
| N/A | 127.0.0.1:56542 | tcp | |
| N/A | 127.0.0.1:56544 | tcp | |
| N/A | 127.0.0.1:56546 | tcp | |
| N/A | 127.0.0.1:56548 | tcp | |
| N/A | 127.0.0.1:56550 | tcp | |
| N/A | 127.0.0.1:56552 | tcp | |
| N/A | 127.0.0.1:56554 | tcp | |
| N/A | 127.0.0.1:56556 | tcp | |
| N/A | 127.0.0.1:56558 | tcp | |
| N/A | 127.0.0.1:56560 | tcp | |
| N/A | 127.0.0.1:56562 | tcp | |
| N/A | 127.0.0.1:56564 | tcp | |
| N/A | 127.0.0.1:56578 | tcp | |
| N/A | 127.0.0.1:56784 | tcp | |
| N/A | 127.0.0.1:56787 | tcp | |
| N/A | 127.0.0.1:56789 | tcp | |
| N/A | 127.0.0.1:56791 | tcp | |
| N/A | 127.0.0.1:56793 | tcp | |
| N/A | 127.0.0.1:56796 | tcp | |
| N/A | 127.0.0.1:56798 | tcp | |
| N/A | 127.0.0.1:56801 | tcp | |
| N/A | 127.0.0.1:56803 | tcp | |
| N/A | 127.0.0.1:56805 | tcp | |
| N/A | 127.0.0.1:56807 | tcp | |
| N/A | 127.0.0.1:56810 | tcp | |
| N/A | 127.0.0.1:56812 | tcp | |
| N/A | 127.0.0.1:56815 | tcp | |
| N/A | 127.0.0.1:56817 | tcp | |
| N/A | 127.0.0.1:56819 | tcp | |
| N/A | 127.0.0.1:56821 | tcp | |
| N/A | 127.0.0.1:56824 | tcp | |
| N/A | 127.0.0.1:56826 | tcp | |
| N/A | 127.0.0.1:56828 | tcp | |
| N/A | 127.0.0.1:56830 | tcp | |
| N/A | 127.0.0.1:56832 | tcp | |
| N/A | 127.0.0.1:56834 | tcp | |
| N/A | 127.0.0.1:56836 | tcp | |
| N/A | 127.0.0.1:56838 | tcp | |
| N/A | 127.0.0.1:56840 | tcp | |
| N/A | 127.0.0.1:56842 | tcp | |
| N/A | 127.0.0.1:56845 | tcp | |
| N/A | 127.0.0.1:56847 | tcp | |
| N/A | 127.0.0.1:56849 | tcp | |
| N/A | 127.0.0.1:56851 | tcp | |
| N/A | 127.0.0.1:56854 | tcp | |
| N/A | 127.0.0.1:56856 | tcp | |
| N/A | 127.0.0.1:56858 | tcp | |
| N/A | 127.0.0.1:56860 | tcp | |
| N/A | 127.0.0.1:56862 | tcp | |
| N/A | 127.0.0.1:56864 | tcp | |
| N/A | 127.0.0.1:56866 | tcp | |
| N/A | 127.0.0.1:56868 | tcp | |
| N/A | 127.0.0.1:56870 | tcp | |
| N/A | 127.0.0.1:56872 | tcp | |
| N/A | 127.0.0.1:56874 | tcp | |
| N/A | 127.0.0.1:56876 | tcp | |
| N/A | 127.0.0.1:56878 | tcp | |
| N/A | 127.0.0.1:56880 | tcp | |
| N/A | 127.0.0.1:56882 | tcp | |
| N/A | 127.0.0.1:56884 | tcp | |
| N/A | 127.0.0.1:56886 | tcp | |
| N/A | 127.0.0.1:56888 | tcp | |
| N/A | 127.0.0.1:56890 | tcp | |
| N/A | 127.0.0.1:56893 | tcp | |
| N/A | 127.0.0.1:56895 | tcp | |
| N/A | 127.0.0.1:56897 | tcp | |
| N/A | 127.0.0.1:56898 | tcp | |
| N/A | 127.0.0.1:56902 | tcp | |
| N/A | 127.0.0.1:56901 | tcp | |
| N/A | 127.0.0.1:56905 | tcp | |
| N/A | 127.0.0.1:56907 | tcp | |
| N/A | 127.0.0.1:56909 | tcp | |
| N/A | 127.0.0.1:56911 | tcp | |
| N/A | 127.0.0.1:56912 | tcp | |
| N/A | 127.0.0.1:56915 | tcp | |
| N/A | 127.0.0.1:56917 | tcp | |
| N/A | 127.0.0.1:56919 | tcp | |
| N/A | 127.0.0.1:56921 | tcp | |
| N/A | 127.0.0.1:56923 | tcp | |
| N/A | 127.0.0.1:56925 | tcp | |
| N/A | 127.0.0.1:56927 | tcp | |
| N/A | 127.0.0.1:56929 | tcp | |
| N/A | 127.0.0.1:56931 | tcp | |
| N/A | 127.0.0.1:56933 | tcp | |
| N/A | 127.0.0.1:56935 | tcp | |
| N/A | 127.0.0.1:56937 | tcp | |
| N/A | 127.0.0.1:56938 | tcp | |
| N/A | 127.0.0.1:56942 | tcp | |
| N/A | 127.0.0.1:56944 | tcp | |
| N/A | 127.0.0.1:56947 | tcp | |
| N/A | 127.0.0.1:56946 | tcp | |
| N/A | 127.0.0.1:56950 | tcp | |
| N/A | 127.0.0.1:56953 | tcp | |
| N/A | 127.0.0.1:56952 | tcp | |
| N/A | 127.0.0.1:56956 | tcp | |
| N/A | 127.0.0.1:56958 | tcp | |
| N/A | 127.0.0.1:56960 | tcp | |
| N/A | 127.0.0.1:56962 | tcp | |
| N/A | 127.0.0.1:56964 | tcp | |
| N/A | 127.0.0.1:56966 | tcp | |
| N/A | 127.0.0.1:56968 | tcp | |
| N/A | 127.0.0.1:56970 | tcp | |
| N/A | 127.0.0.1:56972 | tcp | |
| N/A | 127.0.0.1:56974 | tcp | |
| N/A | 127.0.0.1:56977 | tcp | |
| N/A | 127.0.0.1:56979 | tcp | |
| N/A | 127.0.0.1:56981 | tcp | |
| N/A | 127.0.0.1:56983 | tcp | |
| N/A | 127.0.0.1:56985 | tcp | |
| N/A | 127.0.0.1:56987 | tcp | |
| N/A | 127.0.0.1:56989 | tcp | |
| N/A | 127.0.0.1:56992 | tcp | |
| N/A | 127.0.0.1:56994 | tcp | |
| N/A | 127.0.0.1:56997 | tcp | |
| N/A | 127.0.0.1:56996 | tcp | |
| N/A | 127.0.0.1:57000 | tcp | |
| N/A | 127.0.0.1:57002 | tcp | |
| N/A | 127.0.0.1:57004 | tcp | |
| N/A | 127.0.0.1:57006 | tcp | |
| N/A | 127.0.0.1:57008 | tcp | |
| N/A | 127.0.0.1:57010 | tcp | |
| N/A | 127.0.0.1:57012 | tcp | |
| N/A | 127.0.0.1:57015 | tcp | |
| N/A | 127.0.0.1:57018 | tcp | |
| N/A | 127.0.0.1:57017 | tcp | |
| N/A | 127.0.0.1:57021 | tcp | |
| N/A | 127.0.0.1:57023 | tcp | |
| N/A | 127.0.0.1:57025 | tcp | |
| N/A | 127.0.0.1:57027 | tcp | |
| N/A | 127.0.0.1:57029 | tcp | |
| N/A | 127.0.0.1:57032 | tcp | |
| N/A | 127.0.0.1:57031 | tcp | |
| N/A | 127.0.0.1:57035 | tcp | |
| N/A | 127.0.0.1:57037 | tcp | |
| N/A | 127.0.0.1:57040 | tcp | |
| N/A | 127.0.0.1:57042 | tcp | |
| N/A | 127.0.0.1:57044 | tcp | |
| N/A | 127.0.0.1:57046 | tcp | |
| N/A | 127.0.0.1:57048 | tcp | |
| N/A | 127.0.0.1:57050 | tcp | |
| N/A | 127.0.0.1:57052 | tcp | |
| N/A | 127.0.0.1:57054 | tcp | |
| N/A | 127.0.0.1:57056 | tcp | |
| N/A | 127.0.0.1:57058 | tcp | |
| N/A | 127.0.0.1:57060 | tcp | |
| N/A | 127.0.0.1:57062 | tcp | |
| N/A | 127.0.0.1:57064 | tcp | |
| N/A | 127.0.0.1:57066 | tcp | |
| N/A | 127.0.0.1:57068 | tcp | |
| N/A | 127.0.0.1:57070 | tcp | |
| N/A | 127.0.0.1:57072 | tcp | |
| N/A | 127.0.0.1:57074 | tcp | |
| N/A | 127.0.0.1:57076 | tcp | |
| N/A | 127.0.0.1:57078 | tcp | |
| N/A | 127.0.0.1:57081 | tcp | |
| N/A | 127.0.0.1:57083 | tcp | |
| N/A | 127.0.0.1:57084 | tcp | |
| N/A | 127.0.0.1:57087 | tcp | |
| N/A | 127.0.0.1:57089 | tcp | |
| N/A | 127.0.0.1:57091 | tcp | |
| N/A | 127.0.0.1:57093 | tcp | |
| N/A | 127.0.0.1:57094 | tcp | |
| N/A | 127.0.0.1:57097 | tcp | |
| N/A | 127.0.0.1:57099 | tcp | |
| N/A | 127.0.0.1:57101 | tcp | |
| N/A | 127.0.0.1:57104 | tcp | |
| N/A | 127.0.0.1:57106 | tcp | |
| N/A | 127.0.0.1:57109 | tcp | |
| N/A | 127.0.0.1:57111 | tcp | |
| N/A | 127.0.0.1:57113 | tcp | |
| N/A | 127.0.0.1:57115 | tcp | |
| N/A | 127.0.0.1:57117 | tcp | |
| N/A | 127.0.0.1:57119 | tcp | |
| N/A | 127.0.0.1:57120 | tcp | |
| N/A | 127.0.0.1:57123 | tcp | |
| N/A | 127.0.0.1:57125 | tcp | |
| N/A | 127.0.0.1:57127 | tcp | |
| N/A | 127.0.0.1:57129 | tcp | |
| N/A | 127.0.0.1:57131 | tcp | |
| N/A | 127.0.0.1:57133 | tcp | |
| N/A | 127.0.0.1:57135 | tcp | |
| N/A | 127.0.0.1:57137 | tcp | |
| N/A | 127.0.0.1:57139 | tcp | |
| N/A | 127.0.0.1:57141 | tcp | |
| N/A | 127.0.0.1:57143 | tcp | |
| N/A | 127.0.0.1:57145 | tcp | |
| N/A | 127.0.0.1:57147 | tcp | |
| N/A | 127.0.0.1:57149 | tcp | |
| N/A | 127.0.0.1:57151 | tcp | |
| N/A | 127.0.0.1:57153 | tcp | |
| N/A | 127.0.0.1:57155 | tcp | |
| N/A | 127.0.0.1:57157 | tcp | |
| N/A | 127.0.0.1:57159 | tcp | |
| N/A | 127.0.0.1:57161 | tcp | |
| N/A | 127.0.0.1:57163 | tcp | |
| N/A | 127.0.0.1:57165 | tcp | |
| N/A | 127.0.0.1:57167 | tcp | |
| N/A | 127.0.0.1:57169 | tcp | |
| N/A | 127.0.0.1:57171 | tcp | |
| N/A | 127.0.0.1:57173 | tcp | |
| N/A | 127.0.0.1:57175 | tcp | |
| N/A | 127.0.0.1:57177 | tcp | |
| N/A | 127.0.0.1:57179 | tcp | |
| N/A | 127.0.0.1:57181 | tcp | |
| N/A | 127.0.0.1:57183 | tcp | |
| N/A | 127.0.0.1:57185 | tcp | |
| N/A | 127.0.0.1:57187 | tcp | |
| N/A | 127.0.0.1:57189 | tcp | |
| N/A | 127.0.0.1:57191 | tcp | |
| N/A | 127.0.0.1:57193 | tcp | |
| N/A | 127.0.0.1:57195 | tcp | |
| N/A | 127.0.0.1:57197 | tcp | |
| N/A | 127.0.0.1:57199 | tcp | |
| N/A | 127.0.0.1:57201 | tcp | |
| N/A | 127.0.0.1:57203 | tcp | |
| N/A | 127.0.0.1:57205 | tcp | |
| N/A | 127.0.0.1:57207 | tcp | |
| N/A | 127.0.0.1:57209 | tcp | |
| N/A | 127.0.0.1:57211 | tcp | |
| N/A | 127.0.0.1:57213 | tcp | |
| N/A | 127.0.0.1:57215 | tcp | |
| N/A | 127.0.0.1:57217 | tcp | |
| N/A | 127.0.0.1:57219 | tcp | |
| N/A | 127.0.0.1:57221 | tcp | |
| N/A | 127.0.0.1:57223 | tcp | |
| N/A | 127.0.0.1:57225 | tcp | |
| N/A | 127.0.0.1:57227 | tcp | |
| N/A | 127.0.0.1:57229 | tcp | |
| N/A | 127.0.0.1:57231 | tcp | |
| N/A | 127.0.0.1:57233 | tcp | |
| N/A | 127.0.0.1:57235 | tcp | |
| N/A | 127.0.0.1:57237 | tcp | |
| N/A | 127.0.0.1:57239 | tcp | |
| N/A | 127.0.0.1:57241 | tcp | |
| N/A | 127.0.0.1:57243 | tcp | |
| N/A | 127.0.0.1:57245 | tcp | |
| N/A | 127.0.0.1:57248 | tcp | |
| N/A | 127.0.0.1:57250 | tcp | |
| N/A | 127.0.0.1:57252 | tcp | |
| N/A | 127.0.0.1:57254 | tcp | |
| N/A | 127.0.0.1:57256 | tcp | |
| N/A | 127.0.0.1:57258 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:57261 | tcp | |
| N/A | 127.0.0.1:57263 | tcp | |
| N/A | 127.0.0.1:57265 | tcp | |
| N/A | 127.0.0.1:57267 | tcp | |
| N/A | 127.0.0.1:57269 | tcp | |
| N/A | 127.0.0.1:57271 | tcp | |
| N/A | 127.0.0.1:57273 | tcp | |
| N/A | 127.0.0.1:57275 | tcp | |
| N/A | 127.0.0.1:57277 | tcp | |
| N/A | 127.0.0.1:57279 | tcp | |
| N/A | 127.0.0.1:57281 | tcp | |
| N/A | 127.0.0.1:57284 | tcp | |
| N/A | 127.0.0.1:57286 | tcp | |
| N/A | 127.0.0.1:57288 | tcp | |
| N/A | 127.0.0.1:57290 | tcp | |
| N/A | 127.0.0.1:57292 | tcp | |
| N/A | 127.0.0.1:57294 | tcp | |
| N/A | 127.0.0.1:57296 | tcp | |
| N/A | 127.0.0.1:57298 | tcp | |
| N/A | 127.0.0.1:57300 | tcp | |
| N/A | 127.0.0.1:57302 | tcp | |
| N/A | 127.0.0.1:57304 | tcp | |
| N/A | 127.0.0.1:57306 | tcp | |
| N/A | 127.0.0.1:57308 | tcp | |
| N/A | 127.0.0.1:57310 | tcp | |
| N/A | 127.0.0.1:57312 | tcp | |
| N/A | 127.0.0.1:57314 | tcp | |
| N/A | 127.0.0.1:57316 | tcp | |
| N/A | 127.0.0.1:57318 | tcp | |
| N/A | 127.0.0.1:57320 | tcp | |
| N/A | 127.0.0.1:57322 | tcp | |
| N/A | 127.0.0.1:57324 | tcp | |
| N/A | 127.0.0.1:57326 | tcp | |
| N/A | 127.0.0.1:57328 | tcp | |
| N/A | 127.0.0.1:57330 | tcp | |
| N/A | 127.0.0.1:57332 | tcp | |
| N/A | 127.0.0.1:57334 | tcp | |
| N/A | 127.0.0.1:57336 | tcp | |
| N/A | 127.0.0.1:57338 | tcp | |
| N/A | 127.0.0.1:57340 | tcp | |
| N/A | 127.0.0.1:57342 | tcp | |
| N/A | 127.0.0.1:57343 | tcp | |
| N/A | 127.0.0.1:57754 | tcp | |
| N/A | 127.0.0.1:57755 | tcp | |
| N/A | 127.0.0.1:57759 | tcp | |
| N/A | 127.0.0.1:57761 | tcp | |
| N/A | 127.0.0.1:57763 | tcp | |
| N/A | 127.0.0.1:57765 | tcp | |
| N/A | 127.0.0.1:57767 | tcp | |
| N/A | 127.0.0.1:57769 | tcp | |
| N/A | 127.0.0.1:57771 | tcp | |
| N/A | 127.0.0.1:57773 | tcp | |
| N/A | 127.0.0.1:57775 | tcp | |
| N/A | 127.0.0.1:57777 | tcp | |
| N/A | 127.0.0.1:57779 | tcp | |
| N/A | 127.0.0.1:57781 | tcp | |
| N/A | 127.0.0.1:57783 | tcp | |
| N/A | 127.0.0.1:57785 | tcp | |
| N/A | 127.0.0.1:57787 | tcp | |
| N/A | 127.0.0.1:57790 | tcp | |
| N/A | 127.0.0.1:57792 | tcp | |
| N/A | 127.0.0.1:57794 | tcp | |
| N/A | 127.0.0.1:57796 | tcp | |
| N/A | 127.0.0.1:57798 | tcp | |
| N/A | 127.0.0.1:57800 | tcp | |
