Analysis Overview
SHA256
5380545e7434690f9ef25e663ba36c3c98315f066059aeb41bc11f164c7b1165
Threat Level: Known bad
The file 8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118 was found to be: Known bad.
Malicious Activity Summary
simda
Modifies WinLogon for persistence
Simda family
Adds Run key to start application
Modifies WinLogon
Unsigned PE
System Location Discovery: System Language Discovery
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-03 13:03
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-03 13:03
Reported
2024-11-03 13:09
Platform
win7-20241010-en
Max time kernel
150s
Max time network
154s
Command Line
Signatures
Modifies WinLogon for persistence
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\userinit = "C:\\Windows\\system32\\userinit.exe,C:\\Users\\Admin\\AppData\\Local\\Temp\\8B9E8E~1.EXE," | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
Simda family
simda
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Windows\CurrentVersion\Run\userinit = "C:\\Users\\Admin\\AppData\\Local\\Temp\\8B9E8E~1.EXE" | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
Modifies WinLogon
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\df64fca2 = "™ís‡W¿˜\x17Û\x1d+\n}Y‹^_¼[–\x13~ÞÛ\x18·¶ã\x02Û2ªÇk\x7f•c\x02òùÜî'Më\n\f=7R¼:äF\x19\a\x19l\x13ÃÞÂ\x14F¼L" | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System = "C:\\Users\\Admin\\AppData\\Local\\Temp\\8B9E8E~1.EXE" | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeSecurityPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe"
Network
| Country | Destination | Domain | Proto |
| GB | 92.123.128.181:80 | www.bing.com | tcp |
| US | 8.8.8.8:53 | cihunemyror.eu | udp |
| DE | 178.162.203.202:80 | cihunemyror.eu | tcp |
| US | 8.8.8.8:53 | vofozymufok.eu | udp |
| US | 8.8.8.8:53 | nopegymozow.eu | udp |
| US | 8.8.8.8:53 | marytymenok.eu | udp |
| US | 8.8.8.8:53 | qeqinuqypoq.eu | udp |
| US | 8.8.8.8:53 | rynazuqihoj.eu | udp |
| DE | 178.162.203.226:80 | rynazuqihoj.eu | tcp |
| US | 8.8.8.8:53 | tucyguqaciq.eu | udp |
| NL | 85.17.31.82:80 | tucyguqaciq.eu | tcp |
| US | 8.8.8.8:53 | puzutuqeqij.eu | udp |
| NL | 5.79.71.205:80 | puzutuqeqij.eu | tcp |
| US | 8.8.8.8:53 | dikoniwudim.eu | udp |
| DE | 178.162.203.211:80 | dikoniwudim.eu | tcp |
| US | 8.8.8.8:53 | fogeliwokih.eu | udp |
| DE | 178.162.217.107:80 | fogeliwokih.eu | tcp |
| US | 8.8.8.8:53 | gadufiwabim.eu | udp |
| NL | 85.17.31.122:80 | gadufiwabim.eu | tcp |
| US | 8.8.8.8:53 | jepororyrih.eu | udp |
| DE | 178.162.203.226:80 | jepororyrih.eu | tcp |
| US | 8.8.8.8:53 | keraborigin.eu | udp |
| NL | 5.79.71.205:80 | keraborigin.eu | tcp |
| US | 8.8.8.8:53 | digivehusyd.eu | udp |
| DE | 178.162.203.211:80 | digivehusyd.eu | tcp |
| US | 8.8.8.8:53 | fodakyhijyv.eu | udp |
| NL | 5.79.71.225:80 | fodakyhijyv.eu | tcp |
| US | 8.8.8.8:53 | gatedyhavyd.eu | udp |
| DE | 178.162.203.211:80 | gatedyhavyd.eu | tcp |
| US | 8.8.8.8:53 | jewuqyjywyv.eu | udp |
| US | 8.8.8.8:53 | kemocujufys.eu | udp |
| NL | 5.79.71.225:80 | kemocujufys.eu | tcp |
| US | 8.8.8.8:53 | lyvejujolec.eu | udp |
| US | 8.8.8.8:53 | xuxusujenes.eu | udp |
| US | 8.8.8.8:53 | ciliqikytec.eu | udp |
| US | 8.8.8.8:53 | vojacikigep.eu | udp |
| US | 8.8.8.8:53 | nofyjikoxex.eu | udp |
| US | 8.8.8.8:53 | masisokemep.eu | udp |
| US | 8.8.8.8:53 | qetoqolusex.eu | udp |
| US | 8.8.8.8:53 | ryqecolijet.eu | udp |
| NL | 85.17.31.122:80 | ryqecolijet.eu | tcp |
| NL | 5.79.71.205:80 | ryqecolijet.eu | tcp |
| US | 8.8.8.8:53 | tunujolavez.eu | udp |
| US | 8.8.8.8:53 | puvopalywet.eu | udp |
| US | 8.8.8.8:53 | dixemazufel.eu | udp |
| US | 8.8.8.8:53 | fokyxazolar.eu | udp |
| US | 8.8.8.8:53 | gahihezenal.eu | udp |
| DE | 178.162.203.226:80 | gahihezenal.eu | tcp |
| US | 8.8.8.8:53 | jefapexytar.eu | udp |
| US | 8.8.8.8:53 | kepymexihak.eu | udp |
| US | 8.8.8.8:53 | lyruxyxaxaw.eu | udp |
