d00ee0e6...12a6 | Sequential Behavior
Logo
Try VMRay Analyzer
VTI SCORE: 100/100
Dynamic Analysis Report
Classification: Hacktool, Trojan, Dropper, Exploit

d00ee0e6eab686424f8d383e151d22005f19adbda5b380a75669629e32fe12a6 (SHA256)

out.exe

Windows Exe (x86-32)

Created at 2018-10-16 14:28:00

...

Notifications (2/3)

Every worker has a preconfigured RAM disk size for temporary changes for all VMs and analyses. During this analysis, the amount of free RAM disk space dropped to a value below the minimum configured level, and as an result, the analysis was terminated prematurely.

The maximum number of reputation file hash requests (20 per analysis) was exceeded. As a result, the reputation status could not be queried for all file hashes. In order to get the reputation status for all file hashes, please increase the 'Max File Hash Requests' setting in the system configurations.

The operating system was rebooted during the analysis.

Grouped Sequential

Monitored Processes

Process Graph

Process Graph Legend
Process Overview
»
ID PID Monitor Reason Integrity Level Image Name Command Line Origin ID
#1 0x8e4 Analysis Target High (Elevated) out.exe "C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\out.exe" -
#2 0x908 Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c c:/windows/temp/zkts.exe #1
#3 0x910 Child Process High (Elevated) zkts.exe c:/windows/temp/zkts.exe #2
#4 0x930 Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c c:/windows/temp/m64.exe #1
#5 0x938 Child Process High (Elevated) m64.exe c:/windows/temp/m64.exe #4
#6 0x94c Child Process High (Elevated) ktsi.exe "C:\Windows\temp\ktsi.exe" #1
#7 0x964 Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c taskkill /F /IM mysqld.exe #6
#8 0x970 Child Process High (Elevated) taskkill.exe taskkill /F /IM mysqld.exe #7
#11 0x328 Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c taskkill /F /IM httpd.exe #6
#12 0x75c Child Process High (Elevated) taskkill.exe taskkill /F /IM httpd.exe #11
#13 0x7f8 Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c taskkill /F /IM sqlservr.exe #6
#14 0x868 Child Process High (Elevated) taskkill.exe taskkill /F /IM sqlservr.exe #13
#15 0x84c Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c taskkill /F /IM sqlwriter.exe #6
#16 0x854 Child Process High (Elevated) taskkill.exe taskkill /F /IM sqlwriter.exe #15
#17 0x890 Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c taskkill /F /IM w3wp.exe #6
#18 0x884 Child Process High (Elevated) taskkill.exe taskkill /F /IM w3wp.exe #17
#19 0x3a0 Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c taskkill /F /IM sqlagent.exe #6
#20 0x900 Child Process High (Elevated) taskkill.exe taskkill /F /IM sqlagent.exe #19
#21 0x700 Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c taskkill /F /IM fdhost.exe #6
#22 0x5f8 Child Process High (Elevated) taskkill.exe taskkill /F /IM fdhost.exe #21
#23 0x8b0 Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c taskkill /F /IM fdlauncher.exe #6
#24 0x91c Child Process High (Elevated) taskkill.exe taskkill /F /IM fdlauncher.exe #23
#25 0x8c4 Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c taskkill /F /IM reportingservicesservice.exe #6
#26 0x928 Child Process High (Elevated) taskkill.exe taskkill /F /IM reportingservicesservice.exe #25
#27 0x93c Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c taskkill /F /IM omtsreco.exe #6
#28 0x934 Child Process High (Elevated) taskkill.exe taskkill /F /IM omtsreco.exe #27
#29 0x978 Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c taskkill /F /IM tnslsnr.exe #6
#30 0x974 Child Process High (Elevated) taskkill.exe taskkill /F /IM tnslsnr.exe #29
#31 0x87c Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c taskkill /F /IM oracle.exe #6
#32 0x34c Child Process High (Elevated) taskkill.exe taskkill /F /IM oracle.exe #31
#33 0x918 Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c taskkill /F /IM emagent.exe #6
#34 0x8b8 Child Process High (Elevated) taskkill.exe taskkill /F /IM emagent.exe #33
#35 0x8cc Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c taskkill /F /IM mysqld-nt.exe #6
#36 0x8d8 Child Process High (Elevated) taskkill.exe taskkill /F /IM mysqld-nt.exe #35
#37 0x914 Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c vssadmin delete shadows /all /quiet&vssadmin delete shadows /all /quiet #6
#38 0x92c Child Process High (Elevated) vssadmin.exe vssadmin delete shadows /all /quiet #37
#40 0xbfc Child Process High (Elevated) vssadmin.exe vssadmin delete shadows /all /quiet #37
#41 0x71c Child Process High (Elevated) cmd.exe C:\Windows\system32\cmd.exe /c vssadmin delete shadows /all /quiet&vssadmin delete shadows /all /quiet #6
#42 0x81c Child Process High (Elevated) vssadmin.exe vssadmin delete shadows /all /quiet #41
#44 0x6c8 Child Process High (Elevated) vssadmin.exe vssadmin delete shadows /all /quiet #41
#46 0x4 Kernel Analysis System (Elevated) System - -