| N/A | 127.0.0.1:57802 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:57805 | tcp | |
| N/A | 127.0.0.1:57807 | tcp | |
| N/A | 127.0.0.1:57809 | tcp | |
| N/A | 127.0.0.1:57811 | tcp | |
| N/A | 127.0.0.1:57813 | tcp | |
| N/A | 127.0.0.1:57815 | tcp | |
| N/A | 127.0.0.1:57817 | tcp | |
| N/A | 127.0.0.1:57819 | tcp | |
| N/A | 127.0.0.1:57821 | tcp | |
| N/A | 127.0.0.1:57824 | tcp | |
| N/A | 127.0.0.1:57823 | tcp | |
| N/A | 127.0.0.1:57827 | tcp | |
| N/A | 127.0.0.1:57829 | tcp | |
| N/A | 127.0.0.1:57831 | tcp | |
| N/A | 127.0.0.1:57833 | tcp | |
| N/A | 127.0.0.1:57835 | tcp | |
| N/A | 127.0.0.1:57837 | tcp | |
| N/A | 127.0.0.1:57839 | tcp | |
| N/A | 127.0.0.1:57841 | tcp | |
| N/A | 127.0.0.1:57843 | tcp | |
| N/A | 127.0.0.1:57845 | tcp | |
| N/A | 127.0.0.1:57847 | tcp | |
| N/A | 127.0.0.1:57849 | tcp | |
| N/A | 127.0.0.1:57851 | tcp | |
| N/A | 127.0.0.1:57853 | tcp | |
| N/A | 127.0.0.1:57855 | tcp | |
| N/A | 127.0.0.1:57857 | tcp | |
| N/A | 127.0.0.1:57859 | tcp | |
| N/A | 127.0.0.1:57861 | tcp | |
| N/A | 127.0.0.1:57863 | tcp | |
| N/A | 127.0.0.1:57865 | tcp | |
| N/A | 127.0.0.1:57867 | tcp | |
| N/A | 127.0.0.1:57869 | tcp | |
| N/A | 127.0.0.1:57870 | tcp | |
| N/A | 127.0.0.1:57873 | tcp | |
| N/A | 127.0.0.1:57875 | tcp | |
| N/A | 127.0.0.1:57877 | tcp | |
| N/A | 127.0.0.1:57879 | tcp | |
| N/A | 127.0.0.1:57881 | tcp | |
| N/A | 127.0.0.1:57884 | tcp | |
| N/A | 127.0.0.1:57883 | tcp | |
| N/A | 127.0.0.1:57887 | tcp | |
| N/A | 127.0.0.1:57888 | tcp | |
| N/A | 127.0.0.1:57891 | tcp | |
| N/A | 127.0.0.1:57893 | tcp | |
| N/A | 127.0.0.1:57895 | tcp | |
| N/A | 127.0.0.1:57898 | tcp | |
| N/A | 127.0.0.1:57900 | tcp | |
| N/A | 127.0.0.1:57902 | tcp | |
| N/A | 127.0.0.1:57904 | tcp | |
| N/A | 127.0.0.1:57906 | tcp | |
| N/A | 127.0.0.1:57908 | tcp | |
| N/A | 127.0.0.1:57911 | tcp | |
| N/A | 127.0.0.1:57913 | tcp | |
| N/A | 127.0.0.1:57915 | tcp | |
| N/A | 127.0.0.1:57917 | tcp | |
| N/A | 127.0.0.1:57919 | tcp | |
| N/A | 127.0.0.1:57921 | tcp | |
| N/A | 127.0.0.1:57923 | tcp | |
| N/A | 127.0.0.1:57925 | tcp | |
| N/A | 127.0.0.1:57929 | tcp | |
| N/A | 127.0.0.1:57931 | tcp | |
| N/A | 127.0.0.1:57933 | tcp | |
| N/A | 127.0.0.1:57935 | tcp | |
| N/A | 127.0.0.1:57938 | tcp | |
| N/A | 127.0.0.1:57940 | tcp | |
| N/A | 127.0.0.1:57942 | tcp | |
| N/A | 127.0.0.1:57944 | tcp | |
| N/A | 127.0.0.1:57947 | tcp | |
| N/A | 127.0.0.1:57949 | tcp | |
| N/A | 127.0.0.1:57951 | tcp | |
| N/A | 127.0.0.1:57953 | tcp | |
| N/A | 127.0.0.1:57956 | tcp | |
| N/A | 127.0.0.1:57958 | tcp | |
| N/A | 127.0.0.1:57960 | tcp | |
| N/A | 127.0.0.1:57962 | tcp | |
| N/A | 127.0.0.1:57966 | tcp | |
| N/A | 127.0.0.1:57969 | tcp | |
| N/A | 127.0.0.1:57971 | tcp | |
| N/A | 127.0.0.1:57973 | tcp | |
| N/A | 127.0.0.1:57975 | tcp | |
| N/A | 127.0.0.1:57977 | tcp | |
| N/A | 127.0.0.1:57979 | tcp | |
| N/A | 127.0.0.1:57981 | tcp | |
| N/A | 127.0.0.1:57984 | tcp | |
| N/A | 127.0.0.1:57983 | tcp | |
| N/A | 127.0.0.1:57987 | tcp | |
| N/A | 127.0.0.1:57990 | tcp | |
| N/A | 127.0.0.1:57992 | tcp | |
| N/A | 127.0.0.1:57994 | tcp | |
| N/A | 127.0.0.1:57996 | tcp | |
| N/A | 127.0.0.1:57998 | tcp | |
| N/A | 127.0.0.1:58000 | tcp | |
| N/A | 127.0.0.1:58002 | tcp | |
| N/A | 127.0.0.1:58004 | tcp | |
| N/A | 127.0.0.1:58006 | tcp | |
| N/A | 127.0.0.1:58008 | tcp | |
| N/A | 127.0.0.1:58010 | tcp | |
| N/A | 127.0.0.1:58012 | tcp | |
| N/A | 127.0.0.1:58014 | tcp | |
| N/A | 127.0.0.1:58016 | tcp | |
| N/A | 127.0.0.1:58018 | tcp | |
| N/A | 127.0.0.1:58021 | tcp | |
| N/A | 127.0.0.1:58023 | tcp | |
| N/A | 127.0.0.1:58025 | tcp | |
| N/A | 127.0.0.1:58028 | tcp | |
| N/A | 127.0.0.1:58030 | tcp | |
| N/A | 127.0.0.1:58032 | tcp | |
| N/A | 127.0.0.1:58034 | tcp | |
| N/A | 127.0.0.1:58036 | tcp | |
| N/A | 127.0.0.1:58039 | tcp | |
| N/A | 127.0.0.1:58038 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:58043 | tcp | |
| N/A | 127.0.0.1:58045 | tcp | |
| N/A | 127.0.0.1:58048 | tcp | |
| N/A | 127.0.0.1:58050 | tcp | |
| N/A | 127.0.0.1:58051 | tcp | |
| N/A | 127.0.0.1:58054 | tcp | |
| N/A | 127.0.0.1:58056 | tcp | |
| N/A | 127.0.0.1:58058 | tcp | |
| N/A | 127.0.0.1:58060 | tcp | |
| N/A | 127.0.0.1:58063 | tcp | |
| N/A | 127.0.0.1:58065 | tcp | |
| N/A | 127.0.0.1:58067 | tcp | |
| N/A | 127.0.0.1:58069 | tcp | |
| N/A | 127.0.0.1:58072 | tcp | |
| N/A | 127.0.0.1:58074 | tcp | |
| N/A | 127.0.0.1:58075 | tcp | |
| N/A | 127.0.0.1:58078 | tcp | |
| N/A | 127.0.0.1:58507 | tcp | |
| N/A | 127.0.0.1:58509 | tcp | |
| N/A | 127.0.0.1:58510 | tcp | |
| N/A | 127.0.0.1:58513 | tcp | |
| N/A | 127.0.0.1:58515 | tcp | |
| N/A | 127.0.0.1:58517 | tcp | |
| N/A | 127.0.0.1:58519 | tcp | |
| N/A | 127.0.0.1:58521 | tcp | |
| N/A | 127.0.0.1:58523 | tcp | |
| N/A | 127.0.0.1:58525 | tcp | |
| N/A | 127.0.0.1:58527 | tcp | |
| N/A | 127.0.0.1:58529 | tcp | |
| N/A | 127.0.0.1:58532 | tcp | |
| N/A | 127.0.0.1:58534 | tcp | |
| N/A | 127.0.0.1:58536 | tcp | |
| N/A | 127.0.0.1:58538 | tcp | |
| N/A | 127.0.0.1:58540 | tcp | |
| N/A | 127.0.0.1:58542 | tcp | |
| N/A | 127.0.0.1:58544 | tcp | |
| N/A | 127.0.0.1:58546 | tcp | |
| N/A | 127.0.0.1:58548 | tcp | |
| N/A | 127.0.0.1:58550 | tcp | |
| N/A | 127.0.0.1:58552 | tcp | |
| N/A | 127.0.0.1:58554 | tcp | |
| N/A | 127.0.0.1:58556 | tcp | |
| N/A | 127.0.0.1:58558 | tcp | |
| N/A | 127.0.0.1:58560 | tcp | |
| N/A | 127.0.0.1:58563 | tcp | |
| N/A | 127.0.0.1:58562 | tcp | |
| N/A | 127.0.0.1:58566 | tcp | |
| N/A | 127.0.0.1:58568 | tcp | |
| N/A | 127.0.0.1:58569 | tcp | |
| N/A | 127.0.0.1:58572 | tcp | |
| N/A | 127.0.0.1:58574 | tcp | |
| N/A | 127.0.0.1:58576 | tcp | |
| N/A | 127.0.0.1:58578 | tcp | |
| N/A | 127.0.0.1:58580 | tcp | |
| N/A | 127.0.0.1:58582 | tcp | |
| N/A | 127.0.0.1:58585 | tcp | |
| N/A | 127.0.0.1:58587 | tcp | |
| N/A | 127.0.0.1:58589 | tcp | |
| N/A | 127.0.0.1:58591 | tcp | |
| N/A | 127.0.0.1:58593 | tcp | |
| N/A | 127.0.0.1:58595 | tcp | |
| N/A | 127.0.0.1:58597 | tcp | |
| N/A | 127.0.0.1:58599 | tcp | |
| N/A | 127.0.0.1:58601 | tcp | |
| N/A | 127.0.0.1:58603 | tcp | |
| N/A | 127.0.0.1:58605 | tcp | |
| N/A | 127.0.0.1:58607 | tcp | |
| N/A | 127.0.0.1:58609 | tcp | |
| N/A | 127.0.0.1:58611 | tcp | |
| N/A | 127.0.0.1:58613 | tcp | |
| N/A | 127.0.0.1:58614 | tcp | |
| N/A | 127.0.0.1:58617 | tcp | |
| N/A | 127.0.0.1:58619 | tcp | |
| N/A | 127.0.0.1:58621 | tcp | |
| N/A | 127.0.0.1:58623 | tcp | |
| N/A | 127.0.0.1:58625 | tcp | |
| N/A | 127.0.0.1:58627 | tcp | |
| N/A | 127.0.0.1:58629 | tcp | |
| N/A | 127.0.0.1:58631 | tcp | |
| N/A | 127.0.0.1:58633 | tcp | |
| N/A | 127.0.0.1:58635 | tcp | |
| N/A | 127.0.0.1:58638 | tcp | |
| N/A | 127.0.0.1:58637 | tcp | |
| N/A | 127.0.0.1:58641 | tcp | |
| N/A | 127.0.0.1:58643 | tcp | |
| N/A | 127.0.0.1:58645 | tcp | |
| N/A | 127.0.0.1:58647 | tcp | |
| N/A | 127.0.0.1:58649 | tcp | |
| N/A | 127.0.0.1:58651 | tcp | |
| N/A | 127.0.0.1:58653 | tcp | |
| N/A | 127.0.0.1:58655 | tcp | |
| N/A | 127.0.0.1:58658 | tcp | |
| N/A | 127.0.0.1:58657 | tcp | |
| N/A | 127.0.0.1:58661 | tcp | |
| N/A | 127.0.0.1:58663 | tcp | |
| N/A | 127.0.0.1:58665 | tcp | |
| N/A | 127.0.0.1:58667 | tcp | |
| N/A | 127.0.0.1:58669 | tcp | |
| N/A | 127.0.0.1:58671 | tcp | |
| N/A | 127.0.0.1:58673 | tcp | |
| N/A | 127.0.0.1:58675 | tcp | |
| N/A | 127.0.0.1:58677 | tcp | |
| N/A | 127.0.0.1:58679 | tcp | |
| N/A | 127.0.0.1:58681 | tcp | |
| N/A | 127.0.0.1:58683 | tcp | |
| N/A | 127.0.0.1:58685 | tcp | |
| N/A | 127.0.0.1:58687 | tcp | |
| N/A | 127.0.0.1:58690 | tcp | |
| N/A | 127.0.0.1:58692 | tcp | |
| N/A | 127.0.0.1:58694 | tcp | |
| N/A | 127.0.0.1:58696 | tcp | |
| N/A | 127.0.0.1:58698 | tcp | |
| N/A | 127.0.0.1:58700 | tcp | |
| N/A | 127.0.0.1:58703 | tcp | |
| N/A | 127.0.0.1:58702 | tcp | |
| N/A | 127.0.0.1:58706 | tcp | |
| N/A | 127.0.0.1:58708 | tcp | |
| N/A | 127.0.0.1:58710 | tcp | |
| N/A | 127.0.0.1:58711 | tcp | |
| N/A | 127.0.0.1:58714 | tcp | |
| N/A | 127.0.0.1:58716 | tcp | |
| N/A | 127.0.0.1:58718 | tcp | |
| N/A | 127.0.0.1:58720 | tcp | |
| N/A | 127.0.0.1:58722 | tcp | |
| N/A | 127.0.0.1:58724 | tcp | |
| N/A | 127.0.0.1:58726 | tcp | |
| N/A | 127.0.0.1:58728 | tcp | |
| N/A | 127.0.0.1:58730 | tcp | |
| N/A | 127.0.0.1:58732 | tcp | |
| N/A | 127.0.0.1:58734 | tcp | |
| N/A | 127.0.0.1:58736 | tcp | |
| N/A | 127.0.0.1:58737 | tcp | |
| N/A | 127.0.0.1:58740 | tcp | |
| N/A | 127.0.0.1:58743 | tcp | |
| N/A | 127.0.0.1:58742 | tcp | |
| N/A | 127.0.0.1:58746 | tcp | |
| N/A | 127.0.0.1:58748 | tcp | |
| N/A | 127.0.0.1:58750 | tcp | |
| N/A | 127.0.0.1:58752 | tcp | |
| N/A | 127.0.0.1:58754 | tcp | |
| N/A | 127.0.0.1:58756 | tcp | |
| N/A | 127.0.0.1:58757 | tcp | |
| N/A | 127.0.0.1:58760 | tcp | |
| N/A | 127.0.0.1:58763 | tcp | |
| N/A | 127.0.0.1:58765 | tcp | |
| N/A | 127.0.0.1:58767 | tcp | |
| N/A | 127.0.0.1:58769 | tcp | |
| N/A | 127.0.0.1:58771 | tcp | |
| N/A | 127.0.0.1:58773 | tcp | |
| N/A | 127.0.0.1:58775 | tcp | |
| N/A | 127.0.0.1:58777 | tcp | |
| N/A | 127.0.0.1:58779 | tcp | |
| N/A | 127.0.0.1:58781 | tcp | |
| N/A | 127.0.0.1:58783 | tcp | |
| N/A | 127.0.0.1:58785 | tcp | |
| N/A | 127.0.0.1:58787 | tcp | |
| N/A | 127.0.0.1:58789 | tcp | |
| N/A | 127.0.0.1:58791 | tcp | |
| N/A | 127.0.0.1:58793 | tcp | |
| N/A | 127.0.0.1:58795 | tcp | |
| N/A | 127.0.0.1:58797 | tcp | |
| N/A | 127.0.0.1:58800 | tcp | |
| N/A | 127.0.0.1:58799 | tcp | |
| N/A | 127.0.0.1:58803 | tcp | |
| N/A | 127.0.0.1:58805 | tcp | |
| N/A | 127.0.0.1:58807 | tcp | |
| N/A | 127.0.0.1:58809 | tcp | |
| N/A | 127.0.0.1:58811 | tcp | |
| N/A | 127.0.0.1:58813 | tcp | |
| N/A | 127.0.0.1:58815 | tcp | |
| N/A | 127.0.0.1:58817 | tcp | |
| N/A | 127.0.0.1:58819 | tcp | |
| N/A | 127.0.0.1:58822 | tcp | |
| N/A | 127.0.0.1:58821 | tcp | |
| N/A | 127.0.0.1:58825 | tcp | |
| N/A | 127.0.0.1:58827 | tcp | |
| N/A | 127.0.0.1:58829 | tcp | |
| N/A | 127.0.0.1:58831 | tcp | |
| N/A | 127.0.0.1:58833 | tcp | |
| N/A | 127.0.0.1:58835 | tcp | |
| N/A | 127.0.0.1:58837 | tcp | |
| N/A | 127.0.0.1:58839 | tcp | |
| N/A | 127.0.0.1:58841 | tcp | |
| N/A | 127.0.0.1:58843 | tcp | |
| N/A | 127.0.0.1:58845 | tcp | |
| N/A | 127.0.0.1:58847 | tcp | |
| N/A | 127.0.0.1:58849 | tcp | |
| N/A | 127.0.0.1:58851 | tcp | |
| N/A | 127.0.0.1:58852 | tcp | |
| N/A | 127.0.0.1:58855 | tcp | |
| N/A | 127.0.0.1:58857 | tcp | |
| N/A | 127.0.0.1:58858 | tcp | |
| N/A | 127.0.0.1:58861 | tcp | |
| N/A | 127.0.0.1:58863 | tcp | |
| N/A | 127.0.0.1:58865 | tcp | |