| DE | 178.162.203.226:80 | lyruxyxaxaw.eu | tcp |
| US | 8.8.8.8:53 | xuqohyxeqak.eu | udp |
| US | 8.8.8.8:53 | cinepycusaw.eu | udp |
| US | 8.8.8.8:53 | vocumucokaj.eu | udp |
| US | 8.8.8.8:53 | nozoxucavaq.eu | udp |
| US | 8.8.8.8:53 | makagucyraj.eu | udp |
| US | 8.8.8.8:53 | qegytuvufoq.eu | udp |
| US | 8.8.8.8:53 | rydinivoloh.eu | udp |
| US | 8.8.8.8:53 | tupazivenom.eu | udp |
| US | 8.8.8.8:53 | puregivytoh.eu | udp |
| US | 8.8.8.8:53 | dimutobihom.eu | udp |
| US | 8.8.8.8:53 | fobonobaxog.eu | udp |
| US | 8.8.8.8:53 | lymylorozig.eu | udp |
| US | 8.8.8.8:53 | cicaratupig.eu | udp |
| US | 8.8.8.8:53 | volebatijub.eu | udp |
| US | 8.8.8.8:53 | xubifaremin.eu | udp |
| US | 8.8.8.8:53 | nojuletacuf.eu | udp |
| US | 8.8.8.8:53 | magofetequb.eu | udp |
| US | 8.8.8.8:53 | qederepuduf.eu | udp |
| US | 8.8.8.8:53 | rytuvepokuv.eu | udp |
| US | 8.8.8.8:53 | tuwikypabud.eu | udp |
| US | 8.8.8.8:53 | divywysigud.eu | udp |
| US | 8.8.8.8:53 | pumadypyruv.eu | udp |
| US | 8.8.8.8:53 | foxivusozuc.eu | udp |
| US | 8.8.8.8:53 | galokusemus.eu | udp |
| US | 8.8.8.8:53 | jejedudupuc.eu | udp |
| US | 8.8.8.8:53 | kefuwidijyp.eu | udp |
| US | 8.8.8.8:53 | lysovidacyx.eu | udp |
| US | 8.8.8.8:53 | xutekidywyp.eu | udp |
| US | 8.8.8.8:53 | ciqydofudyx.eu | udp |
| US | 8.8.8.8:53 | voniqofolyt.eu | udp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.202:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.226:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.205:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| DE | 178.162.217.107:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.82:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 85.17.31.122:80 | voniqofolyt.eu | tcp |
| DE | 178.162.203.211:80 | voniqofolyt.eu | tcp |
| NL | 5.79.71.225:80 | voniqofolyt.eu | tcp |
| US | 8.8.8.8:53 | jecijyjudew.eu | udp |
| US | 8.8.8.8:53 | lykemujebeq.eu | udp |
| US | 8.8.8.8:53 | kezapyjolek.eu | udp |
| US | 8.8.8.8:53 | xuguxujytej.eu | udp |
| US | 8.8.8.8:53 | cidohukigeq.eu | udp |
| US | 8.8.8.8:53 | vopepukaxej.eu | udp |
| US | 8.8.8.8:53 | norumikemem.eu | udp |
| US | 8.8.8.8:53 | gacezobeqon.eu | udp |
| US | 8.8.8.8:53 | jeluganusog.eu | udp |
| US | 8.8.8.8:53 | mamixikusah.eu | udp |
| US | 8.8.8.8:53 | qebahilojam.eu | udp |
| US | 8.8.8.8:53 | rycypolavag.eu | udp |
| US | 8.8.8.8:53 | tulimolywan.eu | udp |
| US | 8.8.8.8:53 | pujoxolufag.eu | udp |
| US | 8.8.8.8:53 | digegazolan.eu | udp |
| US | 8.8.8.8:53 | fodutazenaf.eu | udp |
| US | 8.8.8.8:53 | gatonazytab.eu | udp |
| US | 8.8.8.8:53 | jewezexigaf.eu | udp |
| US | 8.8.8.8:53 | kemygexaxab.eu | udp |
| US | 8.8.8.8:53 | lyvitexemod.eu | udp |
| US | 8.8.8.8:53 | xuxanexusov.eu | udp |
| US | 8.8.8.8:53 | cilyzycojod.eu | udp |
| US | 8.8.8.8:53 | vojugycavov.eu | udp |
| US | 8.8.8.8:53 | nofotycywos.eu | udp |
| US | 8.8.8.8:53 | masenucifoc.eu | udp |
| US | 8.8.8.8:53 | novacofebyz.eu | udp |
| US | 8.8.8.8:53 | qekusagigyz.eu | udp |
| US | 8.8.8.8:53 | tufecagemyl.eu | udp |
| US | 8.8.8.8:53 | pupujeguper.eu | udp |
| US | 8.8.8.8:53 | dirosehijel.eu | udp |
| US | 8.8.8.8:53 | foqaqehacew.eu | udp |
| US | 8.8.8.8:53 | ganycyhywek.eu | udp |
| US | 8.8.8.8:53 | gadaqusupyj.eu | udp |
| US | 8.8.8.8:53 | kejitanokon.eu | udp |
| US | 8.8.8.8:53 | lygananavof.eu | udp |
| US | 8.8.8.8:53 | jepycudijyq.eu | udp |
| US | 8.8.8.8:53 | xudylenyrob.eu | udp |
| US | 8.8.8.8:53 | citifemifif.eu | udp |
| US | 8.8.8.8:53 | voworemoziv.eu | udp |
| US | 8.8.8.8:53 | nomebemenid.eu | udp |
| US | 8.8.8.8:53 | qexofyqihid.eu | udp |
| US | 8.8.8.8:53 | ryleryqacic.eu | udp |
| US | 8.8.8.8:53 | tujybuqeqis.eu | udp |
| US | 8.8.8.8:53 | pufiluqudic.eu | udp |
| US | 8.8.8.8:53 | disafuwokis.eu | udp |
| US | 8.8.8.8:53 | fotyriwavix.eu | udp |
| US | 8.8.8.8:53 | gaquviwyrup.eu | udp |
| US | 8.8.8.8:53 | kevedorozup.eu | udp |
| US | 8.8.8.8:53 | jenokirifux.eu | udp |