Behavior Information - Sequential View

Process #1: out.exe
299 6003
»
Information Value
ID #1
File Name c:\users\5p5nrgjn0js halpmcxz\desktop\out.exe
Command Line "C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\out.exe"
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:19, Reason: Analysis Target
Unmonitor End Time: 00:01:30, Reason: Self Terminated
Monitor Duration 00:01:11
OS Process Information
»
Information Value
PID 0x8e4
Parent PID 0x568 (c:\windows\explorer.exe)
Is Created or Modified Executable True
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 8E8
0x 944
0x 948
0x 96C
0x 97C
0x 980
0x 984
0x 988
0x 98C
0x 990
0x 994
0x 998
0x 99C
0x 9A0
0x 9A4
0x 9A8
0x 9AC
0x 9B0
0x 9B4
0x 9B8
0x 9BC
0x 9C0
0x 9C4
0x 9C8
0x 9CC
0x 9D0
0x 9D4
0x 9D8
0x 9DC
0x 9E0
0x 9E4
0x 9E8
0x 9EC
0x 9F0
0x 9F4
0x 9F8
0x 9FC
0x A00
0x A04
0x A08
0x A0C
0x A10
0x A14
0x A18
0x A1C
0x A20
0x A24
0x A28
0x A2C
0x A30
0x A34
0x A38
0x A3C
0x A40
0x A44
0x A48
0x A4C
0x A50
0x A54
0x A58
0x A5C
0x A60
0x A64
0x A68
0x A6C
0x A70
0x A74
0x A78
0x A7C
0x A80
0x A84
0x A88
0x A8C
0x A90
0x A94
0x A98
0x A9C
0x AA0
0x AA4
0x AA8
0x AAC
0x AB0
0x AB4
0x AB8
0x ABC
0x AC0
0x AC4
0x AC8
0x ACC
0x AD0
0x AD4
0x AD8
0x ADC
0x AE0
0x AE4
0x AE8
0x AEC
0x AF0
0x AF4
0x AF8
0x AFC
0x B00
0x B04
0x B08
0x B0C
0x B10
0x B14
0x B18
0x B1C
0x B20
0x B24
0x B28
0x B2C
0x B30
0x B34
0x B38
0x B3C
0x B40
0x B44
0x B48
0x B4C
0x B50
0x B54
0x B58
0x B5C
0x B60
0x B64
0x B68
0x B6C
0x B70
0x B74
0x B78
0x B7C
0x B80
0x B84
0x B88
0x B8C
0x B90
0x B94
0x B98
0x B9C
0x BA0
0x BA4
0x BA8
0x BAC
0x BB0
0x BB4
0x BB8
0x BBC
0x BC0
0x BC4
0x BC8
0x BCC
0x BD0
0x BD4
0x BD8
0x BDC
0x BE0
0x BE4
0x BE8
0x BEC
0x BF0
0x BF4
0x BF8
0x BFC
0x 804
0x 808
0x 4C4
0x 6E4
0x 464
0x 810
0x 5B0
0x 5E0
0x 278
0x 5FC
0x 45C
0x 3B4
0x 3C4
0x 4FC
0x 604
0x 658
0x 6D0
0x 674
0x 660
0x C4
0x 81C
0x 6E8
0x 71C
0x 6C8
0x 54C
0x 724
0x 180
0x 460
0x 824
0x 634
0x 7C8
0x 324
0x 344
0x 7C4
0x 5A0
0x 33C
0x 6A0
0x 69C
0x 458
0x 588
0x 470
0x 7F8
0x 928
0x 668
0x 320
0x 244
0x 930
0x 958
0x 938
0x 934
0x 940
0x 93C
0x 834
0x 880
0x 7EC
0x 418
0x 7F0
0x 968
0x 974
0x 7E8
0x 978
0x B0
0x 8A8
0x 8C0
0x 85C
0x 8BC
0x 848
0x 864
0x 850
0x 34C
0x 830
0x 87C
0x 8C8
0x 8A0
0x 8D4
0x 6BC
0x 700
0x 5F8
0x 8B8
0x 8B4
0x 918
0x 910
0x 908
0x 90C
0x 8A4
0x 8B0
0x 91C
0x 8D8
0x 8D0
0x 8CC
0x 970
0x 964
0x 328
0x 75C
0x 97C
0x 9BC
0x 9B8
0x 9B4
0x 9B0
0x 9AC
0x 9A8
0x 9A4
0x 9A0
0x 99C
0x 998
0x 994
0x 990
0x 98C
0x 988
0x 984
0x 980
0x 9F8
0x 9F4
0x 9F0
0x 9EC
0x 9E8
0x 9E4
0x 9E0
0x 9DC
0x 9D8
0x 9D4
0x 9D0
0x 9CC
0x 9C8
0x 9C4
0x 9C0
0x A44
0x A40
0x A3C
0x A38
0x A34
0x A30
0x A2C
0x A28
0x A24
0x A20
0x A1C
0x A18
0x A14
0x A10
0x A0C
0x A08
0x A04
0x A00
0x 9FC
0x A54
0x A50
0x A4C
0x A48
0x A58
0x A60
0x A64
0x A68
0x A6C
0x A70
0x A74
0x A78
0x A7C
0x AC0
0x ABC
0x AB8
0x AB4
0x AB0
0x AAC
0x AA8
0x AA4
0x AA0
0x A9C
0x A98
0x A94
0x A90
0x A8C
0x A88
0x A84
0x A80
0x B10
0x B0C
0x B08
0x B04
0x B00
0x AFC
0x AF8
0x AF4
0x AF0
0x AEC
0x AE8
0x AE4
0x AE0
0x ADC
0x AD8
0x AD4
0x AD0
0x ACC
0x AC8
0x AC4
0x B14
0x B18
0x B1C
0x B20
0x B24
0x B28
0x B2C
0x B30
0x B34
0x B38
0x B3C
0x B40
0x B44
0x B48
0x B4C