| N/A | 127.0.0.1:58867 | tcp | |
| N/A | 127.0.0.1:58869 | tcp | |
| N/A | 127.0.0.1:58871 | tcp | |
| N/A | 127.0.0.1:58873 | tcp | |
| N/A | 127.0.0.1:58875 | tcp | |
| N/A | 127.0.0.1:58877 | tcp | |
| N/A | 127.0.0.1:58879 | tcp | |
| N/A | 127.0.0.1:58881 | tcp | |
| N/A | 127.0.0.1:58883 | tcp | |
| N/A | 127.0.0.1:58886 | tcp | |
| N/A | 127.0.0.1:58885 | tcp | |
| N/A | 127.0.0.1:58889 | tcp | |
| N/A | 127.0.0.1:58891 | tcp | |
| N/A | 127.0.0.1:58893 | tcp | |
| N/A | 127.0.0.1:58895 | tcp | |
| N/A | 127.0.0.1:58897 | tcp | |
| N/A | 127.0.0.1:58899 | tcp | |
| N/A | 127.0.0.1:58901 | tcp | |
| N/A | 127.0.0.1:58904 | tcp | |
| N/A | 127.0.0.1:58906 | tcp | |
| N/A | 127.0.0.1:58908 | tcp | |
| N/A | 127.0.0.1:58910 | tcp | |
| N/A | 127.0.0.1:58912 | tcp | |
| N/A | 127.0.0.1:58914 | tcp | |
| N/A | 127.0.0.1:58916 | tcp | |
| N/A | 127.0.0.1:58918 | tcp | |
| N/A | 127.0.0.1:58922 | tcp | |
| N/A | 127.0.0.1:58926 | tcp | |
| N/A | 127.0.0.1:58932 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:58955 | tcp | |
| N/A | 127.0.0.1:58961 | tcp | |
| N/A | 127.0.0.1:58963 | tcp | |
| N/A | 127.0.0.1:58969 | tcp | |
| N/A | 127.0.0.1:58981 | tcp | |
| N/A | 127.0.0.1:58985 | tcp | |
| N/A | 127.0.0.1:59003 | tcp | |
| N/A | 127.0.0.1:59021 | tcp | |
| N/A | 127.0.0.1:59024 | tcp | |
| N/A | 127.0.0.1:59027 | tcp | |
| N/A | 127.0.0.1:59026 | tcp | |
| N/A | 127.0.0.1:59030 | tcp | |
| N/A | 127.0.0.1:59032 | tcp | |
| N/A | 127.0.0.1:59034 | tcp | |
| N/A | 127.0.0.1:59036 | tcp | |
| N/A | 127.0.0.1:59038 | tcp | |
| N/A | 127.0.0.1:59040 | tcp | |
| N/A | 127.0.0.1:59042 | tcp | |
| N/A | 127.0.0.1:59044 | tcp | |
| N/A | 127.0.0.1:59046 | tcp | |
| N/A | 127.0.0.1:59048 | tcp | |
| N/A | 127.0.0.1:59050 | tcp | |
| N/A | 127.0.0.1:59051 | tcp | |
| N/A | 127.0.0.1:59054 | tcp | |
| N/A | 127.0.0.1:59056 | tcp | |
| N/A | 127.0.0.1:59058 | tcp | |
| N/A | 127.0.0.1:59060 | tcp | |
| N/A | 127.0.0.1:59062 | tcp | |
| N/A | 127.0.0.1:59064 | tcp | |
| N/A | 127.0.0.1:59066 | tcp | |
| N/A | 127.0.0.1:59069 | tcp | |
| N/A | 127.0.0.1:59071 | tcp | |
| N/A | 127.0.0.1:59073 | tcp | |
| N/A | 127.0.0.1:59075 | tcp | |
| N/A | 127.0.0.1:59078 | tcp | |
| N/A | 127.0.0.1:59080 | tcp | |
| N/A | 127.0.0.1:59082 | tcp | |
| N/A | 127.0.0.1:59084 | tcp | |
| N/A | 127.0.0.1:59077 | tcp | |
| N/A | 127.0.0.1:59087 | tcp | |
| N/A | 127.0.0.1:59089 | tcp | |
| N/A | 127.0.0.1:59091 | tcp | |
| N/A | 127.0.0.1:59093 | tcp | |
| N/A | 127.0.0.1:59094 | tcp | |
| N/A | 127.0.0.1:59097 | tcp | |
| N/A | 127.0.0.1:59099 | tcp | |
| N/A | 127.0.0.1:59101 | tcp | |
| N/A | 127.0.0.1:59103 | tcp | |
| N/A | 127.0.0.1:59105 | tcp | |
| N/A | 127.0.0.1:59108 | tcp | |
| N/A | 127.0.0.1:59110 | tcp | |
| N/A | 127.0.0.1:59112 | tcp | |
| N/A | 127.0.0.1:59114 | tcp | |
| N/A | 127.0.0.1:59116 | tcp | |
| N/A | 127.0.0.1:59118 | tcp | |
| N/A | 127.0.0.1:59121 | tcp | |
| N/A | 127.0.0.1:59120 | tcp | |
| N/A | 127.0.0.1:59126 | tcp | |
| N/A | 127.0.0.1:59128 | tcp | |
| N/A | 127.0.0.1:59131 | tcp | |
| N/A | 127.0.0.1:59133 | tcp | |
| N/A | 127.0.0.1:59135 | tcp | |
| N/A | 127.0.0.1:59137 | tcp | |
| N/A | 127.0.0.1:59140 | tcp | |
| N/A | 127.0.0.1:59142 | tcp | |
| N/A | 127.0.0.1:59144 | tcp | |
| N/A | 127.0.0.1:59146 | tcp | |
| N/A | 127.0.0.1:59148 | tcp | |
| N/A | 127.0.0.1:59150 | tcp | |
| N/A | 127.0.0.1:59152 | tcp | |
| N/A | 127.0.0.1:59155 | tcp | |
| N/A | 127.0.0.1:59158 | tcp | |
| N/A | 127.0.0.1:59160 | tcp | |
| N/A | 127.0.0.1:59162 | tcp | |
| N/A | 127.0.0.1:59163 | tcp | |
| N/A | 127.0.0.1:59166 | tcp | |
| N/A | 127.0.0.1:59168 | tcp | |
| N/A | 127.0.0.1:59170 | tcp | |
| N/A | 127.0.0.1:59172 | tcp | |
| N/A | 127.0.0.1:59175 | tcp | |
| N/A | 127.0.0.1:59177 | tcp | |
| N/A | 127.0.0.1:59180 | tcp | |
| N/A | 127.0.0.1:59182 | tcp | |
| N/A | 127.0.0.1:59184 | tcp | |
| N/A | 127.0.0.1:59186 | tcp | |
| N/A | 127.0.0.1:59188 | tcp | |
| N/A | 127.0.0.1:59190 | tcp | |
| N/A | 127.0.0.1:59192 | tcp | |
| N/A | 127.0.0.1:59194 | tcp | |
| N/A | 127.0.0.1:59196 | tcp | |
| N/A | 127.0.0.1:59198 | tcp | |
| N/A | 127.0.0.1:59200 | tcp | |
| N/A | 127.0.0.1:59202 | tcp | |
| N/A | 127.0.0.1:59204 | tcp | |
| N/A | 127.0.0.1:59206 | tcp | |
| N/A | 127.0.0.1:59208 | tcp | |
| N/A | 127.0.0.1:59210 | tcp | |
| N/A | 127.0.0.1:59212 | tcp | |
| N/A | 127.0.0.1:59214 | tcp | |
| N/A | 127.0.0.1:59216 | tcp | |
| N/A | 127.0.0.1:59218 | tcp | |
| N/A | 127.0.0.1:59220 | tcp | |
| N/A | 127.0.0.1:59222 | tcp | |
| N/A | 127.0.0.1:59224 | tcp | |
| N/A | 127.0.0.1:59226 | tcp | |
| N/A | 127.0.0.1:59228 | tcp | |
| N/A | 127.0.0.1:59230 | tcp | |
| N/A | 127.0.0.1:59232 | tcp | |
| N/A | 127.0.0.1:59234 | tcp | |
| N/A | 127.0.0.1:59236 | tcp | |
| N/A | 127.0.0.1:59238 | tcp | |
| N/A | 127.0.0.1:59240 | tcp | |
| N/A | 127.0.0.1:59242 | tcp | |
| N/A | 127.0.0.1:59244 | tcp | |
| N/A | 127.0.0.1:59246 | tcp | |
| N/A | 127.0.0.1:59248 | tcp | |
| N/A | 127.0.0.1:59250 | tcp | |
| N/A | 127.0.0.1:59252 | tcp | |
| N/A | 127.0.0.1:59254 | tcp | |
| N/A | 127.0.0.1:59256 | tcp | |
| N/A | 127.0.0.1:59258 | tcp | |
| N/A | 127.0.0.1:59260 | tcp | |
| N/A | 127.0.0.1:59262 | tcp | |
| N/A | 127.0.0.1:59264 | tcp | |
| N/A | 127.0.0.1:59266 | tcp | |
| N/A | 127.0.0.1:59268 | tcp | |
| N/A | 127.0.0.1:59270 | tcp | |
| N/A | 127.0.0.1:59272 | tcp | |
| N/A | 127.0.0.1:59274 | tcp | |
| N/A | 127.0.0.1:59276 | tcp | |
| N/A | 127.0.0.1:59278 | tcp | |
| N/A | 127.0.0.1:59280 | tcp | |
| N/A | 127.0.0.1:59282 | tcp | |
| N/A | 127.0.0.1:59285 | tcp | |
| N/A | 127.0.0.1:59298 | tcp | |
| N/A | 127.0.0.1:59300 | tcp | |
| N/A | 127.0.0.1:59302 | tcp | |
| N/A | 127.0.0.1:59304 | tcp | |
| N/A | 127.0.0.1:59306 | tcp | |
| N/A | 127.0.0.1:59308 | tcp | |
| N/A | 127.0.0.1:59310 | tcp | |
| N/A | 127.0.0.1:59312 | tcp | |
| N/A | 127.0.0.1:59314 | tcp | |
| N/A | 127.0.0.1:59316 | tcp | |
| N/A | 127.0.0.1:59318 | tcp | |
| N/A | 127.0.0.1:59320 | tcp | |
| N/A | 127.0.0.1:59322 | tcp | |
| N/A | 127.0.0.1:59324 | tcp | |
| N/A | 127.0.0.1:59326 | tcp | |
| N/A | 127.0.0.1:59329 | tcp | |
| N/A | 127.0.0.1:59331 | tcp | |
| N/A | 127.0.0.1:59328 | tcp | |
| N/A | 127.0.0.1:59334 | tcp | |
| N/A | 127.0.0.1:59336 | tcp | |
| N/A | 127.0.0.1:59338 | tcp | |
| N/A | 127.0.0.1:59340 | tcp | |
| N/A | 127.0.0.1:59342 | tcp | |
| N/A | 127.0.0.1:59344 | tcp | |
| N/A | 127.0.0.1:59346 | tcp | |
| N/A | 127.0.0.1:59348 | tcp | |
| N/A | 127.0.0.1:59350 | tcp | |
| N/A | 127.0.0.1:59352 | tcp | |
| N/A | 127.0.0.1:59354 | tcp | |
| N/A | 127.0.0.1:59356 | tcp | |
| N/A | 127.0.0.1:59358 | tcp | |
| N/A | 127.0.0.1:59360 | tcp | |
| N/A | 127.0.0.1:59362 | tcp | |
| N/A | 127.0.0.1:59364 | tcp | |
| N/A | 127.0.0.1:59366 | tcp | |
| N/A | 127.0.0.1:59368 | tcp | |
| N/A | 127.0.0.1:59370 | tcp | |
| N/A | 127.0.0.1:59372 | tcp | |
| N/A | 127.0.0.1:59374 | tcp | |
| N/A | 127.0.0.1:59376 | tcp | |
| N/A | 127.0.0.1:59378 | tcp | |
| N/A | 127.0.0.1:59380 | tcp | |
| N/A | 127.0.0.1:59382 | tcp | |
| N/A | 127.0.0.1:59384 | tcp | |
| N/A | 127.0.0.1:59385 | tcp | |
| N/A | 127.0.0.1:59388 | tcp | |
| N/A | 127.0.0.1:59390 | tcp | |
| N/A | 127.0.0.1:59392 | tcp | |
| N/A | 127.0.0.1:59394 | tcp | |
| N/A | 127.0.0.1:59396 | tcp | |
| N/A | 127.0.0.1:59398 | tcp | |
| N/A | 127.0.0.1:59400 | tcp | |
| N/A | 127.0.0.1:59402 | tcp | |
| N/A | 127.0.0.1:59404 | tcp | |
| N/A | 127.0.0.1:59406 | tcp | |
| N/A | 127.0.0.1:59408 | tcp | |
| N/A | 127.0.0.1:59410 | tcp | |
| N/A | 127.0.0.1:59412 | tcp | |
| N/A | 127.0.0.1:59414 | tcp | |
| N/A | 127.0.0.1:59416 | tcp | |
| N/A | 127.0.0.1:59418 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59422 | tcp | |
| N/A | 127.0.0.1:59424 | tcp | |
| N/A | 127.0.0.1:59426 | tcp | |
| N/A | 127.0.0.1:59428 | tcp | |
| N/A | 127.0.0.1:59430 | tcp | |
| N/A | 127.0.0.1:59432 | tcp | |
| N/A | 127.0.0.1:59434 | tcp | |
| N/A | 127.0.0.1:59436 | tcp | |
| N/A | 127.0.0.1:59438 | tcp | |
| N/A | 127.0.0.1:59440 | tcp | |
| N/A | 127.0.0.1:59442 | tcp | |
| N/A | 127.0.0.1:59444 | tcp | |
| N/A | 127.0.0.1:59446 | tcp | |
| N/A | 127.0.0.1:59448 | tcp | |
| N/A | 127.0.0.1:59450 | tcp | |
| N/A | 127.0.0.1:59452 | tcp | |
| N/A | 127.0.0.1:59454 | tcp | |
| N/A | 127.0.0.1:59456 | tcp | |
| N/A | 127.0.0.1:59458 | tcp | |
| N/A | 127.0.0.1:59460 | tcp | |
| N/A | 127.0.0.1:59462 | tcp | |
| N/A | 127.0.0.1:59464 | tcp | |
| N/A | 127.0.0.1:59466 | tcp | |
| N/A | 127.0.0.1:59468 | tcp | |
| N/A | 127.0.0.1:59470 | tcp | |
| N/A | 127.0.0.1:59472 | tcp | |
| N/A | 127.0.0.1:59474 | tcp | |
| N/A | 127.0.0.1:59476 | tcp | |
| N/A | 127.0.0.1:59478 | tcp | |
| N/A | 127.0.0.1:59480 | tcp | |
| N/A | 127.0.0.1:59482 | tcp | |
| N/A | 127.0.0.1:59484 | tcp | |
| N/A | 127.0.0.1:59486 | tcp | |
| N/A | 127.0.0.1:59488 | tcp | |
| N/A | 127.0.0.1:59490 | tcp | |
| N/A | 127.0.0.1:59492 | tcp | |
| N/A | 127.0.0.1:59494 | tcp | |
| N/A | 127.0.0.1:59496 | tcp | |
| N/A | 127.0.0.1:59498 | tcp | |
| N/A | 127.0.0.1:59500 | tcp | |
| N/A | 127.0.0.1:59502 | tcp | |
| N/A | 127.0.0.1:59504 | tcp | |
| N/A | 127.0.0.1:59506 | tcp | |
| N/A | 127.0.0.1:59508 | tcp | |
| N/A | 127.0.0.1:59510 | tcp | |
| N/A | 127.0.0.1:59512 | tcp | |
| N/A | 127.0.0.1:59514 | tcp | |
| N/A | 127.0.0.1:59516 | tcp | |
| N/A | 127.0.0.1:59518 | tcp | |
| N/A | 127.0.0.1:59520 | tcp | |
| N/A | 127.0.0.1:59522 | tcp | |
| N/A | 127.0.0.1:59524 | tcp | |
| N/A | 127.0.0.1:59526 | tcp | |
| N/A | 127.0.0.1:59528 | tcp | |
| N/A | 127.0.0.1:59530 | tcp | |
| N/A | 127.0.0.1:59532 | tcp | |
| N/A | 127.0.0.1:59534 | tcp | |
| N/A | 127.0.0.1:59536 | tcp | |
| N/A | 127.0.0.1:59538 | tcp | |
| N/A | 127.0.0.1:59540 | tcp | |
| N/A | 127.0.0.1:59542 | tcp | |
| N/A | 127.0.0.1:59544 | tcp | |
| N/A | 127.0.0.1:59546 | tcp | |
| N/A | 127.0.0.1:59548 | tcp | |
| N/A | 127.0.0.1:59550 | tcp | |
| N/A | 127.0.0.1:59552 | tcp | |
| N/A | 127.0.0.1:59554 | tcp | |
| N/A | 127.0.0.1:59555 | tcp | |
| N/A | 127.0.0.1:59558 | tcp | |
| N/A | 127.0.0.1:59560 | tcp | |
| N/A | 127.0.0.1:59562 | tcp | |
| N/A | 127.0.0.1:59564 | tcp | |
| N/A | 127.0.0.1:59566 | tcp | |
| N/A | 127.0.0.1:59568 | tcp | |
| N/A | 127.0.0.1:59570 | tcp | |
| N/A | 127.0.0.1:59572 | tcp | |
| N/A | 127.0.0.1:59574 | tcp | |
| N/A | 127.0.0.1:59576 | tcp | |
| N/A | 127.0.0.1:59578 | tcp | |
| N/A | 127.0.0.1:59580 | tcp | |
| N/A | 127.0.0.1:59582 | tcp | |
| N/A | 127.0.0.1:59584 | tcp | |
| N/A | 127.0.0.1:59586 | tcp | |