| US | 8.8.8.8:53 | xukovoruput.eu | udp |
| US | 8.8.8.8:53 | cihakotihuz.eu | udp |
| US | 8.8.8.8:53 | vofydatacut.eu | udp |
| US | 8.8.8.8:53 | nopiwatyqul.eu | udp |
| US | 8.8.8.8:53 | maravatudur.eu | udp |
| US | 8.8.8.8:53 | qeqekepokul.eu | udp |
| US | 8.8.8.8:53 | rynudepebur.eu | udp |
| US | 8.8.8.8:53 | tucoqepyryk.eu | udp |
| US | 8.8.8.8:53 | puzecypigyw.eu | udp |
| US | 8.8.8.8:53 | dikujysozyk.eu | udp |
| US | 8.8.8.8:53 | fogisysemyq.eu | udp |
| US | 8.8.8.8:53 | mavulymupiv.eu | udp |
| US | 8.8.8.8:53 | maxyjofytyt.eu | udp |
| US | 8.8.8.8:53 | lyxuworenuz.eu | udp |
| US | 8.8.8.8:53 | ryhoqagoxyr.eu | udp |
| DE | 178.162.203.226:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.225:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.225:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.226:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.225:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.226:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.226:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.226:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.226:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.226:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.226:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.225:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.225:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.225:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.226:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.225:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.225:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.217.107:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.225:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.225:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.226:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.211:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.226:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.122:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| DE | 178.162.203.202:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 85.17.31.82:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
| NL | 5.79.71.205:80 | ryhoqagoxyr.eu | tcp |
Files
memory/840-0-0x0000000000400000-0x0000000000457000-memory.dmp
memory/840-1-0x00000000006B0000-0x0000000000716000-memory.dmp
memory/840-2-0x0000000000400000-0x0000000000439000-memory.dmp
memory/840-4-0x0000000000B70000-0x0000000000C22000-memory.dmp
memory/840-14-0x0000000000B70000-0x0000000000C22000-memory.dmp
memory/840-13-0x0000000000B70000-0x0000000000C22000-memory.dmp
memory/840-10-0x0000000000B70000-0x0000000000C22000-memory.dmp
memory/840-8-0x0000000000B70000-0x0000000000C22000-memory.dmp
memory/840-6-0x0000000000B70000-0x0000000000C22000-memory.dmp
memory/840-15-0x0000000000400000-0x0000000000457000-memory.dmp
memory/840-16-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-18-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-20-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-41-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-55-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-44-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-72-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-43-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-42-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-59-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-49-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-48-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-47-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-46-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-45-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-75-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-50-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-51-