0x B50
0x B54
0x B6C
0x B68
0x B64
0x B60
0x B5C
0x B58
0x BBC
0x BB8
0x BB4
0x BB0
0x BAC
0x BA8
0x BA4
0x BA0
0x B9C
0x B98
0x B94
0x B90
0x B8C
0x B88
0x B84
0x B80
0x B7C
0x B78
0x B74
0x B70
0x BC0
0x BC4
0x BC8
0x BCC
0x BD0
0x 634
0x 7C8
0x 324
0x 344
0x 278
0x 470
0x 588
0x 458
0x 69C
0x 6A0
0x 33C
0x 5A0
0x 7C4
0x 4C4
0x 804
0x BDC
0x BE0
0x 808
0x BD4
0x BD8
0x 6C8
0x BEC
0x 54C
0x BF4
0x BF0
0x BF8
0x 924
0x 92C
0x BFC
0x 914
0x 180
0x 728
0x 41C
0x 824
0x 928
0x 880
0x 834
0x 93C
0x 940
0x 934
0x 938
0x 958
0x 930
0x 244
0x 320
0x 668
0x 7EC
0x B0
0x 978
0x 7E8
0x 974
0x 968
0x 7F0
0x 418
0x 830
0x 34C
0x 850
0x 864
0x 848
0x 8BC
0x 85C
0x 8C0
0x 8A8
0x 964
0x 970
0x 8CC
0x 8D0
0x 8D8
0x 91C
0x 8B0
0x 8A4
0x 90C
0x 908
0x 910
0x 918
0x 8B4
0x 8B8
0x 5F8
0x 700
0x 6BC
0x 8D4
0x 8A0
0x 8C8
0x 87C
0x 328
0x 75C
0x 97C
0x 9BC
0x 9B8
0x 9B4
0x 9B0
0x 9AC
0x 9A8
0x 9A4
0x 9A0
0x 99C
0x 998
0x 994
0x 990
0x 98C
0x 988
0x 984
0x 980
0x 9F8
0x 9F4
0x 9F0
0x A40
0x A44
0x 9C0
0x 9C4
0x 9C8
0x 9CC
0x 9D0
0x 9D4
0x 9D8
0x 9DC
0x 9E0
0x 9E4
0x 9E8
0x 9EC
0x A3C
0x A38
0x A34
0x A30
0x A2C
0x A28
0x A24
0x A20
0x A1C
0x A18
0x A14
0x A10
0x A0C
0x A08
0x A04
0x A00
0x 9FC
0x A54
0x A50
0x A4C
0x A48
0x A58
0x A60
0x A64
0x A68
0x A6C
0x A70
0x A74
0x A78
0x A7C
0x AC0
0x ABC
0x AB8
0x AB4
0x AB0
0x AAC
0x AA8
0x AA4
0x AA0
0x A9C
0x A98
0x A94
0x AF4
0x AF8
0x AFC
0x B00
0x B04
0x B08
0x B0C
0x B10
0x A80
0x A84
0x A88
0x A8C
0x A90
0x AF0
0x AEC
0x AE8
0x AE4
0x AE0
0x ADC
0x AD8
0x AD4
0x AD0
0x ACC
0x AC8
0x AC4
0x B14
0x B18
0x B1C
0x B20
0x B24
0x B28
0x B2C
0x B30
0x B34
0x B38
0x B3C
0x B40
0x B44
0x B48
0x B88
0x B8C
0x B90
0x B94
0x B98
0x B9C
0x BA0
0x BA4
0x BA8
0x BAC
0x BB0
0x BB4
0x BB8
0x B58
0x B5C
0x B60
0x B64
0x B68
0x B6C
0x BD0
0x BCC
0x BC8
0x BC4
0x BC0
0x B70
0x B74
0x B78
0x B7C
0x B80
0x 8C4
0x B50
0x B54
0x B84
0x 634
0x 470
0x 278
0x 344
0x 324
0x 7C8
0x 588
0x 458
0x 69C
0x 6A0
0x 33C
0x 5A0
0x 7C4
0x BBC
0x 4C4
0x 924
0x BF8
0x BF0
0x BF4
0x 54C
0x BEC
0x 6C8
0x BD8
0x BD4
0x 808
0x BE0
0x BDC
0x 804
0x 41C
0x 728
0x 180
0x 914
0x BFC
0x 92C
0x 824
0x 928
0x 880
0x 834
0x 93C
0x 940
0x 934
0x 938
0x 958
0x 930
0x 244
0x 320
0x 668
0x 7EC
0x B0
0x 978
0x 7E8
0x 974
0x 8A8
0x 8C0
0x 85C
0x 8BC
0x 848
0x 864
0x 850
0x 34C
0x 830
0x 418
0x 7F0
0x 968
0x 8D0
0x 8CC
0x 970
0x 964
0x 6BC
0x 700
0x 5F8
0x 8B8
0x 8B4
0x 918
0x 910
0x 908
0x 90C
0x 8A4
0x 8B0
0x 91C
0x 8D8
0x 9A4
0x 9A8
0x 9AC
0x 9B0
0x 9B4
0x 9B8
0x 9BC
0x 97C
0x 75C
0x 328
0x 87C
0x A20
0x A1C
0x A18
0x A14
0x A10
0x A0C
0x A08
0x A70
0x A6C
0x A68
0x A64
0x A60
0x A58
0x A48
0x A4C
0x A50
0x A54
0x 9FC
0x A00
0x A04
0x 8C8
0x 8A0
0x 8D4
0x 9A0
0x 99C
0x 998
0x 994
0x 990
0x 98C
0x 988
0x 984
0x 980
0x 9F8
0x 9F4
0x 9F0
0x A40
0x A44
0x A9C
0x AA0
0x AA4
0x AA8
0x AAC
0x AB0
0x AB4
0x AB8
0x ABC
0x AC0
0x A7C
0x A78
0x A74
0x 9C0
0x 9C4
0x 9C8
0x 9CC
0x 9D0
0x 9D4
0x AD8
0x ADC
0x AE0
0x AE4
0x AE8
0x AEC
0x AF0
0x A90
0x A8C
0x A88
0x A84
0x A80
0x B10
0x B0C
0x B08
0x B04
0x B00
0x AFC
0x AF8
0x AF4
0x B48
0x ACC
0x AC8
0x AC4
0x B14
0x B18
0x B1C
0x B20
0x B24
0x B28
0x B2C
0x B30
0x B34
0x B3C
0x 9D8
0x 9DC
0x 9E0
0x 9E4
0x 9E8
0x 9EC
0x A3C
0x A38