| N/A | 127.0.0.1:59588 | tcp | |
| N/A | 127.0.0.1:59590 | tcp | |
| N/A | 127.0.0.1:59592 | tcp | |
| N/A | 127.0.0.1:59594 | tcp | |
| N/A | 127.0.0.1:59596 | tcp | |
| N/A | 127.0.0.1:59598 | tcp | |
| N/A | 127.0.0.1:59600 | tcp | |
| N/A | 127.0.0.1:59602 | tcp | |
| N/A | 127.0.0.1:59605 | tcp | |
| N/A | 127.0.0.1:59607 | tcp | |
| N/A | 127.0.0.1:59609 | tcp | |
| N/A | 127.0.0.1:59604 | tcp | |
| N/A | 127.0.0.1:59612 | tcp | |
| N/A | 127.0.0.1:59614 | tcp | |
| N/A | 127.0.0.1:59616 | tcp | |
| N/A | 127.0.0.1:59618 | tcp | |
| N/A | 127.0.0.1:59620 | tcp | |
| N/A | 127.0.0.1:59622 | tcp | |
| N/A | 127.0.0.1:59624 | tcp | |
| N/A | 127.0.0.1:59626 | tcp | |
| N/A | 127.0.0.1:59628 | tcp | |
| N/A | 127.0.0.1:59630 | tcp | |
| N/A | 127.0.0.1:59632 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:59636 | tcp | |
| N/A | 127.0.0.1:59638 | tcp | |
| N/A | 127.0.0.1:59640 | tcp | |
| N/A | 127.0.0.1:59642 | tcp | |
| N/A | 127.0.0.1:59644 | tcp | |
| N/A | 127.0.0.1:59646 | tcp | |
| N/A | 127.0.0.1:59647 | tcp | |
| N/A | 127.0.0.1:59650 | tcp | |
| N/A | 127.0.0.1:59652 | tcp | |
| N/A | 127.0.0.1:59654 | tcp | |
| N/A | 127.0.0.1:59656 | tcp | |
| N/A | 127.0.0.1:59657 | tcp | |
| N/A | 127.0.0.1:59660 | tcp | |
| N/A | 127.0.0.1:59662 | tcp | |
| N/A | 127.0.0.1:59664 | tcp | |
| N/A | 127.0.0.1:59666 | tcp | |
| N/A | 127.0.0.1:59668 | tcp | |
| N/A | 127.0.0.1:59670 | tcp | |
| N/A | 127.0.0.1:59672 | tcp | |
| N/A | 127.0.0.1:59674 | tcp | |
| N/A | 127.0.0.1:59677 | tcp | |
| N/A | 127.0.0.1:59679 | tcp | |
| N/A | 127.0.0.1:59676 | tcp | |
| N/A | 127.0.0.1:59682 | tcp | |
| N/A | 127.0.0.1:59684 | tcp | |
| N/A | 127.0.0.1:59686 | tcp | |
| N/A | 127.0.0.1:59688 | tcp | |
| N/A | 127.0.0.1:59690 | tcp | |
| N/A | 127.0.0.1:59692 | tcp | |
| N/A | 127.0.0.1:59694 | tcp | |
| N/A | 127.0.0.1:59696 | tcp | |
| N/A | 127.0.0.1:59698 | tcp | |
| N/A | 127.0.0.1:59700 | tcp | |
| N/A | 127.0.0.1:59702 | tcp | |
| N/A | 127.0.0.1:59704 | tcp | |
| N/A | 127.0.0.1:59706 | tcp | |
| N/A | 127.0.0.1:59708 | tcp | |
| N/A | 127.0.0.1:59710 | tcp | |
| N/A | 127.0.0.1:59712 | tcp | |
| N/A | 127.0.0.1:59714 | tcp | |
| N/A | 127.0.0.1:59716 | tcp | |
| N/A | 127.0.0.1:59718 | tcp | |
| N/A | 127.0.0.1:59720 | tcp | |
| N/A | 127.0.0.1:59722 | tcp | |
| N/A | 127.0.0.1:59724 | tcp | |
| N/A | 127.0.0.1:59726 | tcp | |
| N/A | 127.0.0.1:59728 | tcp | |
| N/A | 127.0.0.1:59730 | tcp | |
| N/A | 127.0.0.1:59732 | tcp | |
| N/A | 127.0.0.1:59734 | tcp | |
| N/A | 127.0.0.1:59736 | tcp | |
| N/A | 127.0.0.1:59738 | tcp | |
| N/A | 127.0.0.1:59740 | tcp | |
| N/A | 127.0.0.1:59742 | tcp | |
| N/A | 127.0.0.1:59744 | tcp | |
| N/A | 127.0.0.1:59746 | tcp | |
| N/A | 127.0.0.1:59748 | tcp | |
| N/A | 127.0.0.1:59750 | tcp | |
| N/A | 127.0.0.1:59752 | tcp | |
| N/A | 127.0.0.1:59754 | tcp | |
| N/A | 127.0.0.1:59756 | tcp | |
| N/A | 127.0.0.1:59758 | tcp | |
| N/A | 127.0.0.1:59760 | tcp | |
| N/A | 127.0.0.1:59762 | tcp | |
| N/A | 127.0.0.1:59764 | tcp | |
| N/A | 127.0.0.1:59766 | tcp | |
| N/A | 127.0.0.1:59768 | tcp | |
| N/A | 127.0.0.1:59770 | tcp | |
| N/A | 127.0.0.1:59772 | tcp | |
| N/A | 127.0.0.1:59774 | tcp | |
| N/A | 127.0.0.1:59776 | tcp | |
| N/A | 127.0.0.1:59778 | tcp | |
| N/A | 127.0.0.1:59780 | tcp | |
| N/A | 127.0.0.1:59782 | tcp | |
| N/A | 127.0.0.1:59784 | tcp | |
| N/A | 127.0.0.1:59786 | tcp | |
| N/A | 127.0.0.1:59788 | tcp | |
| N/A | 127.0.0.1:59790 | tcp | |
| N/A | 127.0.0.1:59792 | tcp | |
| N/A | 127.0.0.1:59794 | tcp | |
| N/A | 127.0.0.1:59796 | tcp | |
| N/A | 127.0.0.1:59798 | tcp | |
| N/A | 127.0.0.1:59800 | tcp | |
| N/A | 127.0.0.1:59802 | tcp | |
| N/A | 127.0.0.1:59804 | tcp | |
| N/A | 127.0.0.1:59806 | tcp | |
| N/A | 127.0.0.1:59808 | tcp | |
| N/A | 127.0.0.1:59810 | tcp | |
| N/A | 127.0.0.1:59812 | tcp | |
| N/A | 127.0.0.1:59814 | tcp | |
| N/A | 127.0.0.1:59816 | tcp | |
| N/A | 127.0.0.1:59818 | tcp | |
| N/A | 127.0.0.1:59820 | tcp | |
| N/A | 127.0.0.1:59822 | tcp | |
| N/A | 127.0.0.1:59824 | tcp | |
| N/A | 127.0.0.1:59826 | tcp | |
| N/A | 127.0.0.1:59828 | tcp | |
| N/A | 127.0.0.1:59830 | tcp | |
| N/A | 127.0.0.1:59832 | tcp | |
| N/A | 127.0.0.1:59834 | tcp | |
| N/A | 127.0.0.1:59836 | tcp | |
| N/A | 127.0.0.1:59838 | tcp | |
| N/A | 127.0.0.1:59840 | tcp | |
| N/A | 127.0.0.1:59842 | tcp | |
| N/A | 127.0.0.1:59844 | tcp | |
| N/A | 127.0.0.1:59846 | tcp | |
| N/A | 127.0.0.1:59848 | tcp | |
| N/A | 127.0.0.1:59850 | tcp | |
| N/A | 127.0.0.1:59852 | tcp | |
| N/A | 127.0.0.1:59854 | tcp | |
| N/A | 127.0.0.1:59856 | tcp | |
| N/A | 127.0.0.1:59858 | tcp | |
| N/A | 127.0.0.1:59860 | tcp | |
| N/A | 127.0.0.1:59862 | tcp | |
| N/A | 127.0.0.1:59864 | tcp | |
| N/A | 127.0.0.1:59866 | tcp | |
| N/A | 127.0.0.1:59868 | tcp | |
| N/A | 127.0.0.1:59870 | tcp | |
| N/A | 127.0.0.1:59872 | tcp | |
| N/A | 127.0.0.1:59874 | tcp | |
| N/A | 127.0.0.1:59876 | tcp | |
| N/A | 127.0.0.1:59878 | tcp | |
| N/A | 127.0.0.1:59880 | tcp | |
| N/A | 127.0.0.1:59882 | tcp | |
| N/A | 127.0.0.1:59884 | tcp | |
| N/A | 127.0.0.1:59886 | tcp | |
| N/A | 127.0.0.1:59888 | tcp | |
| N/A | 127.0.0.1:59890 | tcp | |
| N/A | 127.0.0.1:59892 | tcp | |
| N/A | 127.0.0.1:59894 | tcp | |
| N/A | 127.0.0.1:59896 | tcp | |
| N/A | 127.0.0.1:59898 | tcp | |
| N/A | 127.0.0.1:59900 | tcp | |
| N/A | 127.0.0.1:59902 | tcp | |
| N/A | 127.0.0.1:59904 | tcp | |
| N/A | 127.0.0.1:59906 | tcp | |
| N/A | 127.0.0.1:59908 | tcp | |
| N/A | 127.0.0.1:59910 | tcp | |
| N/A | 127.0.0.1:59912 | tcp | |
| N/A | 127.0.0.1:59914 | tcp | |
| N/A | 127.0.0.1:59916 | tcp | |
| N/A | 127.0.0.1:59918 | tcp | |
| N/A | 127.0.0.1:59920 | tcp | |
| N/A | 127.0.0.1:59922 | tcp | |
| N/A | 127.0.0.1:59924 | tcp | |
| N/A | 127.0.0.1:59926 | tcp | |
| N/A | 127.0.0.1:59928 | tcp | |
| N/A | 127.0.0.1:59930 | tcp | |
| N/A | 127.0.0.1:59932 | tcp | |
| N/A | 127.0.0.1:59934 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:59937 | tcp | |
| N/A | 127.0.0.1:59939 | tcp | |
| N/A | 127.0.0.1:59941 | tcp | |
| N/A | 127.0.0.1:59943 | tcp | |
| N/A | 127.0.0.1:59944 | tcp | |
| N/A | 127.0.0.1:59947 | tcp | |
| N/A | 127.0.0.1:59949 | tcp | |
| N/A | 127.0.0.1:59951 | tcp | |
| N/A | 127.0.0.1:59953 | tcp | |
| N/A | 127.0.0.1:59955 | tcp | |
| N/A | 127.0.0.1:59957 | tcp | |
| N/A | 127.0.0.1:59959 | tcp | |
| N/A | 127.0.0.1:59961 | tcp | |
| N/A | 127.0.0.1:59963 | tcp | |
| N/A | 127.0.0.1:59965 | tcp | |
| N/A | 127.0.0.1:59967 | tcp | |
| N/A | 127.0.0.1:59969 | tcp | |
| N/A | 127.0.0.1:59971 | tcp | |
| N/A | 127.0.0.1:59973 | tcp | |
| N/A | 127.0.0.1:59977 | tcp | |
| N/A | 127.0.0.1:59979 | tcp | |
| N/A | 127.0.0.1:59981 | tcp | |
| N/A | 127.0.0.1:59983 | tcp | |
| N/A | 127.0.0.1:59975 | tcp | |
| N/A | 127.0.0.1:59985 | tcp | |
| N/A | 127.0.0.1:59987 | tcp | |
| N/A | 127.0.0.1:59989 | tcp | |
| N/A | 127.0.0.1:59991 | tcp | |
| N/A | 127.0.0.1:59993 | tcp | |
| N/A | 127.0.0.1:59995 | tcp | |
| N/A | 127.0.0.1:59997 | tcp | |
| N/A | 127.0.0.1:59999 | tcp | |
| N/A | 127.0.0.1:60001 | tcp | |
| N/A | 127.0.0.1:60004 | tcp | |
| N/A | 127.0.0.1:60006 | tcp | |
| N/A | 127.0.0.1:60003 | tcp | |
| N/A | 127.0.0.1:60009 | tcp | |
| N/A | 127.0.0.1:60011 | tcp | |
| N/A | 127.0.0.1:60013 | tcp | |
| N/A | 127.0.0.1:60015 | tcp | |
| N/A | 127.0.0.1:60017 | tcp | |
| N/A | 127.0.0.1:60019 | tcp | |
| N/A | 127.0.0.1:60021 | tcp | |
| N/A | 127.0.0.1:60023 | tcp | |
| N/A | 127.0.0.1:60025 | tcp | |
| N/A | 127.0.0.1:60027 | tcp | |
| N/A | 127.0.0.1:60029 | tcp | |
| N/A | 127.0.0.1:60031 | tcp | |
| N/A | 127.0.0.1:60033 | tcp | |
| N/A | 127.0.0.1:60035 | tcp | |
| N/A | 127.0.0.1:60037 | tcp | |
| N/A | 127.0.0.1:60038 | tcp | |
| N/A | 127.0.0.1:60041 | tcp | |
| N/A | 127.0.0.1:60043 | tcp | |
| N/A | 127.0.0.1:60045 | tcp | |
| N/A | 127.0.0.1:60047 | tcp | |
| N/A | 127.0.0.1:60049 | tcp | |
| N/A | 127.0.0.1:60051 | tcp | |
| N/A | 127.0.0.1:60053 | tcp | |
| N/A | 127.0.0.1:60055 | tcp | |
| N/A | 127.0.0.1:60057 | tcp | |
| N/A | 127.0.0.1:60059 | tcp | |
| N/A | 127.0.0.1:60061 | tcp | |
| N/A | 127.0.0.1:60063 | tcp | |
| N/A | 127.0.0.1:60065 | tcp | |
| N/A | 127.0.0.1:60067 | tcp | |
| N/A | 127.0.0.1:60069 | tcp | |
| N/A | 127.0.0.1:60071 | tcp | |
| N/A | 127.0.0.1:60073 | tcp | |
| N/A | 127.0.0.1:60075 | tcp | |
| N/A | 127.0.0.1:60077 | tcp | |
| N/A | 127.0.0.1:60079 | tcp | |
| N/A | 127.0.0.1:60081 | tcp | |
| N/A | 127.0.0.1:60083 | tcp | |
| N/A | 127.0.0.1:60085 | tcp | |
| N/A | 127.0.0.1:60087 | tcp | |
| N/A | 127.0.0.1:60089 | tcp | |
| N/A | 127.0.0.1:60091 | tcp | |
| N/A | 127.0.0.1:60093 | tcp | |
| N/A | 127.0.0.1:60095 | tcp | |
| N/A | 127.0.0.1:60097 | tcp | |
| N/A | 127.0.0.1:60099 | tcp | |
| N/A | 127.0.0.1:60101 | tcp | |
| N/A | 127.0.0.1:60103 | tcp | |
| N/A | 127.0.0.1:60105 | tcp | |
| N/A | 127.0.0.1:60107 | tcp | |
| N/A | 127.0.0.1:60109 | tcp | |
| N/A | 127.0.0.1:60111 | tcp | |
| US | 8.8.8.8:53 | walkinglate.com | udp |
| US | 104.21.23.184:443 | walkinglate.com | tcp |
| US | 8.8.8.8:53 | 233.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.23.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.216.82.185.in-addr.arpa | udp |
| N/A | 127.0.0.1:60113 | tcp | |
| N/A | 127.0.0.1:60115 | tcp | |
| N/A | 127.0.0.1:60117 | tcp | |
| N/A | 127.0.0.1:60119 | tcp | |
| N/A | 127.0.0.1:60121 | tcp | |
| N/A | 127.0.0.1:60123 | tcp | |
| N/A | 127.0.0.1:60125 | tcp | |
| N/A | 127.0.0.1:60127 | tcp | |
| N/A | 127.0.0.1:60129 | tcp | |
| N/A | 127.0.0.1:60131 | tcp | |
| N/A | 127.0.0.1:60133 | tcp | |
| N/A | 127.0.0.1:60135 | tcp | |
| N/A | 127.0.0.1:60137 | tcp | |
| N/A | 127.0.0.1:60139 | tcp | |
| N/A | 127.0.0.1:60141 | tcp | |
| N/A | 127.0.0.1:60143 | tcp | |
| N/A | 127.0.0.1:60145 | tcp | |
| N/A | 127.0.0.1:60147 | tcp | |
| N/A | 127.0.0.1:60149 | tcp | |
| N/A | 127.0.0.1:60151 | tcp | |
| N/A | 127.0.0.1:60153 | tcp | |
| N/A | 127.0.0.1:60155 | tcp | |
| N/A | 127.0.0.1:60157 | tcp | |
| N/A | 127.0.0.1:60159 | tcp | |
| N/A | 127.0.0.1:60161 | tcp | |
| N/A | 127.0.0.1:60163 | tcp | |
| N/A | 127.0.0.1:60165 | tcp | |
| N/A | 127.0.0.1:60167 | tcp | |
| N/A | 127.0.0.1:60169 | tcp | |
| N/A | 127.0.0.1:60171 | tcp | |
| N/A | 127.0.0.1:60173 | tcp | |
| N/A | 127.0.0.1:60175 | tcp | |
| N/A | 127.0.0.1:60177 | tcp | |
| N/A | 127.0.0.1:60179 | tcp | |
| N/A | 127.0.0.1:60181 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:60184 | tcp | |
| N/A | 127.0.0.1:60186 | tcp | |
| N/A | 127.0.0.1:60188 | tcp | |