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-52-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-86-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-85-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-84-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-83-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-82-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-81-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-80-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-79-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-78-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-77-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-76-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-74-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-73-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-71-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-70-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-69-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-68-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-67-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-66-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-65-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-64-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-63-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-62-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-61-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-60-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-58-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-57-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-56-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-54-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-53-0x0000000002170000-0x0000000002228000-memory.dmp
memory/840-110-0x00000000006B0000-0x0000000000716000-memory.dmp
memory/840-111-0x0000000000400000-0x0000000000439000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-03 13:03
Reported
2024-11-03 13:10
Platform
win10v2004-20241007-en
Max time kernel
150s
Max time network
153s
Command Line
Signatures
Modifies WinLogon for persistence
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\userinit = "C:\\Windows\\system32\\userinit.exe,C:\\Users\\Admin\\AppData\\Local\\Temp\\8B9E8E~1.EXE," | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
Simda family
simda
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\userinit = "C:\\Users\\Admin\\AppData\\Local\\Temp\\8B9E8E~1.EXE" | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
Modifies WinLogon
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\b1361512 = "òбT»?Ë\nNØÝ”¡\x1b!4Mw9)Îü™¡/ìÄ¡QéŠh°Œè_!ô‰Pc½ØïÌ“\"Ñ\u009d;á\u008dÿÙ¦‘\x01Á.™Ð8\x1bù×ñ\x1eÂD\x13\v\x1e~,Êâ‹Û[-\v}’ðuוÕ1?·\x18\x1amB°åp-p˜)É‘\x10и‡á'Õ\x15É¿½ép}ZÒé\x17¢\a\x18ªAQÚU]Ï8€\x05ˆÊ\x05mU=\u009dŸieEèJ ç}¥ •\x05õY½çïø\"]ò\u0081Õµå-Ù`¸JMà%\x18íÕ=¹múmM%½]ù\x15…8á@\u00a0È-\x1aJ¿\x15õ½M˜…ݽrÐÝï¿x(‰(Hu‰\x10…͸\x11M’ù=è\x7f¨à\u00a0˜\u00adÕ\x10\x0fQ\u008f\"à\x12¢PÚçu\u0090-9ý!Ð`í÷\u008d\x7f" | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System = "C:\\Users\\Admin\\AppData\\Local\\Temp\\8B9E8E~1.EXE" | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeSecurityPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\8b9e8e3b80d6c18f3e2d383cdd18f126_JaffaCakes118.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| GB | 92.123.128.158:80 | www.bing.com | tcp |
| US | 8.8.8.8:53 | cihunemyror.eu | udp |
| US | 8.8.8.8:53 | digivehusyd.eu | udp |
| US | 8.8.8.8:53 | vofozymufok.eu | udp |
| US | 8.8.8.8:53 | fodakyhijyv.eu | udp |
| US | 8.8.8.8:53 | nopegymozow.eu | udp |
| US | 8.8.8.8:53 | gatedyhavyd.eu | udp |
| US | 8.8.8.8:53 | marytymenok.eu | udp |
| US | 8.8.8.8:53 | jewuqyjywyv.eu | udp |
| US | 8.8.8.8:53 | qeqinuqypoq.eu | udp |
| US | 8.8.8.8:53 | kemocujufys.eu | udp |
| US | 8.8.8.8:53 | rynazuqihoj.eu | udp |
| US | 8.8.8.8:53 | lyvejujolec.eu | udp |