0x A34
0x A30
0x A2C
0x A28
0x A24
0x B4C
0x 758
0x 2A8
0x A94
0x A98
0x AD4
0x AD0
0x B88
0x B44
0x B8C
0x B90
0x B94
0x B98
0x B9C
0x BA0
0x BA4
0x BA8
0x BAC
0x BB0
0x BB4
0x BB8
0x B58
0x B38
0x B64
0x B60
0x B5C
0x B68
0x B50
0x 8C4
0x B80
0x B7C
0x B78
0x B74
0x B70
0x BC0
0x BC4
0x BC8
0x BCC
0x BD0
0x B6C
0x B54
0x B84
0x 634
0x 470
0x 278
0x 344
0x 324
0x 7C8
0x 588
0x 458
0x 69C
0x 6A0
0x 33C
0x 5A0
0x 7C4
0x BBC
0x 4C4
0x 924
0x BF8
0x 834
0x 880
0x 928
0x 824
0x 92C
0x BFC
0x 914
0x 180
0x 728
0x 41C
0x 804
0x BDC
0x BE0
0x 808
0x BD4
0x BD8
0x 6C8
0x BEC
0x 54C
0x BF4
0x BF0
0x 34C
0x 850
0x 864
0x 848
0x 8BC
0x 85C
0x 8C0
0x 8A8
0x 974
0x 7E8
0x 978
0x B0
0x 7EC
0x 668
0x 320
0x 244
0x 930
0x 958
0x 938
0x 934
0x 940
0x 93C
0x 8B8
0x 5F8
0x 700
0x 6BC
0x 964
0x 970
0x 8CC
0x 8D0
0x 968
0x 7F0
0x 418
0x 830
0x 328
0x 75C
0x 97C
0x 9BC
0x 9B8
0x 9B4
0x 9B0
0x 9AC
0x 9A8
0x 9A4
0x 8D8
0x 91C
0x 8B0
0x 8A4
0x 90C
0x 908
0x 910
0x 918
0x 8B4
0x A54
0x A50
0x A4C
0x A48
0x A58
0x A60
0x A64
0x A68
0x A6C
0x A70
0x A08
0x A0C
0x A10
0x A14
0x A18
0x A1C
0x A20
0x 87C
0x AA0
0x A9C
0x A44
0x A40
0x 9F0
0x 9F4
0x 9F8
0x 980
0x 984
0x 988
0x 98C
0x 990
0x 994
0x 998
0x 99C
0x 9A0
0x 8D4
0x 8A0
0x 8C8
0x A04
0x A00
0x 9FC
0x AE4
0x A8C
0x A90
0x AEC
0x AE8
0x B08
0x B0C
0x B10
0x A80
0x B04
0x B00
0x AFC
0x AF8
0x AF4
0x B40
0x 9C0
0x A84
0x A88
0x B48
0x ACC
0x AC8
0x AC4
0x B14
0x B18
0x B1C
0x B20
0x B24
0x B28
0x B2C
0x B30
0x B34
0x AF0
0x B3C
0x AE0
0x 9D8
0x 2A8
0x 758
0x B4C
0x A24
0x A28
0x A2C
0x A30
0x A34
0x A38
0x A3C
0x 9EC
0x 9E8
0x 9E4
0x 9E0
0x 9DC
0x BB4
0x BB0
0x BAC
0x BA8
0x BA4
0x BA0
0x B9C
0x B98
0x B94
0x B90
0x B8C
0x B44
0x B88
0x AD0
0x AD4
0x A98
0x B5C
0x B60
0x B64
0x B38
0x B58
0x BB8
0x 344
0x 278
0x 470
0x 634
0x B84
0x B54
0x B6C
0x BD0
0x BCC
0x BC8
0x BC4
0x BC0
0x B70
0x B74
0x B78
0x B7C
0x B80
0x 8C4
0x B50
0x B68
0x 458
0x 588
0x 7C8
0x 324
0x 834
0x BF8
0x 924
0x 4C4
0x BBC
0x 7C4
0x 5A0
0x 33C
0x 6A0
0x 69C
0x 880
0x 928
0x 824
0x 92C
0x BFC
0x 914
0x 7EC
0x 668
0x 320
0x 244
0x 930
0x 958
0x 938
0x 830
0x 418
0x 7F0
0x 968
0x 8D0
0x 8CC
0x 970
0x 964
0x 6BC
0x 700
0x 5F8
0x 8B8
0x 93C
0x 940
0x 934
0x 9B4
0x 9B8
0x 9BC
0x 97C
0x 75C
0x 328
0x A58
0x A48
0x A4C
0x A50
0x A54
0x 8B4
0x 918
0x 910
0x 908
0x 90C
0x 8A4
0x 8B0
0x 91C
0x 8D8
0x 9A4
0x 9A8
0x 9AC
0x 9B0
0x 9F4
0x 9F0
0x A40
0x A44
0x A9C
0x AA0
0x 87C
0x A20
0x A1C
0x A18
0x A14
0x A10
0x A0C
0x A08
0x A70
0x A6C
0x A68
0x A64
0x A60
0x AE4
0x 9FC
0x A00
0x A04
0x 8C8
0x 8A0
0x 8D4
0x 9A0
0x 99C
0x 998
0x 994
0x 990
0x 98C
0x 988
0x 984
0x 980
0x 9F8
0x 180
0x 728
0x 41C
0x 804
0x BDC
0x BE0
0x 808
0x BD4
0x 864
0x 848
0x 8BC
0x 85C
0x 8C0
0x 8A8
0x 974
0x 7E8
0x 978
0x B0
0x A94
0x CC
0x D0
0x D4
0x D8
0x DC
0x E0
0x E4
0x E8
0x EC
0x BD8
0x 6D0
0x 658
0x 660
0x 674
0x C4
0x 81C
0x 850
0x BF0
0x 34C
0x 54C
0x BF4
0x BEC
0x 6E8
0x 6C8
0x 71C
0x A8C
0x A90
0x AF4
0x AF8
0x AFC
0x B00
0x B04
0x A80
0x B10
0x B0C
0x B08
0x AE8
0x AEC
0x B40
0x 9C0
0x A84
0x A88
0x B48
0x ACC
0x AC8
0x AC4
0x B14
0x B18
0x B1C
0x B20
0x B24
0x B28
0x B2C
0x B30
0x B34
0x AF0
0x B3C
0x AE0
0x 9DC
0x 9E0
0x 9E4
0x 9E8
0x 9EC
0x A3C
0x A38
0x A34
0x A30
0x A2C