| N/A | 127.0.0.1:60190 | tcp | |
| N/A | 127.0.0.1:60192 | tcp | |
| N/A | 127.0.0.1:60194 | tcp | |
| N/A | 127.0.0.1:60196 | tcp | |
| N/A | 127.0.0.1:60198 | tcp | |
| N/A | 127.0.0.1:60200 | tcp | |
| N/A | 127.0.0.1:60202 | tcp | |
| N/A | 127.0.0.1:60204 | tcp | |
| N/A | 127.0.0.1:60206 | tcp | |
| N/A | 127.0.0.1:60208 | tcp | |
| N/A | 127.0.0.1:60210 | tcp | |
| N/A | 127.0.0.1:60212 | tcp | |
| N/A | 127.0.0.1:60214 | tcp | |
| N/A | 127.0.0.1:60216 | tcp | |
| N/A | 127.0.0.1:60218 | tcp | |
| N/A | 127.0.0.1:60220 | tcp | |
| N/A | 127.0.0.1:60222 | tcp | |
| N/A | 127.0.0.1:60224 | tcp | |
| N/A | 127.0.0.1:60226 | tcp | |
| N/A | 127.0.0.1:60228 | tcp | |
| N/A | 127.0.0.1:60230 | tcp | |
| N/A | 127.0.0.1:60232 | tcp | |
| N/A | 127.0.0.1:60234 | tcp | |
| N/A | 127.0.0.1:60236 | tcp | |
| N/A | 127.0.0.1:60238 | tcp | |
| N/A | 127.0.0.1:60240 | tcp | |
| N/A | 127.0.0.1:60242 | tcp | |
| N/A | 127.0.0.1:60244 | tcp | |
| N/A | 127.0.0.1:60246 | tcp | |
| N/A | 127.0.0.1:60250 | tcp | |
| N/A | 127.0.0.1:60252 | tcp | |
| N/A | 127.0.0.1:60254 | tcp | |
| N/A | 127.0.0.1:60248 | tcp | |
| N/A | 127.0.0.1:60256 | tcp | |
| N/A | 127.0.0.1:60257 | tcp | |
| N/A | 127.0.0.1:60260 | tcp | |
| N/A | 127.0.0.1:60262 | tcp | |
| N/A | 127.0.0.1:60264 | tcp | |
| N/A | 127.0.0.1:60266 | tcp | |
| N/A | 127.0.0.1:60268 | tcp | |
| N/A | 127.0.0.1:60269 | tcp | |
| N/A | 127.0.0.1:60272 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:60274 | tcp | |
| N/A | 127.0.0.1:60277 | tcp | |
| N/A | 127.0.0.1:60279 | tcp | |
| N/A | 127.0.0.1:60281 | tcp | |
| N/A | 127.0.0.1:60283 | tcp | |
| N/A | 127.0.0.1:60285 | tcp | |
| N/A | 127.0.0.1:60287 | tcp | |
| N/A | 127.0.0.1:60289 | tcp | |
| N/A | 127.0.0.1:60291 | tcp | |
| N/A | 127.0.0.1:60293 | tcp | |
| N/A | 127.0.0.1:60295 | tcp | |
| N/A | 127.0.0.1:60297 | tcp | |
| N/A | 127.0.0.1:60299 | tcp | |
| N/A | 127.0.0.1:60301 | tcp | |
| N/A | 127.0.0.1:60303 | tcp | |
| N/A | 127.0.0.1:60305 | tcp | |
| N/A | 127.0.0.1:60307 | tcp | |
| N/A | 127.0.0.1:60309 | tcp | |
| N/A | 127.0.0.1:60311 | tcp | |
| N/A | 127.0.0.1:60313 | tcp | |
| N/A | 127.0.0.1:60315 | tcp | |
| N/A | 127.0.0.1:60317 | tcp | |
| N/A | 127.0.0.1:60319 | tcp | |
| N/A | 127.0.0.1:60321 | tcp | |
| N/A | 127.0.0.1:60323 | tcp | |
| N/A | 127.0.0.1:60325 | tcp | |
| N/A | 127.0.0.1:60327 | tcp | |
| N/A | 127.0.0.1:60329 | tcp | |
| N/A | 127.0.0.1:60331 | tcp | |
| N/A | 127.0.0.1:60333 | tcp | |
| N/A | 127.0.0.1:60335 | tcp | |
| N/A | 127.0.0.1:60337 | tcp | |
| N/A | 127.0.0.1:60339 | tcp | |
| N/A | 127.0.0.1:60341 | tcp | |
| N/A | 127.0.0.1:60343 | tcp | |
| N/A | 127.0.0.1:60345 | tcp | |
| N/A | 127.0.0.1:60347 | tcp | |
| N/A | 127.0.0.1:60349 | tcp | |
| N/A | 127.0.0.1:60351 | tcp | |
| N/A | 127.0.0.1:60353 | tcp | |
| N/A | 127.0.0.1:60355 | tcp | |
| N/A | 127.0.0.1:60357 | tcp | |
| N/A | 127.0.0.1:60359 | tcp | |
| N/A | 127.0.0.1:60361 | tcp | |
| N/A | 127.0.0.1:60363 | tcp | |
| N/A | 127.0.0.1:60365 | tcp | |
| N/A | 127.0.0.1:60367 | tcp | |
| N/A | 127.0.0.1:60369 | tcp | |
| N/A | 127.0.0.1:60371 | tcp | |
| N/A | 127.0.0.1:60373 | tcp | |
| N/A | 127.0.0.1:60375 | tcp | |
| N/A | 127.0.0.1:60377 | tcp | |
| N/A | 127.0.0.1:60379 | tcp | |
| N/A | 127.0.0.1:60381 | tcp | |
| N/A | 127.0.0.1:60383 | tcp | |
| N/A | 127.0.0.1:60385 | tcp | |
| N/A | 127.0.0.1:60387 | tcp | |
| N/A | 127.0.0.1:60389 | tcp | |
| N/A | 127.0.0.1:60391 | tcp | |
| N/A | 127.0.0.1:60393 | tcp | |
| N/A | 127.0.0.1:60395 | tcp | |
| N/A | 127.0.0.1:60397 | tcp | |
| N/A | 127.0.0.1:60400 | tcp | |
| N/A | 127.0.0.1:60399 | tcp | |
| N/A | 127.0.0.1:60403 | tcp | |
| N/A | 127.0.0.1:60405 | tcp | |
| N/A | 127.0.0.1:60407 | tcp | |
| N/A | 127.0.0.1:60409 | tcp | |
| N/A | 127.0.0.1:60411 | tcp | |
| N/A | 127.0.0.1:60413 | tcp | |
| N/A | 127.0.0.1:60415 | tcp | |
| N/A | 127.0.0.1:60417 | tcp | |
| N/A | 127.0.0.1:60419 | tcp | |
| N/A | 127.0.0.1:60421 | tcp | |
| N/A | 127.0.0.1:60423 | tcp | |
| N/A | 127.0.0.1:60425 | tcp | |
| N/A | 127.0.0.1:60427 | tcp | |
| N/A | 127.0.0.1:60429 | tcp | |
| N/A | 127.0.0.1:60431 | tcp | |
| N/A | 127.0.0.1:60433 | tcp | |
| N/A | 127.0.0.1:60435 | tcp | |
| N/A | 127.0.0.1:60437 | tcp | |
| N/A | 127.0.0.1:60439 | tcp | |
| N/A | 127.0.0.1:60440 | tcp | |
| N/A | 127.0.0.1:60443 | tcp | |
| N/A | 127.0.0.1:60445 | tcp | |
| N/A | 127.0.0.1:60447 | tcp | |
| N/A | 127.0.0.1:60449 | tcp | |
| N/A | 127.0.0.1:60451 | tcp | |
| N/A | 127.0.0.1:60453 | tcp | |
| N/A | 127.0.0.1:60455 | tcp | |
| N/A | 127.0.0.1:60457 | tcp | |
| N/A | 127.0.0.1:60459 | tcp | |
| N/A | 127.0.0.1:60461 | tcp | |
| N/A | 127.0.0.1:60463 | tcp | |
| N/A | 127.0.0.1:60465 | tcp | |
| N/A | 127.0.0.1:60467 | tcp | |
| N/A | 127.0.0.1:60470 | tcp | |
| N/A | 127.0.0.1:60472 | tcp | |
| N/A | 127.0.0.1:60474 | tcp | |
| N/A | 127.0.0.1:60476 | tcp | |
| N/A | 127.0.0.1:60478 | tcp | |
| N/A | 127.0.0.1:60480 | tcp | |
| N/A | 127.0.0.1:60482 | tcp | |
| N/A | 127.0.0.1:60484 | tcp | |
| N/A | 127.0.0.1:60486 | tcp | |
| N/A | 127.0.0.1:60488 | tcp | |
| N/A | 127.0.0.1:60490 | tcp | |
| N/A | 127.0.0.1:60492 | tcp | |
| N/A | 127.0.0.1:60494 | tcp | |
| N/A | 127.0.0.1:60496 | tcp | |
| N/A | 127.0.0.1:60498 | tcp | |
| N/A | 127.0.0.1:60500 | tcp | |
| N/A | 127.0.0.1:60502 | tcp | |
| N/A | 127.0.0.1:60504 | tcp | |
| N/A | 127.0.0.1:60506 | tcp | |
| N/A | 127.0.0.1:60508 | tcp | |
| N/A | 127.0.0.1:60510 | tcp | |
| N/A | 127.0.0.1:60512 | tcp | |
| N/A | 127.0.0.1:60514 | tcp | |
| N/A | 127.0.0.1:60516 | tcp | |
| N/A | 127.0.0.1:60518 | tcp | |
| N/A | 127.0.0.1:60520 | tcp | |
| N/A | 127.0.0.1:60522 | tcp | |
| N/A | 127.0.0.1:60524 | tcp | |
| N/A | 127.0.0.1:60526 | tcp | |
| N/A | 127.0.0.1:60528 | tcp | |
| N/A | 127.0.0.1:60530 | tcp | |
| N/A | 127.0.0.1:60532 | tcp | |
| N/A | 127.0.0.1:60534 | tcp | |
| N/A | 127.0.0.1:60536 | tcp | |
| N/A | 127.0.0.1:60538 | tcp | |
| N/A | 127.0.0.1:60540 | tcp | |
| N/A | 127.0.0.1:60542 | tcp | |
| N/A | 127.0.0.1:60544 | tcp | |
| N/A | 127.0.0.1:60546 | tcp | |
| N/A | 127.0.0.1:60548 | tcp | |
| N/A | 127.0.0.1:60550 | tcp | |
| N/A | 127.0.0.1:60469 | tcp | |
| N/A | 127.0.0.1:60553 | tcp | |
| N/A | 127.0.0.1:60555 | tcp | |
| N/A | 127.0.0.1:60557 | tcp | |
| N/A | 127.0.0.1:60559 | tcp | |
| N/A | 127.0.0.1:60561 | tcp | |
| N/A | 127.0.0.1:60563 | tcp | |
| N/A | 127.0.0.1:60565 | tcp | |
| N/A | 127.0.0.1:60567 | tcp | |
| N/A | 127.0.0.1:60569 | tcp | |
| N/A | 127.0.0.1:60571 | tcp | |
| N/A | 127.0.0.1:60573 | tcp | |
| N/A | 127.0.0.1:60575 | tcp | |
| N/A | 127.0.0.1:60577 | tcp | |
| N/A | 127.0.0.1:60579 | tcp | |
| N/A | 127.0.0.1:60581 | tcp | |
| N/A | 127.0.0.1:60583 | tcp | |
| N/A | 127.0.0.1:60585 | tcp | |
| N/A | 127.0.0.1:60587 | tcp | |
| N/A | 127.0.0.1:60589 | tcp | |
| N/A | 127.0.0.1:60591 | tcp | |
| N/A | 127.0.0.1:60593 | tcp | |
| N/A | 127.0.0.1:60595 | tcp | |
| N/A | 127.0.0.1:60597 | tcp | |
| N/A | 127.0.0.1:60599 | tcp | |
| N/A | 127.0.0.1:60601 | tcp | |
| N/A | 127.0.0.1:60603 | tcp | |
| N/A | 127.0.0.1:60605 | tcp | |
| N/A | 127.0.0.1:60607 | tcp | |
| N/A | 127.0.0.1:60609 | tcp | |
| N/A | 127.0.0.1:60611 | tcp | |
| N/A | 127.0.0.1:60613 | tcp | |
| N/A | 127.0.0.1:60615 | tcp | |
| N/A | 127.0.0.1:60617 | tcp | |
| N/A | 127.0.0.1:60619 | tcp | |
| N/A | 127.0.0.1:60621 | tcp | |
| N/A | 127.0.0.1:60623 | tcp | |
| N/A | 127.0.0.1:60625 | tcp | |
| N/A | 127.0.0.1:60627 | tcp | |
| N/A | 127.0.0.1:60629 | tcp | |
| N/A | 127.0.0.1:60631 | tcp | |
| N/A | 127.0.0.1:60633 | tcp | |
| N/A | 127.0.0.1:60635 | tcp | |
| N/A | 127.0.0.1:60637 | tcp | |
| N/A | 127.0.0.1:60639 | tcp | |
| N/A | 127.0.0.1:60641 | tcp | |
| N/A | 127.0.0.1:60643 | tcp | |
| N/A | 127.0.0.1:60645 | tcp | |
| N/A | 127.0.0.1:60647 | tcp | |
| N/A | 127.0.0.1:60649 | tcp | |
| N/A | 127.0.0.1:60651 | tcp | |
| N/A | 127.0.0.1:60653 | tcp | |
| N/A | 127.0.0.1:60655 | tcp | |
| N/A | 127.0.0.1:60657 | tcp | |
| N/A | 127.0.0.1:60659 | tcp | |
| N/A | 127.0.0.1:60661 | tcp | |
| N/A | 127.0.0.1:60663 | tcp | |
| N/A | 127.0.0.1:60665 | tcp | |
| N/A | 127.0.0.1:60667 | tcp | |
| N/A | 127.0.0.1:60669 | tcp | |
| N/A | 127.0.0.1:60671 | tcp | |
| N/A | 127.0.0.1:60673 | tcp | |
| N/A | 127.0.0.1:60675 | tcp | |
| N/A | 127.0.0.1:60677 | tcp | |
| N/A | 127.0.0.1:60679 | tcp | |
| N/A | 127.0.0.1:60681 | tcp | |
| N/A | 127.0.0.1:60683 | tcp | |
| N/A | 127.0.0.1:60685 | tcp | |
| N/A | 127.0.0.1:60687 | tcp | |
| N/A | 127.0.0.1:60689 | tcp | |
| N/A | 127.0.0.1:60691 | tcp | |
| N/A | 127.0.0.1:60693 | tcp | |
| N/A | 127.0.0.1:60695 | tcp | |
| N/A | 127.0.0.1:60697 | tcp | |
| N/A | 127.0.0.1:60699 | tcp | |
| N/A | 127.0.0.1:60701 | tcp | |
| N/A | 127.0.0.1:60703 | tcp | |
| N/A | 127.0.0.1:60705 | tcp | |
| N/A | 127.0.0.1:60707 | tcp | |
| N/A | 127.0.0.1:60709 | tcp | |
| N/A | 127.0.0.1:60711 | tcp | |
| N/A | 127.0.0.1:60713 | tcp | |
| N/A | 127.0.0.1:60715 | tcp | |
| N/A | 127.0.0.1:60717 | tcp | |
| N/A | 127.0.0.1:60719 | tcp | |
| N/A | 127.0.0.1:60721 | tcp | |
| N/A | 127.0.0.1:60723 | tcp | |
| N/A | 127.0.0.1:60725 | tcp | |
| N/A | 127.0.0.1:60727 | tcp | |
| N/A | 127.0.0.1:60729 | tcp | |
| N/A | 127.0.0.1:60731 | tcp | |
| N/A | 127.0.0.1:60733 | tcp | |
| N/A | 127.0.0.1:60735 | tcp | |
| N/A | 127.0.0.1:60737 | tcp | |
| N/A | 127.0.0.1:60739 | tcp | |
| N/A | 127.0.0.1:60741 | tcp | |
| N/A | 127.0.0.1:60743 | tcp | |
| N/A | 127.0.0.1:60745 | tcp | |
| N/A | 127.0.0.1:60747 | tcp | |
| N/A | 127.0.0.1:60749 | tcp | |
| N/A | 127.0.0.1:60751 | tcp | |
| N/A | 127.0.0.1:60753 | tcp | |
| N/A | 127.0.0.1:60755 | tcp | |
| N/A | 127.0.0.1:60757 | tcp | |
| N/A | 127.0.0.1:60759 | tcp | |
| N/A | 127.0.0.1:60761 | tcp | |
| N/A | 127.0.0.1:60763 | tcp | |
| N/A | 127.0.0.1:60765 | tcp | |
| N/A | 127.0.0.1:60767 | tcp | |
| N/A | 127.0.0.1:60769 | tcp | |
| N/A | 127.0.0.1:60771 | tcp | |
| N/A | 127.0.0.1:60773 | tcp | |
| N/A | 127.0.0.1:60775 | tcp | |
| N/A | 127.0.0.1:60777 | tcp | |
| N/A | 127.0.0.1:60779 | tcp | |
| N/A | 127.0.0.1:60781 | tcp | |
| N/A | 127.0.0.1:60783 | tcp | |
| N/A | 127.0.0.1:60785 | tcp | |
| N/A | 127.0.0.1:60787 | tcp | |
| N/A | 127.0.0.1:60789 | tcp | |
| N/A | 127.0.0.1:60791 | tcp | |
| N/A | 127.0.0.1:60793 | tcp | |
| N/A | 127.0.0.1:60795 | tcp | |
| N/A | 127.0.0.1:60797 | tcp | |
| N/A | 127.0.0.1:60799 | tcp | |
| N/A | 127.0.0.1:60801 | tcp | |
| N/A | 127.0.0.1:60803 | tcp | |
| N/A | 127.0.0.1:60805 | tcp | |