| US | 8.8.8.8:53 | tucyguqaciq.eu | udp |
| US | 8.8.8.8:53 | xuxusujenes.eu | udp |
| US | 8.8.8.8:53 | puzutuqeqij.eu | udp |
| US | 8.8.8.8:53 | ciliqikytec.eu | udp |
| US | 8.8.8.8:53 | dikoniwudim.eu | udp |
| US | 8.8.8.8:53 | vojacikigep.eu | udp |
| US | 8.8.8.8:53 | fogeliwokih.eu | udp |
| US | 8.8.8.8:53 | nofyjikoxex.eu | udp |
| US | 8.8.8.8:53 | gadufiwabim.eu | udp |
| US | 8.8.8.8:53 | masisokemep.eu | udp |
| NL | 5.79.71.225:80 | masisokemep.eu | tcp |
| US | 8.8.8.8:53 | jepororyrih.eu | udp |
| US | 8.8.8.8:53 | qetoqolusex.eu | udp |
| US | 8.8.8.8:53 | keraborigin.eu | udp |
| US | 8.8.8.8:53 | ryqecolijet.eu | udp |
| US | 8.8.8.8:53 | lymylorozig.eu | udp |
| US | 8.8.8.8:53 | tunujolavez.eu | udp |
| DE | 178.162.203.211:80 | tunujolavez.eu | tcp |
| DE | 178.162.203.226:80 | tunujolavez.eu | tcp |
| DE | 178.162.203.211:80 | tunujolavez.eu | tcp |
| NL | 85.17.31.122:80 | tunujolavez.eu | tcp |
| NL | 85.17.31.122:80 | tunujolavez.eu | tcp |
| NL | 85.17.31.122:80 | tunujolavez.eu | tcp |
| DE | 178.162.203.211:80 | tunujolavez.eu | tcp |
| DE | 178.162.203.202:80 | tunujolavez.eu | tcp |
| DE | 178.162.203.202:80 | tunujolavez.eu | tcp |
| DE | 178.162.203.202:80 | tunujolavez.eu | tcp |
| NL | 85.17.31.82:80 | tunujolavez.eu | tcp |
| DE | 178.162.203.211:80 | tunujolavez.eu | tcp |
| DE | 178.162.203.226:80 | tunujolavez.eu | tcp |
| NL | 5.79.71.205:80 | tunujolavez.eu | tcp |
| US | 8.8.8.8:53 | xubifaremin.eu | udp |
| NL | 85.17.31.82:80 | xubifaremin.eu | tcp |
| DE | 178.162.203.202:80 | xubifaremin.eu | tcp |
| DE | 178.162.203.226:80 | xubifaremin.eu | tcp |
| NL | 85.17.31.82:80 | xubifaremin.eu | tcp |
| NL | 5.79.71.225:80 | xubifaremin.eu | tcp |
| DE | 178.162.203.226:80 | xubifaremin.eu | tcp |
| DE | 178.162.203.226:80 | xubifaremin.eu | tcp |
| US | 8.8.8.8:53 | puvopalywet.eu | udp |
| NL | 5.79.71.225:80 | puvopalywet.eu | tcp |
| US | 8.8.8.8:53 | cicaratupig.eu | udp |
| US | 8.8.8.8:53 | dixemazufel.eu | udp |
| US | 8.8.8.8:53 | volebatijub.eu | udp |
| US | 8.8.8.8:53 | fokyxazolar.eu | udp |
| DE | 178.162.203.226:80 | fokyxazolar.eu | tcp |
| US | 8.8.8.8:53 | nojuletacuf.eu | udp |
| US | 8.8.8.8:53 | gahihezenal.eu | udp |
| US | 8.8.8.8:53 | magofetequb.eu | udp |
| US | 8.8.8.8:53 | jefapexytar.eu | udp |
| NL | 85.17.31.122:80 | jefapexytar.eu | tcp |
| US | 8.8.8.8:53 | qederepuduf.eu | udp |
| US | 8.8.8.8:53 | kepymexihak.eu | udp |
| US | 8.8.8.8:53 | rytuvepokuv.eu | udp |
| US | 8.8.8.8:53 | lyruxyxaxaw.eu | udp |
| NL | 5.79.71.205:80 | lyruxyxaxaw.eu | tcp |
| US | 8.8.8.8:53 | tuwikypabud.eu | udp |
| US | 8.8.8.8:53 | xuqohyxeqak.eu | udp |
| US | 8.8.8.8:53 | pumadypyruv.eu | udp |
| US | 8.8.8.8:53 | cinepycusaw.eu | udp |
| US | 8.8.8.8:53 | divywysigud.eu | udp |
| US | 8.8.8.8:53 | vocumucokaj.eu | udp |
| US | 8.8.8.8:53 | foxivusozuc.eu | udp |
| US | 8.8.8.8:53 | nozoxucavaq.eu | udp |
| US | 8.8.8.8:53 | galokusemus.eu | udp |
| US | 8.8.8.8:53 | makagucyraj.eu | udp |
| US | 8.8.8.8:53 | qegytuvufoq.eu | udp |
| US | 8.8.8.8:53 | kefuwidijyp.eu | udp |
| US | 8.8.8.8:53 | rydinivoloh.eu | udp |
| US | 8.8.8.8:53 | lysovidacyx.eu | udp |
| US | 8.8.8.8:53 | tupazivenom.eu | udp |
| US | 8.8.8.8:53 | xutekidywyp.eu | udp |
| US | 8.8.8.8:53 | puregivytoh.eu | udp |
| US | 8.8.8.8:53 | ciqydofudyx.eu | udp |
| US | 8.8.8.8:53 | dimutobihom.eu | udp |
| US | 8.8.8.8:53 | jejedudupuc.eu | udp |
| US | 8.8.8.8:53 | voniqofolyt.eu | udp |