0x A28
0x A24
0x B4C
0x 758
0x 2A8
0x 9D8
0x BB4
0x BB0
0x BAC
0x BA8
0x BA4
0x BA0
0x B9C
0x B98
0x B94
0x B90
0x B8C
0x B44
0x B88
0x AD0
0x AD4
0x A98
0x B5C
0x B60
0x B64
0x B38
0x B58
0x BB8
0x 344
0x 278
0x 470
0x 634
0x B84
0x B54
0x B6C
0x 8C4
0x B80
0x B7C
0x B78
0x B74
0x B70
0x BC0
0x BC4
0x BC8
0x BCC
0x BD0
0x B50
0x B68
0x 458
0x 588
0x 7C8
0x 324
0x 834
0x BFC
0x 92C
0x 824
0x 928
0x A4C
0x A48
0x A58
0x 328
0x 75C
0x 97C
0x 9BC
0x 9B8
0x 9B4
0x 934
0x 940
0x 93C
0x 8B8
0x 5F8
0x 700
0x 6BC
0x 964
0x 970
0x 8CC
0x 90C
0x 908
0x 910
0x 918
0x 8B4
0x A54
0x A50
0x BF8
0x 924
0x 4C4
0x BBC
0x 7C4
0x 5A0
0x 33C
0x 6A0
0x 69C
0x 880
0x 8D0
0x 968
0x 7F0
0x 418
0x 830
0x 938
0x 958
0x 930
0x 244
0x 320
0x 668
0x 7EC
0x 914
0x 8A4
0x 8B0
0x 91C
0x 8D8
0x 9A4
0x 9A8
0x 9AC
0x A6C
0x A70
0x A08
0x A0C
0x A10
0x A14
0x A18
0x A1C
0x A20
0x 99C
0x 9A0
0x 8D4
0x 8A0
0x 8C8
0x A04
0x A00
0x 9FC
0x AE4
0x A60
0x A64
0x A68
0x BD4
0x 808
0x BE0
0x BDC
0x 804
0x 41C
0x 728
0x 180
0x 9F8
0x 980
0x 984
0x 988
0x 98C
0x 990
0x 994
0x 720
0x 740
0x 9F4
0x 864
0x 9CC
0x 848
0x 9C4
0x 9D0
0x AD8
0x 8BC
0x 85C
0x 8C0
0x 8A8
0x D0
0x CC
0x A94
0x B0
0x 978
0x 7E8
0x 974
0x AB4
0x ABC
0x AC0
0x A7C
0x A78
0x A74
0x 9D4
0x 9C8
0x D4
0x ADC
0x D8
0x DC
0x E0
0x E4
0x E8
0x 54C
0x 34C
0x BF0
0x 850
0x 81C
0x C4
0x 674
0x 660
0x 658
0x 6D0
0x BD8
0x EC
0x AEC
0x AE8
0x B08
0x B0C
0x B10
0x A80
0x B04
0x B00
0x AFC
0x AF8
0x AF4
0x A90
0x A8C
0x 71C
0x 6C8
0x 6E8
0x BEC
0x BF4
0x B18
0x B14
0x AC4
0x AC8
0x ACC
0x A88
0x A84
0x 9C0
0x B40
0x B48
0x B1C
0x A30
0x A34
0x A38
0x A3C
0x 9EC
0x 9E8
0x 9E4
0x 9E0
0x 9DC
0x AE0
0x B3C
0x AF0
0x B34
0x B30
0x B2C
0x B28
0x B24
0x B20
0x B94
0x B98
0x B9C
0x BA0
0x BA4
0x BA8
0x BAC
0x BB0
0x BB4
0x 9D8
0x 2A8
0x 758
0x B4C
0x A24
0x A28
0x A2C
0x 278
0x 344
0x BB8
0x B58
0x B38
0x B64
0x B60
0x B5C
0x A98
0x AD4
0x AD0
0x B88
0x B44
0x B8C
0x B90
0x 458
0x B68
0x B50
0x BD0
0x BCC
0x BC8
0x BC4
0x BC0
0x B70
0x B74
0x B78
0x B7C
0x B80
0x 8C4
0x B6C
0x B54
0x B84
0x 634
0x 470
0x 588
0x 7C8
0x 324
0x 700
0x 5F8
0x 8B8
0x 93C
0x 940
0x 934
0x 9B4
0x 9B8
0x 9BC
0x 97C
0x 75C
0x 328
0x A58
0x A48
0x A4C
0x 928
0x 824
0x 92C
0x BFC
0x 834
0x 33C
0x 5A0
0x 7C4
0x BBC
0x 4C4
0x 924
0x BF8
0x A50
0x A54
0x 8B4
0x 918
0x 910
0x 908
0x 90C
0x 8CC
0x 970
0x 6BC
0x 930
0x 958
0x 938
0x 830
0x 418
0x 7F0
0x 968
0x 8D0
0x 880
0x 69C
0x 6A0
0x 244
0x 320
0x 668
0x 7EC
0x 914
0x 8A4
0x 8B0
0x 91C
0x 8D8
0x 9A4
0x 964
0x A20
0x A1C
0x A18
0x A14
0x A10
0x A0C
0x A08
0x A70
0x A6C
0x 9AC
0x 9A8
0x 99C
0x 9A0
0x BD4
0x A68
0x A64
0x A60
0x 9FC
0x A00
0x A04
0x 8C8
0x 8A0
0x 8D4
0x AE4
0x 808
0x BE0
0x 52C
0x BDC
0x 804
0x 41C
0x 728
0x 180
0x 9F8
0x 980
0x 984
0x 988
0x 98C
0x 990
0x 994
0x 720
0x 740
0x 864
0x 9F4
0x 9CC
0x 578
0x 310
0x 224
0x 848
0x AB4
0x 974
0x 7E8
0x 978
0x B0
0x A94
0x CC
0x D0
0x 8A8
0x 8C0
0x 85C
0x 8BC
0x AD8
0x 9D0
0x 9C4
0x E0
0x DC
0x D8
0x ADC
0x D4
0x 9C8
0x 9D4
0x A74
0x A78
0x A7C
0x AC0
0x ABC
0x 850
0x BF0
0x 34C
0x 54C
0x E8
0x E4
0x 81C
0x A80
0x B10
0x B0C
0x B08
0x AE8
0x AEC
0x EC
0x BD8
0x B04
0x B00
0x AFC
0x 6D0
0x 658
0x 660
0x 674
0x C4
0x AF8
0x AF4
0x A90
0x A8C
0x 71C
0x 6C8
0x 6E8