| N/A | 127.0.0.1:60807 | tcp | |
| N/A | 127.0.0.1:60809 | tcp | |
| N/A | 127.0.0.1:60811 | tcp | |
| N/A | 127.0.0.1:60813 | tcp | |
| N/A | 127.0.0.1:60815 | tcp | |
| N/A | 127.0.0.1:60817 | tcp | |
| N/A | 127.0.0.1:60819 | tcp | |
| N/A | 127.0.0.1:60821 | tcp | |
| N/A | 127.0.0.1:60823 | tcp | |
| N/A | 127.0.0.1:60825 | tcp | |
| N/A | 127.0.0.1:60827 | tcp | |
| N/A | 127.0.0.1:60829 | tcp | |
| N/A | 127.0.0.1:60831 | tcp | |
| N/A | 127.0.0.1:60833 | tcp | |
| N/A | 127.0.0.1:60835 | tcp | |
| N/A | 127.0.0.1:60837 | tcp | |
| N/A | 127.0.0.1:60839 | tcp | |
| N/A | 127.0.0.1:60841 | tcp | |
| N/A | 127.0.0.1:60843 | tcp | |
| N/A | 127.0.0.1:60845 | tcp | |
| N/A | 127.0.0.1:60847 | tcp | |
| N/A | 127.0.0.1:60849 | tcp | |
| N/A | 127.0.0.1:60851 | tcp | |
| N/A | 127.0.0.1:60853 | tcp | |
| N/A | 127.0.0.1:60855 | tcp | |
| N/A | 127.0.0.1:60857 | tcp | |
| N/A | 127.0.0.1:60859 | tcp | |
| N/A | 127.0.0.1:60861 | tcp | |
| N/A | 127.0.0.1:60863 | tcp | |
| N/A | 127.0.0.1:60865 | tcp | |
| N/A | 127.0.0.1:60867 | tcp | |
| N/A | 127.0.0.1:60869 | tcp | |
| N/A | 127.0.0.1:60871 | tcp | |
| N/A | 127.0.0.1:60873 | tcp | |
| N/A | 127.0.0.1:60875 | tcp | |
| N/A | 127.0.0.1:60877 | tcp | |
| N/A | 127.0.0.1:60879 | tcp | |
| N/A | 127.0.0.1:60881 | tcp | |
| N/A | 127.0.0.1:60883 | tcp | |
| N/A | 127.0.0.1:60885 | tcp | |
| N/A | 127.0.0.1:60887 | tcp | |
| N/A | 127.0.0.1:60889 | tcp | |
| N/A | 127.0.0.1:60891 | tcp | |
| N/A | 127.0.0.1:60893 | tcp | |
| N/A | 127.0.0.1:60895 | tcp | |
| N/A | 127.0.0.1:60897 | tcp | |
| N/A | 127.0.0.1:60899 | tcp | |
| N/A | 127.0.0.1:60901 | tcp | |
| N/A | 127.0.0.1:60903 | tcp | |
| N/A | 127.0.0.1:60905 | tcp | |
| N/A | 127.0.0.1:60907 | tcp | |
| N/A | 127.0.0.1:60909 | tcp | |
| N/A | 127.0.0.1:60911 | tcp | |
| N/A | 127.0.0.1:60913 | tcp | |
| N/A | 127.0.0.1:60915 | tcp | |
| N/A | 127.0.0.1:60917 | tcp | |
| N/A | 127.0.0.1:60919 | tcp | |
| N/A | 127.0.0.1:60921 | tcp | |
| N/A | 127.0.0.1:60923 | tcp | |
| N/A | 127.0.0.1:60925 | tcp | |
| N/A | 127.0.0.1:60927 | tcp | |
| N/A | 127.0.0.1:60929 | tcp | |
| N/A | 127.0.0.1:60931 | tcp | |
| N/A | 127.0.0.1:15078 | tcp | |
| N/A | 127.0.0.1:60934 | tcp | |
| N/A | 127.0.0.1:60936 | tcp | |
| N/A | 127.0.0.1:60938 | tcp | |
| N/A | 127.0.0.1:60940 | tcp | |
| N/A | 127.0.0.1:60942 | tcp | |
| N/A | 127.0.0.1:60944 | tcp | |
| N/A | 127.0.0.1:60946 | tcp | |
| N/A | 127.0.0.1:60948 | tcp | |
| N/A | 127.0.0.1:60950 | tcp | |
| N/A | 127.0.0.1:60952 | tcp | |
| N/A | 127.0.0.1:60954 | tcp | |
| N/A | 127.0.0.1:60956 | tcp | |
| N/A | 127.0.0.1:60958 | tcp | |
| N/A | 127.0.0.1:60960 | tcp | |
| N/A | 127.0.0.1:60962 | tcp | |
| N/A | 127.0.0.1:60964 | tcp | |
| N/A | 127.0.0.1:60966 | tcp | |
| N/A | 127.0.0.1:60968 | tcp | |
| N/A | 127.0.0.1:60970 | tcp | |
| N/A | 127.0.0.1:60972 | tcp | |
| N/A | 127.0.0.1:60974 | tcp | |
| N/A | 127.0.0.1:60976 | tcp | |
| N/A | 127.0.0.1:60978 | tcp | |
| N/A | 127.0.0.1:60980 | tcp | |
| N/A | 127.0.0.1:60982 | tcp | |
| N/A | 127.0.0.1:60984 | tcp | |
| N/A | 127.0.0.1:60986 | tcp | |
| N/A | 127.0.0.1:60988 | tcp | |
| N/A | 127.0.0.1:60990 | tcp | |
| N/A | 127.0.0.1:60992 | tcp | |
| N/A | 127.0.0.1:60994 | tcp | |
| N/A | 127.0.0.1:60996 | tcp | |
| N/A | 127.0.0.1:60998 | tcp | |
| N/A | 127.0.0.1:61000 | tcp | |
| N/A | 127.0.0.1:61002 | tcp | |
| N/A | 127.0.0.1:61004 | tcp | |
| N/A | 127.0.0.1:61006 | tcp | |
| N/A | 127.0.0.1:61008 | tcp | |
| N/A | 127.0.0.1:61010 | tcp | |
| N/A | 127.0.0.1:61012 | tcp | |
| N/A | 127.0.0.1:61014 | tcp | |
| N/A | 127.0.0.1:61016 | tcp | |
| N/A | 127.0.0.1:61018 | tcp | |
| N/A | 127.0.0.1:61020 | tcp | |
| N/A | 127.0.0.1:61022 | tcp | |
| N/A | 127.0.0.1:61024 | tcp | |
| N/A | 127.0.0.1:61026 | tcp | |
| N/A | 127.0.0.1:61028 | tcp | |
| N/A | 127.0.0.1:61030 | tcp | |
| N/A | 127.0.0.1:61032 | tcp | |
| N/A | 127.0.0.1:61034 | tcp | |
| N/A | 127.0.0.1:61036 | tcp | |
| N/A | 127.0.0.1:61038 | tcp | |
| N/A | 127.0.0.1:61040 | tcp | |
| N/A | 127.0.0.1:61042 | tcp | |
| N/A | 127.0.0.1:61044 | tcp | |
| N/A | 127.0.0.1:61046 | tcp | |
| N/A | 127.0.0.1:61048 | tcp | |
| N/A | 127.0.0.1:61050 | tcp | |
| N/A | 127.0.0.1:61052 | tcp | |
| N/A | 127.0.0.1:61054 | tcp | |
| N/A | 127.0.0.1:61056 | tcp | |
| N/A | 127.0.0.1:61058 | tcp | |
| N/A | 127.0.0.1:61060 | tcp | |
| N/A | 127.0.0.1:61062 | tcp | |
| N/A | 127.0.0.1:61064 | tcp | |
| N/A | 127.0.0.1:61066 | tcp | |
| N/A | 127.0.0.1:61068 | tcp | |
| N/A | 127.0.0.1:61070 | tcp | |
| N/A | 127.0.0.1:61072 | tcp | |
| N/A | 127.0.0.1:61074 | tcp | |
| N/A | 127.0.0.1:61076 | tcp | |
| N/A | 127.0.0.1:61078 | tcp | |
| N/A | 127.0.0.1:61080 | tcp | |
| N/A | 127.0.0.1:61082 | tcp | |
| N/A | 127.0.0.1:61084 | tcp | |
| N/A | 127.0.0.1:61086 | tcp | |
| N/A | 127.0.0.1:61088 | tcp | |
| N/A | 127.0.0.1:61090 | tcp | |
| N/A | 127.0.0.1:61092 | tcp | |
| N/A | 127.0.0.1:61094 | tcp | |
| N/A | 127.0.0.1:61096 | tcp | |
| N/A | 127.0.0.1:61098 | tcp | |
| N/A | 127.0.0.1:61100 | tcp | |
| N/A | 127.0.0.1:61102 | tcp | |
| N/A | 127.0.0.1:61104 | tcp | |
| N/A | 127.0.0.1:61106 | tcp | |
| N/A | 127.0.0.1:61108 | tcp | |
| N/A | 127.0.0.1:61110 | tcp | |
| N/A | 127.0.0.1:61112 | tcp | |
| N/A | 127.0.0.1:61114 | tcp | |
| N/A | 127.0.0.1:61116 | tcp | |
| N/A | 127.0.0.1:61118 | tcp | |
| N/A | 127.0.0.1:61120 | tcp | |
| N/A | 127.0.0.1:61122 | tcp | |
| N/A | 127.0.0.1:61124 | tcp | |
| N/A | 127.0.0.1:61126 | tcp | |
| N/A | 127.0.0.1:61128 | tcp | |
| N/A | 127.0.0.1:61130 | tcp | |
| N/A | 127.0.0.1:61132 | tcp | |
| N/A | 127.0.0.1:61134 | tcp | |
| N/A | 127.0.0.1:61136 | tcp | |
| N/A | 127.0.0.1:61138 | tcp | |
| N/A | 127.0.0.1:61140 | tcp | |
| N/A | 127.0.0.1:61142 | tcp | |
| N/A | 127.0.0.1:61144 | tcp | |
| N/A | 127.0.0.1:61146 | tcp | |
| N/A | 127.0.0.1:61148 | tcp | |
| N/A | 127.0.0.1:61150 | tcp | |
| N/A | 127.0.0.1:61152 | tcp | |
| N/A | 127.0.0.1:61154 | tcp | |
| N/A | 127.0.0.1:61156 | tcp | |
| N/A | 127.0.0.1:61158 | tcp | |
| N/A | 127.0.0.1:61160 | tcp | |
| N/A | 127.0.0.1:61162 | tcp | |
| N/A | 127.0.0.1:61164 | tcp | |
| N/A | 127.0.0.1:61166 | tcp | |
| N/A | 127.0.0.1:61168 | tcp | |
| N/A | 127.0.0.1:61170 | tcp | |
| N/A | 127.0.0.1:61172 | tcp | |
| N/A | 127.0.0.1:61174 | tcp | |
| N/A | 127.0.0.1:61176 | tcp | |
| N/A | 127.0.0.1:61178 | tcp | |
| N/A | 127.0.0.1:61180 | tcp | |
| N/A | 127.0.0.1:61182 | tcp | |
| N/A | 127.0.0.1:61184 | tcp | |
| N/A | 127.0.0.1:61186 | tcp | |
| N/A | 127.0.0.1:61188 | tcp | |
| N/A | 127.0.0.1:61191 | tcp | |
| N/A | 127.0.0.1:61193 | tcp | |
| N/A | 127.0.0.1:61195 | tcp | |
| N/A | 127.0.0.1:61197 | tcp | |
| N/A | 127.0.0.1:61199 | tcp | |
| N/A | 127.0.0.1:61201 | tcp | |
| N/A | 127.0.0.1:61203 | tcp | |
| N/A | 127.0.0.1:61205 | tcp | |
| N/A | 127.0.0.1:61207 | tcp | |
| N/A | 127.0.0.1:61209 | tcp | |
| N/A | 127.0.0.1:61211 | tcp | |
| N/A | 127.0.0.1:61213 | tcp | |
| N/A | 127.0.0.1:3478 | udp | |
| BG | 185.82.216.108:443 | server7.statsexplorer.org | tcp |
| US | 8.8.8.8:53 | stun.sipgate.net | udp |
| US | 3.33.249.248:3478 | stun.sipgate.net | udp |
| BG | 185.82.216.108:443 | server7.statsexplorer.org | tcp |
| US | 8.8.8.8:53 | 248.249.33.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.178.17.96.in-addr.arpa | udp |
| IT | 185.196.8.22:80 | bwvdnbh.com | tcp |
| NL | 45.155.249.96:2023 | tcp |
Files
memory/2748-1-0x0000000000AF0000-0x0000000000BF0000-memory.dmp
memory/2748-2-0x0000000000A60000-0x0000000000A6B000-memory.dmp
memory/2748-3-0x0000000000400000-0x0000000000816000-memory.dmp
memory/3316-4-0x0000000000D50000-0x0000000000D66000-memory.dmp
memory/2748-5-0x0000000000400000-0x0000000000816000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\BB9F.exe
| MD5 | 75461ea9b4afef6be414c9f5eed6245a |
| SHA1 | f6caeb83cff048a368503fe159efccf81fb04927 |
| SHA256 | 72fdaa2cf9a067ef48199ddbab6da3db40b380c6a8f0a7dda267b660634d0d46 |
| SHA512 | b63e7f8a922fa13799483f3cb6de3c21a9370262e7226d6a9ef313b8b335ceb353394910ef9dc8f635b8162a51da982eb9449704cd72a9118598b2eb1b3c8804 |
C:\Users\Admin\AppData\Local\Temp\BB9F.exe
| MD5 | 147f5f5bbc80b2ad753993e15f3f32c2 |
| SHA1 | 16d73b4abeef12cf76414338901eb7bbef46775f |
| SHA256 | 40dc1ae099f2278650c0aa599ba00f659a87996208133d6a64b0cc5cbb5fe990 |
| SHA512 | 9c43aaa68161ef04c60e3f64c3fd54426dfd387f0013f009f3da94d45f19e514cd41de7b95865c47f55e5800222fd74736659138bb96406aa37f9cdc8e5799b6 |
memory/2064-16-0x0000000004B40000-0x0000000004D00000-memory.dmp
memory/2064-18-0x0000000004D00000-0x0000000004EB7000-memory.dmp
memory/312-17-0x0000000000400000-0x0000000000848000-memory.dmp
memory/312-20-0x0000000000400000-0x0000000000848000-memory.dmp
memory/312-22-0x0000000000400000-0x0000000000848000-memory.dmp
memory/312-23-0x0000000000400000-0x0000000000848000-memory.dmp
memory/312-24-0x0000000000400000-0x0000000000848000-memory.dmp
memory/312-25-0x0000000000400000-0x0000000000848000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\C0C1.dll
| MD5 | bdc9992d8a0dee6bd105b3af38619774 |
| SHA1 | 09589ef7751f604d4d9698906b88d6921b67c78f |
| SHA256 | 961bc2e5df8864eb42a2fb09868cc3c160e92f47ec3fd88f4b8aba61ecb93681 |
| SHA512 | b4b45ec35bbb10d32bcf6752b60e8f95e23651720cf521c036ad07fc43a5de7152f362e72b58176dc84ceee56066914cbfe6851fbc08a3c5e205a7088cac499f |
memory/1128-31-0x0000000010000000-0x00000000101A3000-memory.dmp
memory/1128-34-0x0000000002A80000-0x0000000002A86000-memory.dmp
memory/1128-36-0x0000000004560000-0x0000000004686000-memory.dmp
memory/1128-37-0x0000000004690000-0x000000000479B000-memory.dmp
memory/1128-40-0x0000000004690000-0x000000000479B000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\D1C9.exe
| MD5 | d76f7f19868ea36dc09fbeb9cebedc46 |
| SHA1 | 6ddf0102c390c798bc36154d748fa8ba3a2b1b42 |
| SHA256 | 86646db4beeb330da0cc9e1e14e34f83632bd943ebb2f17736cccfba078579ff |
| SHA512 | 48288c2330d8406652e8709bbd3ab7c92df079a96a7d534bcbed689b12d71bd29d9f1302e9780b6c6576c175ab528547981d4266a2955e185c56da6ae633bac1 |
memory/2964-44-0x0000000001280000-0x0000000001281000-memory.dmp
memory/2964-46-0x0000000002E70000-0x0000000002E71000-memory.dmp
memory/2964-45-0x0000000000170000-0x0000000000D74000-memory.dmp
memory/2964-47-0x0000000002EA0000-0x0000000002EA1000-memory.dmp
memory/2964-48-0x0000000002EB0000-0x0000000002EB1000-memory.dmp
memory/2964-49-0x0000000002EC0000-0x0000000002EC1000-memory.dmp
memory/2964-50-0x0000000002ED0000-0x0000000002ED1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\D610.exe