| US | 8.8.8.8:53 | fobonobaxog.eu | udp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.217.107:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| US | 8.8.8.8:53 | 158.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.31.17.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.31.17.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.27.10:443 | g.bing.com | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.217.107:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| DE | 178.162.217.107:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.217.107:80 | fobonobaxog.eu | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| US | 8.8.8.8:53 | 225.71.79.5.in-addr.arpa | udp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| US | 8.8.8.8:53 | 211.203.162.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.71.79.5.in-addr.arpa | udp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| US | 8.8.8.8:53 | 202.203.162.178.in-addr.arpa | udp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| DE | 178.162.217.107:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.217.107:80 | fobonobaxog.eu | tcp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| DE | 178.162.217.107:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| US | 8.8.8.8:53 | 92.12.20.2.in-addr.arpa | udp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.217.107:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| DE | 178.162.217.107:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| DE | 178.162.217.107:80 | fobonobaxog.eu | tcp |
| DE | 178.162.217.107:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.225:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.202:80 | fobonobaxog.eu | tcp |
| DE | 178.162.217.107:80 | fobonobaxog.eu | tcp |
| DE | 178.162.217.107:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| DE | 178.162.203.211:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| NL | 5.79.71.205:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| DE | 178.162.203.226:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.122:80 | fobonobaxog.eu | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| DE | 178.162.217.107:80 | fobonobaxog.eu | tcp |
| NL | 85.17.31.82:80 | fobonobaxog.eu | tcp |
| US | 8.8.8.8:53 | novacofebyz.eu | udp |
| US | 8.8.8.8:53 | gacezobeqon.eu | udp |
| US | 8.8.8.8:53 | maxyjofytyt.eu | udp |
| US | 8.8.8.8:53 | jeluganusog.eu | udp |
| US | 8.8.8.8:53 | qekusagigyz.eu | udp |
| US | 8.8.8.8:53 | kejitanokon.eu | udp |
| US | 8.8.8.8:53 | ryhoqagoxyr.eu | udp |
| US | 8.8.8.8:53 | lygananavof.eu | udp |
| US | 8.8.8.8:53 | tufecagemyl.eu | udp |
| US | 8.8.8.8:53 | xudylenyrob.eu | udp |
| US | 8.8.8.8:53 | pupujeguper.eu | udp |
| US | 8.8.8.8:53 | citifemifif.eu | udp |
| US | 8.8.8.8:53 | dirosehijel.eu | udp |
| US | 8.8.8.8:53 | voworemoziv.eu | udp |
| US | 8.8.8.8:53 | foqaqehacew.eu | udp |
| US | 8.8.8.8:53 | nomebemenid.eu | udp |
| US | 8.8.8.8:53 | ganycyhywek.eu | udp |
| US | 8.8.8.8:53 | mavulymupiv.eu | udp |
| US | 8.8.8.8:53 | jecijyjudew.eu | udp |
| US | 8.8.8.8:53 | qexofyqihid.eu | udp |
| US | 8.8.8.8:53 | kezapyjolek.eu | udp |
| US | 8.8.8.8:53 | ryleryqacic.eu | udp |
| US | 8.8.8.8:53 | lykemujebeq.eu | udp |
| US | 8.8.8.8:53 | tujybuqeqis.eu | udp |
| US | 8.8.8.8:53 | xuguxujytej.eu | udp |
| US | 8.8.8.8:53 | pufiluqudic.eu | udp |
| US | 8.8.8.8:53 | cidohukigeq.eu | udp |
| US | 8.8.8.8:53 | disafuwokis.eu | udp |
| US | 8.8.8.8:53 | vopepukaxej.eu | udp |
| US | 8.8.8.8:53 | fotyriwavix.eu | udp |
| US | 8.8.8.8:53 | norumikemem.eu | udp |
| US | 8.8.8.8:53 | gaquviwyrup.eu | udp |
| DE | 178.162.203.226:80 | gaquviwyrup.eu | tcp |
| NL | 85.17.31.82:80 | gaquviwyrup.eu | tcp |
| NL | 85.17.31.122:80 | gaquviwyrup.eu | tcp |
| NL | 5.79.71.225:80 | gaquviwyrup.eu | tcp |
| NL | 5.79.71.225:80 | gaquviwyrup.eu | tcp |
| DE | 178.162.203.226:80 | gaquviwyrup.eu | tcp |
| NL | 5.79.71.225:80 | gaquviwyrup.eu | tcp |
| NL | 5.79.71.205:80 | gaquviwyrup.eu | tcp |
| DE | 178.162.203.226:80 | gaquviwyrup.eu | tcp |
| NL | 5.79.71.205:80 | gaquviwyrup.eu | tcp |
| NL | 85.17.31.82:80 | gaquviwyrup.eu | tcp |
| DE | 178.162.203.226:80 | gaquviwyrup.eu | tcp |
| NL | 85.17.31.122:80 | gaquviwyrup.eu | tcp |
| US | 8.8.8.8:53 | mamixikusah.eu | udp |
| DE | 178.162.203.202:80 | mamixikusah.eu | tcp |