0x BEC
0x BF4
0x B18
0x B14
0x AC4
0x AC8
0x 9DC
0x 9E0
0x 9E4
0x 9E8
0x 9EC
0x A3C
0x A38
0x A34
0x A30
0x B1C
0x B48
0x B40
0x 9C0
0x A84
0x A88
0x ACC
0x B9C
0x B98
0x B94
0x B20
0x B24
0x B28
0x B2C
0x B30
0x B34
0x AF0
0x B3C
0x AE0
0x A24
0x B4C
0x 758
0x 2A8
0x 9D8
0x BB4
0x BB0
0x BAC
0x BA8
0x BA4
0x BA0
0x A98
0x B5C
0x B60
0x B64
0x B38
0x B58
0x BB8
0x 344
0x 278
0x A2C
0x A28
0x BC0
0x BC4
0x BC8
0x BCC
0x BD0
0x B50
0x B68
0x 458
0x B90
0x B8C
0x B44
0x B88
0x AD0
0x AD4
0x B6C
0x 8C4
0x B80
0x B7C
0x B78
0x 328
0x 75C
0x 97C
0x 9BC
0x 9B8
0x 9B4
0x 934
0x 940
0x 93C
0x BF8
0x 924
0x 4C4
0x BBC
0x 7C4
0x 5A0
0x 33C
0x 834
0x BFC
0x B74
0x B70
0x 8B8
0x 5F8
0x 700
0x 324
0x 7C8
0x 588
0x 470
0x 634
0x B84
0x B54
0x 92C
0x 824
0x 928
0x A4C
0x A48
0x A58
0x 7AC
0x 4F0
0x 4E4
0x 65C
0x 774
0x 440
0x 304
0x 39C
0x A50
0x 238
0x 538
0x 490
0x 63C
0x 61C
0x A54
0x 8B4
0x 918
0x 910
0x 908
0x 90C
0x 8CC
0x 970
0x 6BC
0x 958
0x 930
0x 938
0x 830
0x 418
0x 67C
0x 420
0x C0
0x 7F0
0x 770
0x 968
0x 8D0
0x 880
0x 69C
0x 6A0
0x 244
0x 320
0x 668
0x 7EC
0x 914
0x 8A4
0x 8B0
0x 91C
0x 8D8
0x 9A4
0x 964
0x A20
0x A68
0x BD4
0x 9A0
0x 99C
0x 9A8
0x 9AC
0x A6C
0x A70
0x A08
0x A0C
0x A10
0x A14
0x A18
0x A1C
0x A64
0x 9FC
0x A60
0x 180
0x 728
0x 41C
0x 804
0x BDC
0x 52C
0x BE0
0x 808
0x AE4
0x 8D4
0x 8A0
0x 8C8
0x A04
0x A00
0x 9F8
0x 980
0x 984
0x 988
0x 98C
0x 990
0x 994
0x 720
0x 740
0x 864
0x 9F4
0x 9CC
0x 578
0x 310
0x 224
0x 848
0x AB4
0x 974
0x 7E8
0x 8BC
0x 85C
0x 8C0
0x 8A8
0x D0
0x CC
0x A94
0x B0
0x 978
0x ABC
0x AC0
0x A7C
0x A78
0x A74
0x 9D4
0x 9C8
0x D4
0x ADC
0x D8
0x DC
0x E0
0x 9C4
0x 9D0
0x AD8
0x B00
0x B04
0x BD8
0x EC
0x AEC
0x AE8
0x B08
0x B0C
0x B10
0x A80
0x 81C
0x E4
0x E8
0x 54C
0x 34C
0x BF0
0x 850
0x 6D0
0x AFC
0x 658
0x 660
0x 674
0x C4
0x AF8
0x AF4
0x A90
0x A8C
0x 71C
0x 6C8
0x 6E8
0x B18
0x A38
0x A34
0x A30
0x B1C
0x B48
0x B40
0x 9C0
0x A84
0x A88
0x ACC
0x B9C
0x BA8
0x BAC
0x 2A8
0x 758
0x B3C
0x AF0
0x B34
0x B30
0x B2C
0x B28
0x B24
0x B20
0x B94
0x B98
0x BA4
0x BA0
0x A98
0x B5C
0x B60
0x B64
0x B38
0x BB8
0x 344
0x 278
0x A2C
0x A28
0x BC0
0x BC4
0x BC8
0x BCC
0x BD0
0x B50
0x B68
0x 458
0x 42C
0x B90
0x BF4
0x AD4
0x AD0
0x B88
0x B44
0x B8C
0x B6C
0x 8C4
0x B80
0x B7C
0x B78
0x 328
0x 75C
0x 97C
0x 9BC
0x 9B8
0x 798
0x 474
0x 9B4
0x 934
0x B70
0x B74
0x BFC
0x 834
0x 33C
0x 5A0
0x 7C4
0x BBC
0x 4C4
0x 924
0x BF8
0x 93C
0x 940
0x 8B8
0x 5F8
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00030fff Private Memory rw True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
private_0x0000000000050000 0x00050000 0x0008ffff Private Memory rw True False False -
private_0x0000000000090000 0x00090000 0x0018ffff Private Memory rw True False False -
pagefile_0x0000000000190000 0x00190000 0x00193fff Pagefile Backed Memory r True False False -
pagefile_0x00000000001a0000 0x001a0000 0x001a0fff Pagefile Backed Memory r True False False -
locale.nls 0x001b0000 0x00216fff Memory Mapped File r False False False -
private_0x0000000000220000 0x00220000 0x00220fff Private Memory rw True False False -
pagefile_0x0000000000230000 0x00230000 0x00230fff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000240000 0x00240000 0x00241fff Pagefile Backed Memory r True False False -