| MD5 | 1996a23c7c764a77ccacf5808fec23b0 |
| SHA1 | 5a7141b167056bf8f01c067ebe12ed4ccc608dc7 |
| SHA256 | e40c8e14e8cb8a0667026a35e6e281c7a8a02bdf7bc39b53cfe0605e29372888 |
| SHA512 | 430c8b43c2cbb937d2528fa79c754be1a1b80c95c45c49dba323e3fe6097a7505fc437ddafab54b21d00fba9300b5fa36555535a6fa2eb656b5aa45ccf942e23 |
memory/2964-60-0x0000000002F00000-0x0000000002F01000-memory.dmp
memory/2964-61-0x0000000002F10000-0x0000000002F11000-memory.dmp
memory/2964-62-0x0000000000170000-0x0000000000D74000-memory.dmp
memory/2964-63-0x0000000002F20000-0x0000000002F21000-memory.dmp
memory/2964-64-0x0000000002F40000-0x0000000002F41000-memory.dmp
memory/2964-65-0x0000000002F50000-0x0000000002F51000-memory.dmp
memory/2964-66-0x0000000002F60000-0x0000000002F61000-memory.dmp
memory/2964-67-0x0000000002F70000-0x0000000002F71000-memory.dmp
memory/2964-69-0x0000000002F90000-0x0000000002F91000-memory.dmp
memory/2964-68-0x0000000002F80000-0x0000000002F81000-memory.dmp
memory/2964-70-0x0000000002FA0000-0x0000000002FA1000-memory.dmp
memory/2964-72-0x0000000002FC0000-0x0000000002FC1000-memory.dmp
memory/2964-71-0x0000000002FB0000-0x0000000002FB1000-memory.dmp
memory/2964-73-0x0000000002FD0000-0x0000000002FD1000-memory.dmp
memory/2964-75-0x0000000003000000-0x0000000003001000-memory.dmp
memory/2964-74-0x0000000002FF0000-0x0000000002FF1000-memory.dmp
memory/2964-76-0x0000000003010000-0x0000000003011000-memory.dmp
memory/2964-77-0x0000000003020000-0x0000000003021000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\D1C9.exe
| MD5 | 3fa718e887e68502a6d90c453ee6a7e3 |
| SHA1 | c992d3c9fcdb8e87521983be55c8ede7fe174583 |
| SHA256 | 27854796276699a3cec048d7b4b2c2e0a286324e7ad963784669dee8d5541cec |
| SHA512 | a1e263198f83b4d4d2ab71c6149ac7547e82e4d017b75e745adcb5e4200489d71e924ea3648419889bac5862e04dbb4de77297625624a802caf8d0c34ab55acf |
memory/2964-80-0x0000000000170000-0x0000000000D74000-memory.dmp
memory/312-81-0x0000000000400000-0x0000000000848000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\F5FD.exe
| MD5 | 7c5f93e3cf0ca3a525d38ad61c6d023f |
| SHA1 | 3c0fe7c9b9a50286723bda634ce40cde46a42faf |
| SHA256 | 67764b62e9fe7546fa12b8f8af95f5258cb7af8d172ea89b6f52e0d5ab269179 |
| SHA512 | 612bdf50be463a6dc55632b6079d46fc39cd6859377442767426c48af6da076e777d07ee49daa327fa797823e68b87f3782ff8c85d1b7719a7bb87160d8bca7c |
C:\Users\Admin\AppData\Local\Temp\F5FD.exe
| MD5 | 20593cc9bd18494e486e52fe4c0c28da |
| SHA1 | 17a8e783c169613e05f044568c2683d87e8ac97e |
| SHA256 | ff43d524fbc0c192c4e1829a24770237ed27530531b328500a5f25cb41f0ac43 |
| SHA512 | 66ae96a8dbbcb82254f15139a955bd36c0f68c29d263cf6fc81382eec6eab26f4ce2ea42a454c7d09b79d8e585450b7a1a0019e05ff3ef6dcca1f152450459ac |
memory/936-86-0x00000000002A0000-0x0000000000B56000-memory.dmp
memory/1128-87-0x0000000010000000-0x00000000101A3000-memory.dmp
memory/936-88-0x0000000072690000-0x0000000072D7E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
| MD5 | 760fe387d7c560f53f0f9c728a66d3b0 |
| SHA1 | 543c5b5f57e01ec1744b098ef24e52ed08d81e42 |
| SHA256 | aa9ec255d6b490b747edeaf60a5dd617411feae80944d62cc2276551e6095efc |
| SHA512 | 2b4d0a18ade76d12236c7a698e48a6875c85e3a9df61727f5070edf4f63d30af380bb40a1d647cb907af25bb2fec4ce6076e7a5d39944ac76e92594bc54522b7 |
C:\Users\Admin\AppData\Local\Temp\InstallSetup4.exe
| MD5 | 32e0649372008cdcf7cb0c82dc0e28ac |
| SHA1 | f1a490c28148ecc5012eecedd0d31159d3a2ecd8 |
| SHA256 | 1772acd73ad96c6e4190930dde53a5af9ba2c0f16c9274f1da02927d26575964 |
| SHA512 | 947efd3f7e016e68bcc04c99b53a0bafe0b35b9a83df5821690f49b3e584238be5cdcb730776439046fc277d2b510cbc5490bf592eabbf1985f54b55dbceb3e7 |
C:\Users\Admin\AppData\Local\Temp\FourthX.exe
| MD5 | 2fe9860d62aeebd600e504a6b6c7a9d2 |
| SHA1 | edaa583ccc78d914c79389e69d24ce7264a813ef |
| SHA256 | 1a75104e58525eed39afac6c3de839e436f7e5212390c4b50c8d308c4d0090c7 |
| SHA512 | 5429b0f28ed8745eae7d6f2c517ec6c7fc53a48c04c420fb7fb46363d1a98cb239125cf356a8167f23c55a66bd4f3b2872e6e7d10274531179d91544e7cbef57 |
memory/936-106-0x0000000072690000-0x0000000072D7E000-memory.dmp
\Users\Admin\AppData\Local\Temp\nsgFC81.tmp\INetC.dll
| MD5 | 40d7eca32b2f4d29db98715dd45bfac5 |
| SHA1 | 124df3f617f562e46095776454e1c0c7bb791cc7 |
| SHA256 | 85e03805f90f72257dd41bfdaa186237218bbb0ec410ad3b6576a88ea11dccb9 |
| SHA512 | 5fd4f516ce23fb7e705e150d5c1c93fc7133694ba495fb73101674a528883a013a34ab258083aa7ce6072973b067a605158316a4c9159c1b4d765761f91c513d |
C:\Users\Admin\AppData\Local\Temp\BroomSetup.exe
| MD5 | 4451bf12dc7be6aa2448561086570c8a |
| SHA1 | 5296cd7413ca23953e13759ede1cc787aa53794c |
| SHA256 | f59a5b0febbfb403478dc41ba4089ef7d9a383d9d191e3e9aedd43d52c70230f |
| SHA512 | 4b2d3950b6685a7451db250ff5ec67ba13d6749e56c410e0051d0f0b0e2df826d7f58d8f80cf06e48424788c19f804cfea09f05d0f91de95c62d7ea8c3eaa85b |
C:\Users\Admin\AppData\Local\Temp\InstallSetup4.exe
| MD5 | b8e45f2c173a2b4a4cae61694db03ecd |
| SHA1 | 2ba86522aca9bbbbc0dc0e6c0afd2e44d03c1514 |
| SHA256 | a030a92322c53c225ba009ad8ee853bc43c52a85ffd1eb7b00913abb90c9761f |
| SHA512 | 4badedf2dcd07f2cd85cb2ef73e3c25594f676f3081063c292b3b9829cbcb9020bd032922aef02136fa03ef0190644a75c7c974e06ff2acffdabe98c50f499f1 |
C:\Users\Admin\AppData\Local\Temp\FourthX.exe
| MD5 | 8ad7f84f4df99d284538711292c4302c |
| SHA1 | 53dece90e07b90cd6576ae4d8b8902e87bdfeecb |
| SHA256 | 4c1001cca206f78407b4522a00d9986470c802ad1edd5beb5f9fd4bc682f6566 |
| SHA512 | af8282b4310b90604097bf703c8f4ae1bdedba39a4a7db8ecd7c1e41757d4b78f0b3bf546c05921a8109f5f2a0ad98e7d8832ebae60b9a211485db8186a76afe |
memory/2964-114-0x0000000000170000-0x0000000000D74000-memory.dmp
memory/4968-115-0x0000000000A10000-0x0000000000A11000-memory.dmp
memory/528-116-0x0000000002A80000-0x0000000002E7B000-memory.dmp
memory/312-117-0x0000000000400000-0x0000000000848000-memory.dmp
memory/528-119-0x0000000002E80000-0x000000000376B000-memory.dmp
memory/528-120-0x0000000000400000-0x0000000000D1C000-memory.dmp
memory/312-121-0x0000000000400000-0x0000000000848000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\nsf4A1.tmp
| MD5 | 98f75ae139d548677e3c0ff45c24ed08 |
| SHA1 | 9052843267fd24e8d4dd700d121506a6ccd6935b |
| SHA256 | 83764623a1b1038a7b28ac61a156ca7cdeed91f38c0e3ceb211a3e9380cbdfbe |
| SHA512 | a2efd41d8285b4d506058c0d2e7a01a5a053e0e48932835997778b563c47b6762e3f36c2c49c327513f845735132fa4be5ea2a4609a56352c44f181f2a0d8bbb |
C:\Users\Admin\AppData\Local\Temp\715.exe
| MD5 | 48c81c86a68569b6c585da608b77de24 |
| SHA1 | 01ce4382b2717f637d97b94e8e6f9ae81a62ad63 |
| SHA256 | 4ab028d9b30bc568d572a7fc0f59c53c09fb86d5a8a73ec5e89c0c029d652310 |
| SHA512 | 3e7a52aba31e1e3ec38eda9624a51a9a1e814aedd4385aca3f60b744173d094f9a5d1fa71de94d4d5e0951dd0f7116ff1765dc0cd6f5b772ed859dd82e568aea |
memory/412-139-0x00000000023A0000-0x00000000024A0000-memory.dmp
memory/412-140-0x0000000002340000-0x0000000002374000-memory.dmp
memory/412-141-0x0000000000400000-0x00000000022DC000-memory.dmp
memory/312-142-0x0000000000400000-0x0000000000848000-memory.dmp
memory/4564-143-0x00000000023E0000-0x00000000023EB000-memory.dmp
memory/4564-144-0x00000000024A0000-0x00000000025A0000-memory.dmp
memory/4564-145-0x0000000000400000-0x00000000022D1000-memory.dmp
C:\Users\Admin\AppData\Roaming\Temp\Task.bat
| MD5 | 11bb3db51f701d4e42d3287f71a6a43e |
| SHA1 | 63a4ee82223be6a62d04bdfe40ef8ba91ae49a86 |
| SHA256 | 6be22058abfb22b40a42fb003f86b89e204a83024c03eb82cd53e2a0a047c331 |
| SHA512 | 907ad2c070cc1db89f43459a94d7f48985d939d749c9648b78572a266f0d3fde47813a129e9151dbf4a7d96d36f588172f57c88b8b947b56ed818d7d068abab2 |
memory/412-147-0x0000000061E00000-0x0000000061EF3000-memory.dmp
memory/2680-162-0x0000000000400000-0x0000000000414000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\1BB7.exe
| MD5 | ae108bde8b803921f66622ba1f4682f7 |
| SHA1 | 30a8f572ae20356adff3a65f7d06b8bb4bfe63b3 |
| SHA256 | 18000da96e906b40a8976af48af389ac3b8e8b22ccea5b54e2cf6615a75b45ca |
| SHA512 | 5d7ff8ef9e7d557a96b8654feb07e9fe487b05683433f2d8f59138e3997f396271c0b18060de01adf245696c09435eb74a87499cbeed0500375d0dbdb7f71535 |
C:\Users\Admin\AppData\Local\Temp\1BB7.exe
| MD5 | 9757c845a9abb38652583c167d89ca62 |
| SHA1 | ffb193fc0f06153ac89dca3f59e97e9284fb1876 |
| SHA256 | 1c93fa6dba262dbedf3c690508cd7b9a7da014b9eb1fa1a8306ebfffaeff1693 |
| SHA512 | c249ab7a991f4caa21a0fff097f063c0ff533f63116a5e206a2d3703187ac06c696b208b8a8dc9c0e3da6fbb7f30447c76e08bba8986734ef0555d5b69be0695 |
C:\Users\Admin\AppData\Local\Temp\is-9A2M1.tmp\1BB7.tmp
| MD5 | 8fe7736caca3d3b55bd9123f7d5cd780 |
| SHA1 | 68158e0909fced212d9076cc891953624e2b401d |
| SHA256 | 27821f0047bd4f5f8bfc4939bcb22c110e9de3a852f9589fb253b26b3ec25d94 |
| SHA512 | 32c20f6f8a0c333dc1aff88bebdf5e46a93711e0e481af92c13156900874b7dfef584633e13761110031d0d52cbc062ba3749b0541a2adf98e1c80f0da264553 |
\Users\Admin\AppData\Local\Temp\is-8QIM1.tmp\_isetup\_isdecmp.dll
| MD5 | a813d18268affd4763dde940246dc7e5 |
| SHA1 | c7366e1fd925c17cc6068001bd38eaef5b42852f |
| SHA256 | e19781aabe466dd8779cb9c8fa41bbb73375447066bb34e876cf388a6ed63c64 |
| SHA512 | b310ed4cd2e94381c00a6a370fcb7cc867ebe425d705b69caaaaffdafbab91f72d357966916053e72e68ecf712f2af7585500c58bb53ec3e1d539179fcb45fb4 |
\Users\Admin\AppData\Local\Temp\is-8QIM1.tmp\_isetup\_iscrypt.dll
| MD5 | a69559718ab506675e907fe49deb71e9 |
| SHA1 | bc8f404ffdb1960b50c12ff9413c893b56f2e36f |
| SHA256 | 2f6294f9aa09f59a574b5dcd33be54e16b39377984f3d5658cda44950fa0f8fc |
| SHA512 | e52e0aa7fe3f79e36330c455d944653d449ba05b2f9abee0914a0910c3452cfa679a40441f9ac696b3ccf9445cbb85095747e86153402fc362bb30ac08249a63 |
memory/4224-190-0x00000000001F0000-0x00000000001F1000-memory.dmp
memory/4564-200-0x0000000000400000-0x00000000022D1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\4KPV6A~1\cached-microdesc-consensus.tmp
| MD5 | 96f0956ba7ed02234a86784ca8ba7e1f |
| SHA1 | a1f018a29c37e17f331e32ccff937b2b78252627 |
| SHA256 | cea17f503aa33ec253474c58b32b726b6c601e12a1dfacbdda1e0a649034d032 |
| SHA512 | 2464edc5c027c2013b364f07adc7ed1f40da924ebae91b4c3072baeee442471e93084a6c4c2c2aa85b1fc0b03711eeec200549ee7dc6f49be72a467d51ffb5ea |
C:\Users\Admin\AppData\Local\Info Tool Extension\infotoolext.exe
| MD5 | 67d82332e6dcfaf01ef59387cc75fa79 |
| SHA1 | 1263b36a23663b7b79953ccade12e56e2fdee7e5 |
| SHA256 | d589c843a3f233649ccce8d102ffe22a0f41fc608cae6141725252a956e23143 |
| SHA512 | f32ab5aa53ff5c8d2ca1e0bc1dd14b9955e5452af67dde8bb7b01d4304284c1e4b09fe4ef0150ec042ca31b76e1a01ff67b750dff46aa674bef1d91a154d4a6c |
C:\Users\Admin\AppData\Local\Info Tool Extension\infotoolext.exe
| MD5 | a0df8047e1367568cbb44b27b0188282 |
| SHA1 | 0a91ac2330e8e16f01042a6de463e69c57dd2a11 |