| DE | 178.162.203.226:80 | mamixikusah.eu | tcp |
| DE | 178.162.217.107:80 | mamixikusah.eu | tcp |
| DE | 178.162.203.202:80 | mamixikusah.eu | tcp |
| DE | 178.162.217.107:80 | mamixikusah.eu | tcp |
| NL | 5.79.71.205:80 | mamixikusah.eu | tcp |
| DE | 178.162.217.107:80 | mamixikusah.eu | tcp |
| DE | 178.162.203.202:80 | mamixikusah.eu | tcp |
| NL | 85.17.31.82:80 | mamixikusah.eu | tcp |
| NL | 5.79.71.225:80 | mamixikusah.eu | tcp |
| DE | 178.162.217.107:80 | mamixikusah.eu | tcp |
| NL | 85.17.31.122:80 | mamixikusah.eu | tcp |
| DE | 178.162.203.202:80 | mamixikusah.eu | tcp |
| US | 8.8.8.8:53 | kevedorozup.eu | udp |
| US | 8.8.8.8:53 | qebahilojam.eu | udp |
| US | 8.8.8.8:53 | rycypolavag.eu | udp |
| US | 8.8.8.8:53 | lyxuworenuz.eu | udp |
| US | 8.8.8.8:53 | tulimolywan.eu | udp |
| US | 8.8.8.8:53 | xukovoruput.eu | udp |
| US | 8.8.8.8:53 | cihakotihuz.eu | udp |
| US | 8.8.8.8:53 | digegazolan.eu | udp |
| US | 8.8.8.8:53 | vofydatacut.eu | udp |
| US | 8.8.8.8:53 | fodutazenaf.eu | udp |
| US | 8.8.8.8:53 | gatonazytab.eu | udp |
| US | 8.8.8.8:53 | nopiwatyqul.eu | udp |
| US | 8.8.8.8:53 | maravatudur.eu | udp |
| US | 8.8.8.8:53 | jewezexigaf.eu | udp |
| US | 8.8.8.8:53 | qeqekepokul.eu | udp |
| US | 8.8.8.8:53 | rynudepebur.eu | udp |
| US | 8.8.8.8:53 | lyvitexemod.eu | udp |
| US | 8.8.8.8:53 | kemygexaxab.eu | udp |
| US | 8.8.8.8:53 | tucoqepyryk.eu | udp |
| US | 8.8.8.8:53 | xuxanexusov.eu | udp |
| US | 8.8.8.8:53 | puzecypigyw.eu | udp |
| US | 8.8.8.8:53 | jenokirifux.eu | udp |
| US | 8.8.8.8:53 | pujoxolufag.eu | udp |
| US | 8.8.8.8:53 | fogisysemyq.eu | udp |
| US | 8.8.8.8:53 | nofotycywos.eu | udp |
| US | 8.8.8.8:53 | gadaqusupyj.eu | udp |
| US | 8.8.8.8:53 | masenucifoc.eu | udp |
| US | 8.8.8.8:53 | jepycudijyq.eu | udp |
| US | 8.8.8.8:53 | cilyzycojod.eu | udp |
| US | 8.8.8.8:53 | dikujysozyk.eu | udp |
| US | 8.8.8.8:53 | vojugycavov.eu | udp |
| DE | 178.162.203.226:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.226:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| DE | 178.162.217.107:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.226:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.211:80 | vojugycavov.eu | tcp |
| DE | 178.162.217.107:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.226:80 | vojugycavov.eu | tcp |
| DE | 178.162.217.107:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| DE | 178.162.217.107:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.226:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.211:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| DE | 178.162.217.107:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.226:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.211:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.211:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.211:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.211:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| DE | 178.162.217.107:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.211:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.226:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.211:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| DE | 178.162.217.107:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.226:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.226:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.202:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| DE | 178.162.217.107:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.226:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.211:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.122:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 85.17.31.82:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| DE | 178.162.203.211:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.225:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