private_0x0000000000250000 0x00250000 0x002cffff Private Memory rw True False False -
windowsshell.manifest 0x002d0000 0x002d0fff Memory Mapped File r False False False -
pagefile_0x00000000002d0000 0x002d0000 0x002d0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000002e0000 0x002e0000 0x002e1fff Pagefile Backed Memory r True False False -
pagefile_0x00000000002f0000 0x002f0000 0x002f0fff Pagefile Backed Memory r True False False -
cversions.1.db 0x00300000 0x00303fff Memory Mapped File r True False False -
cversions.2.db 0x00300000 0x00303fff Memory Mapped File r True False False -
{afbf9f1a-8ee8-4c77-af34-c647e37ca0d9}.1.ver0x0000000000000016.db 0x00310000 0x0032efff Memory Mapped File r True False False -
pagefile_0x0000000000330000 0x00330000 0x00330fff Pagefile Backed Memory rw True False False -
cversions.2.db 0x00340000 0x00343fff Memory Mapped File r True False False -
private_0x0000000000350000 0x00350000 0x0035ffff Private Memory rw True False False -
{6af0698e-d558-4f6e-9b3c-3716689af493}.2.ver0x0000000000000012.db 0x00360000 0x0038ffff Memory Mapped File r True False False -
{ddf571f2-be98-426d-8288-1a9a39c3fda2}.2.ver0x0000000000000002.db 0x00390000 0x003f5fff Memory Mapped File r True False False -
out.exe 0x00400000 0x006fafff Memory Mapped File rwx True True True
...
pagefile_0x0000000000700000 0x00700000 0x00706fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000710000 0x00710000 0x00711fff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000720000 0x00720000 0x00720fff Pagefile Backed Memory rw True False False -
private_0x0000000000730000 0x00730000 0x0076ffff Private Memory rw True False False -
private_0x00000000007a0000 0x007a0000 0x0089ffff Private Memory rw True False False -
pagefile_0x00000000008a0000 0x008a0000 0x00a27fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000a30000 0x00a30000 0x00bb0fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000bc0000 0x00bc0000 0x01fbffff Pagefile Backed Memory r True False False -
sortdefault.nls 0x01fc0000 0x0228efff Memory Mapped File r False False False -
private_0x0000000002290000 0x02290000 0x0244ffff Private Memory rw True False False -
pagefile_0x0000000002290000 0x02290000 0x0236efff Pagefile Backed Memory r True False False -
private_0x0000000002370000 0x02370000 0x023affff Private Memory rw True False False -
private_0x00000000023b0000 0x023b0000 0x023effff Private Memory rw True False False -
private_0x0000000002410000 0x02410000 0x0244ffff Private Memory rw True False False -
private_0x0000000002450000 0x02450000 0x02550fff Private Memory rw True False False -
pagefile_0x0000000002450000 0x02450000 0x02842fff Pagefile Backed Memory r True False False -
private_0x0000000002850000 0x02850000 0x0294ffff Private Memory rw True False False -
private_0x0000000002950000 0x02950000 0x02a4ffff Private Memory rw True False False -
private_0x0000000002a50000 0x02a50000 0x02b8ffff Private Memory rw True False False -
private_0x0000000002a50000 0x02a50000 0x02abffff Private Memory rw True False False -
private_0x0000000002a50000 0x02a50000 0x02b2ffff Private Memory rw True False False -