| SHA256 | 3053ae548799a5dc0e4de91f764d6c220f6619acff24192fa146d98fed0327ea |
| SHA512 | 3817bfc53625a37610a2f16ba0915cdf67482f6883e76bb178d4ea97d9a5dce02341ecf65c9a99db6e8d4d4b5bedb93431942a6161479628d3680971c5b2b4a0 |
memory/2160-257-0x0000000000400000-0x00000000007A5000-memory.dmp
C:\Users\Admin\AppData\Local\Info Tool Extension\infotoolext.exe
| MD5 | 4ea56309a9951553a8bfa39295eea38c |
| SHA1 | 843d7a94fa4b11360f41511f294a296fc1a7e747 |
| SHA256 | 8792fe16f785942884d3299a908ae4c16257fcdd870abd456d2ee90b5fe10807 |
| SHA512 | d42b9e5b64ff44c353fa2ec58ef1b300448fbec754994b6c38e70ac882dbeb9bbfb326a456a5df40cb9bd4029654762cf87c3cbf6c4203053affafe0305855ed |
memory/4968-261-0x0000000000A10000-0x0000000000A11000-memory.dmp
memory/4868-262-0x0000000000400000-0x00000000007A5000-memory.dmp
memory/4868-263-0x0000000000400000-0x00000000007A5000-memory.dmp
memory/528-264-0x0000000002A80000-0x0000000002E7B000-memory.dmp
memory/1132-271-0x0000000007110000-0x0000000007146000-memory.dmp
memory/1132-272-0x0000000071660000-0x0000000071D4E000-memory.dmp
memory/1132-273-0x0000000007830000-0x0000000007E58000-memory.dmp
memory/528-274-0x0000000000400000-0x0000000000D1C000-memory.dmp
memory/1132-276-0x0000000007E60000-0x0000000007E82000-memory.dmp
memory/1132-277-0x00000000071F0000-0x0000000007200000-memory.dmp
memory/1132-279-0x0000000007F00000-0x0000000007F66000-memory.dmp
memory/412-278-0x00000000023A0000-0x00000000024A0000-memory.dmp
memory/1132-275-0x00000000071F0000-0x0000000007200000-memory.dmp
memory/1132-283-0x0000000008070000-0x00000000080D6000-memory.dmp
memory/1132-284-0x00000000081B0000-0x0000000008500000-memory.dmp
memory/1132-285-0x0000000008590000-0x00000000085AC000-memory.dmp
memory/1132-286-0x0000000008AB0000-0x0000000008AFB000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_5n4cn12y.5jf.ps1
| MD5 | c4ca4238a0b923820dcc509a6f75849b |
| SHA1 | 356a192b7913b04c54574d18c28d46e6395428ab |
| SHA256 | 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b |
| SHA512 | 4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a |
memory/1132-308-0x0000000009640000-0x000000000967C000-memory.dmp
memory/1132-339-0x0000000009700000-0x0000000009776000-memory.dmp
memory/1132-350-0x000000000A530000-0x000000000A563000-memory.dmp
memory/1132-351-0x0000000072F80000-0x0000000072FCB000-memory.dmp
memory/1132-352-0x000000006F840000-0x000000006FB90000-memory.dmp
memory/412-353-0x0000000000400000-0x00000000022DC000-memory.dmp
memory/1132-354-0x000000000A510000-0x000000000A52E000-memory.dmp
memory/1132-356-0x000000007E880000-0x000000007E890000-memory.dmp
memory/1132-360-0x000000000A570000-0x000000000A615000-memory.dmp
memory/1132-362-0x000000000A790000-0x000000000A824000-memory.dmp
memory/1132-366-0x00000000071F0000-0x0000000007200000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\301B.exe
| MD5 | 3167a36293cd606304327715e68d9c17 |
| SHA1 | 99f7b92cffa91c10dcbbb3b5885d6a61648b45bf |
| SHA256 | 9e3cb7d1830d23b71784d2b30ff7fc57fc3c9ec330e8eac9ff48031b9707d0e3 |
| SHA512 | fa07c4d70100d6fb917a322a23482da43393f69e4e7ffaa04f12248078ef1353e93d1886052bdbe08b21e81a810f755495fddde6ce7d60d5659f1a553beab3cf |
C:\Users\Admin\AppData\Local\Temp\301B.exe
| MD5 | 2a4d63556ad81ecbea2f4d4ccc61bdfe |
| SHA1 | c48902c055bea41e791490f571ac01dc30c1dc86 |
| SHA256 | ea106462928990052fa3b31c7a58df6ba03825bed4a2aeffdd9ec19a921ad226 |
| SHA512 | 2962fde00b200ed0d017a64934f8c0b4976f2c1fcdc32a53b629314701ba822485946e4c2be33963c5dd7634a992188051c83221eb3b91bfcc6b95c50d696db6 |
memory/2680-416-0x0000000000400000-0x0000000000414000-memory.dmp
\ProgramData\nss3.dll
| MD5 | bb321fe515951093f65b71afca9dba79 |
| SHA1 | 6800077cb90a21e0f313266715a4dcd26487ba25 |
| SHA256 | 20aee75599ac3d5b4743e25adc4c158bd19d0a0de40455d0454236cd893505e8 |
| SHA512 | 132c6cbf459ddebcee2ea366207dfe6700199bb23789c9c89b9c4d3110bc3d505b7513a246b322d6dd48113821551aa85da828f3323cf2c95d5ebea2b4005ba9 |
\ProgramData\mozglue.dll
| MD5 | 73ca567027d22ac8d405c96571e74780 |
| SHA1 | e683a09f84a7f743824fe4561f157c64507922ea |
| SHA256 | 308b4b2be7698fea50f8c706b4b64f6054ebe42c94c7cea7220612db5f68e9bc |
| SHA512 | 5f3d1f7c25fbc4937d3ba64b0bf5b05da073535f0ea0e1bf211d91b6e553caf6ef6d405da1bcb3f18a4d23d11bd90309bc10901705f6897ff8870b46bac418c2 |
C:\ProgramData\mozglue.dll
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
memory/2224-423-0x0000000000400000-0x0000000000414000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-EH6O8.tmp\301B.tmp
| MD5 | d5709c2171e58c1106a886c080be01f8 |
| SHA1 | 1f7ae64452f9ba78d65c0d4e6a4d0167f26d04d1 |
| SHA256 | 4f80b4906439bec266cc9f4552f7cfd82bdeac0d7bf29da0040a673cd6576561 |
| SHA512 | 965d1eca832cbc354717170a42833212da56117485219203758aff248ceb95139ac0a208fe5eb998467307c13e0be3dd6a1b196ef141bd462cc7642c2cdb5ccd |
memory/4224-464-0x00000000001F0000-0x00000000001F1000-memory.dmp
C:\Users\Admin\AppData\Local\VSO Inspector\is-NBDHM.tmp
| MD5 | 6231b452e676ade27ca0ceb3a3cf874a |
| SHA1 | f8236dbf9fa3b2835bbb5a8d08dab3a155f310d1 |
| SHA256 | 9941eee1cafffad854ab2dfd49bf6e57b181efeb4e2d731ba7a28f5ab27e91cf |
| SHA512 | f5882a3cded0a4e498519de5679ea12a0ea275c220e318af1762855a94bdac8dc5413d1c5d1a55a7cc31cfebcf4647dcf1f653195536ce1826a3002cf01aa12c |
memory/376-465-0x00000000001F0000-0x00000000001F1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-4JNLS.tmp\_isetup\_shfoldr.dll
| MD5 | 92dc6ef532fbb4a5c3201469a5b5eb63 |
| SHA1 | 3e89ff837147c16b4e41c30d6c796374e0b8e62c |
| SHA256 | 9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87 |
| SHA512 | 9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3 |
C:\ProgramData\Are.docx
| MD5 | a33e5b189842c5867f46566bdbf7a095 |
| SHA1 | e1c06359f6a76da90d19e8fd95e79c832edb3196 |
| SHA256 | 5abf8e3d1f78de7b09d7f6fb87f9e80e60caacf13ef3c1289665653dacd7c454 |
| SHA512 | f2ad3812ec9b915e9618539b0f103f2e9acaad25fbbacd84941c954ce070af231324e83a4621e951c1dbae8d40d50410954e40dd52bbd46e34c54b0d1957407b |
memory/412-555-0x0000000000400000-0x00000000022DC000-memory.dmp
memory/1132-631-0x0000000007430000-0x000000000744A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\4KPV6A~1\cached-microdescs.new
| MD5 | 2c75d1a68a555f28effe145e2790d120 |
| SHA1 | ac75998b5261d6a7028e498712e6ead365638684 |
| SHA256 | 83b221bde98c681483e62901565aff57dde1d1db3a3438d4e86dce173fbbdfbe |
| SHA512 | ec1b5bf408c80252d6afcf7bd659c31765ad6496d556c26e8d3d0ba417109e351cebecd6b255138e4e68aeefdf2e0ae6f75a67abe79e1d6d60e6c6a3edcfc0b4 |
C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
| MD5 | d122f827c4fc73f9a06d7f6f2d08cd95 |
| SHA1 | cd1d1dc2c79c0ee394b72efc264cfd54d96e1ee5 |
| SHA256 | b7a6dcfdd64173ecbcef562fd74aee07f3639fa863bd5740c7e72ddc0592b4fc |
| SHA512 | 8755979d7383d6cb5e7d63798c9ca8b9c0faeec1fe81907fc75bbbb7be6754ab7b5a09a98492a27f90e3f26951b6891c43d8acd21414fb603cd86a4e10dac986 |
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\powershell.exe.log
| MD5 | 1c19c16e21c97ed42d5beabc93391fc5 |
| SHA1 | 8ad83f8e0b3acf8dfbbf87931e41f0d664c4df68 |
| SHA256 | 1bcd97396c83babfe6c5068ba590d7a3f8b70e72955a9d1e4070648e404cbf05 |
| SHA512 | 7d18776d8f649b3d29c182ff03efc6cea8b527542ee55304980f24577aae8b64e37044407776e220984346c3998ace5f8853afa58c8b38407482a728e9495e0c |
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
| MD5 | d4a76b3fc41019cb4cc036559d0c8aa8 |
| SHA1 | 2da58aebc29b4b6823c9521a00fc6448be19001e |
| SHA256 | 809be1b1ba71c6eef154c44c71c57f727a396467e72bb51f2fba903da8451141 |
| SHA512 | 33914e0fd1a2220a806ef1e5a728f7fbb2badde0fdc991f9838c211f8941d61e96c1ab5d79a0485840b7cab78c33451c99b7fc7eb3128eba91d727bc15fece57 |
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
| MD5 | 278ee6bf8484f146633986ae9474017d |
| SHA1 | 41276a98874ff66249dd885828ed56342d66fdec |
| SHA256 | 5d6918edcf49355211290e06d0789d83da0696139a2cbe46fc16a01f986ebe6a |
| SHA512 | 43be9dab971546d2c53d31293e24bd25a4f0a2bb5c2d0c3d38185dd008de0238ef8c6ffe9edea2328490ff48bf0841a2df901b89f8b2ad035cfca3896f122023 |
C:\ProgramData\xcfonrchdkar\vueqjgslwynd.exe
| MD5 | b03886cb64c04b828b6ec1b2487df4a4 |
| SHA1 | a7b9a99950429611931664950932f0e5525294a4 |
| SHA256 | 5dfaa8987f5d0476b835140d8a24fb1d9402e390bbe92b8565da09581bd895fc |
| SHA512 | 21d1a5a4a218411c2ec29c9ca34ce321f6514e7ca3891eded8c3274aeb230051661a86eda373b9a006554e067de89d816aa1fa864acf0934bbb16a6034930659 |
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
| MD5 | efdb56e07da4ddcb0aa217c96f315d47 |
| SHA1 | a86638e7398003952e07a43442d2eea4d82b9460 |
| SHA256 | 0a3e76d7df93f1aa5d17adb4fe9757a0390ec6a70881be377dcdb128b480fffb |
| SHA512 | 7d5a2ca08193b3e1fdf3453e61bf5282fc3af08740159ecd9cfb42b30791301aa041c42b6204d6dffa50ca940febfc9e6eefda574e9bd9f6d70d99dcad5f8b43 |
C:\Users\Admin\AppData\Roaming\agawthj
| MD5 | 4e561b93dd483b04489b0f795b511305 |
| SHA1 | f6c3fbb2c546affcd2ce431eeb194e04b46e27e0 |
| SHA256 | 0bde5aeee6547d5fefd4d736958e5ccc14feebf3e7e8bf2142573fff6b73d297 |
| SHA512 | a1d17a6c4f7a1765ccbf9f39213b12510386a7a28e9b916a17628353dd8b82c34cd8eeb5faf0ed0f10a1d6b936bec6a946d99c6f35441613c019eebf8034036e |
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
| MD5 | 58676ed9797350220faf005722f781d5 |
| SHA1 | f4ba874e62a9dec1c6de3d15317b8fd2b87ae176 |
| SHA256 | 1df85c0ffa1d459f7c78216dc9145c4a2836411c1855b876fe898d569e366056 |
| SHA512 | 6a65e84f3f95c25f3923463ae32c4b100f50f8bb42f8f56a0ea263f2befbb406d17165d4ba762aba79966b6596431cf65bd0c8aae817458669224a075e01d766 |
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
| MD5 | 0f38a17bbaa7b6f75f51c671be981097 |
| SHA1 | ee95e5225cfb623b6ddd58902bf72504993e2030 |
| SHA256 | 03f4d293b34e18f429d34282179a04a705d448f3b88b88982486997f6cd51f39 |
| SHA512 | 429100ae213ea857fa3fefea7b512bb616219f76cf2a55a4735776650806d42582ff886cd4779a1406d2bc9d0f514c93e40c3d12d9e764ffa8b880067bd704a2 |
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
| MD5 | dbdeeb102a8ea7a63ac2d771da0e5019 |
| SHA1 | 7e726231f16464c5f34754e1b7fa885cafe8b6dc |
| SHA256 | 60025976ca2d745f8e8fe7d587cea643c97a9b2b612f0ce22e1930cd492ec307 |
| SHA512 | 80ee3a510c699f7b8adcd902efc4af832d20cd13f9cb6bc0e96b06e257998a81255287e835f188c9cbb871279053b85bdb1584f117dcae7f91893db814095b4b |
C:\Users\Admin\AppData\Local\Temp\csrss\injector\injector.exe
| MD5 | d98e33b66343e7c96158444127a117f6 |
| SHA1 | bb716c5509a2bf345c6c1152f6e3e1452d39d50d |
| SHA256 | 5de4e2b07a26102fe527606ce5da1d5a4b938967c9d380a3c5fe86e2e34aaaf1 |
| SHA512 | 705275e4a1ba8205eb799a8cf1737bc8ba686925e52c9198a6060a7abeee65552a85b814ac494a4b975d496a63be285f19a6265550585f2fc85824c42d7efab5 |