| NL | 5.79.71.205:80 | vojugycavov.eu | tcp |
Files
memory/1572-0-0x0000000000400000-0x0000000000457000-memory.dmp
memory/1572-1-0x00000000021E0000-0x0000000002246000-memory.dmp
memory/1572-2-0x0000000000400000-0x0000000000439000-memory.dmp
memory/1572-4-0x0000000002740000-0x00000000027F2000-memory.dmp
memory/1572-5-0x0000000000400000-0x0000000000457000-memory.dmp
memory/1572-6-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-8-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-10-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-56-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-66-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-111-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-110-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-109-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-108-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-107-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-106-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-105-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-104-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-103-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-102-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-101-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-99-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-98-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-96-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-95-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-94-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-93-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-92-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-91-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-90-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-88-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-87-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-86-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-85-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-84-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-83-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-82-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-81-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-79-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-78-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-77-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-76-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-75-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-73-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-72-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-71-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-70-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-68-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-65-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-63-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-61-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-60-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-59-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-58-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-57-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-100-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-97-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-89-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-80-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-74-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-69-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-67-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-64-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-62-0x0000000002900000-0x00000000029B8000-memory.dmp
memory/1572-131-0x00000000021E0000-0x0000000002246000-memory.dmp
memory/1572-136-0x0000000000400000-0x0000000000439000-memory.dmp