private_0x0000000002a50000 0x02a50000 0x02a8ffff Private Memory rw True False False -
private_0x0000000002ab0000 0x02ab0000 0x02abffff Private Memory rw True False False -
private_0x0000000002ac0000 0x02ac0000 0x02b6ffff Private Memory rw True False False -
private_0x0000000002ac0000 0x02ac0000 0x02afffff Private Memory rw True False False -
private_0x0000000002b20000 0x02b20000 0x02b2ffff Private Memory rw True False False -
private_0x0000000002b30000 0x02b30000 0x02b6ffff Private Memory rw True False False -
private_0x0000000002b80000 0x02b80000 0x02b8ffff Private Memory rw True False False -
private_0x0000000002b90000 0x02b90000 0x02c8ffff Private Memory rw True False False -
private_0x0000000002c90000 0x02c90000 0x02d6ffff Private Memory rw True False False -
private_0x0000000002c90000 0x02c90000 0x02ebffff Private Memory rw True False False -
private_0x0000000002c90000 0x02c90000 0x02d8ffff Private Memory rw True False False -
private_0x0000000002d90000 0x02d90000 0x02dcffff Private Memory rw True False False -
private_0x0000000002dd0000 0x02dd0000 0x02e0ffff Private Memory rw True False False -
private_0x0000000002e10000 0x02e10000 0x02e4ffff Private Memory rw True False False -
private_0x0000000002e80000 0x02e80000 0x02ebffff Private Memory rw True False False -
private_0x0000000002ec0000 0x02ec0000 0x02fbffff Private Memory rw True False False -
private_0x0000000002fc0000 0x02fc0000 0x030bffff Private Memory rw True False False -
private_0x00000000030c0000 0x030c0000 0x031bffff Private Memory rw True False False -
private_0x00000000031c0000 0x031c0000 0x032bffff Private Memory rw True False False -
private_0x00000000032c0000 0x032c0000 0x032fffff Private Memory rw True False False -
private_0x0000000003300000 0x03300000 0x033fffff Private Memory rw True False False -
private_0x0000000003400000 0x03400000 0x0343ffff Private Memory rw True False False -
private_0x0000000003440000 0x03440000 0x0353ffff Private Memory rw True False False -
private_0x0000000003540000 0x03540000 0x0357ffff Private Memory rw True False False -
private_0x0000000003580000 0x03580000 0x0367ffff Private Memory rw True False False -
private_0x0000000003680000 0x03680000 0x036bffff Private Memory rw True False False -
private_0x00000000036c0000 0x036c0000 0x037bffff Private Memory rw True False False -
private_0x00000000037c0000 0x037c0000 0x037fffff Private Memory rw True False False -
fwpuclnt.dll 0x74d30000 0x74d67fff Memory Mapped File rwx False False False -
rasadhlp.dll 0x74d70000 0x74d75fff Memory Mapped File rwx False False False -
fwpuclnt.dll 0x74e80000 0x74eb7fff Memory Mapped File rwx False False False -
mswsock.dll 0x74e80000 0x74ebbfff Memory Mapped File rwx False False False -
winrnr.dll 0x74ee0000 0x74ee7fff Memory Mapped File rwx False False False -
uxtheme.dll 0x74f60000 0x74fdffff Memory Mapped File rwx False False False -
api-ms-win-core-synch-l1-2-0.dll 0x74fe0000 0x74fe2fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
dnsapi.dll 0x750d0000 0x75113fff Memory Mapped File rwx False False False -
mswsock.dll 0x75120000 0x7515bfff Memory Mapped File rwx False False False -
dhcpcsvc.dll 0x75120000 0x75131fff Memory Mapped File rwx False False False -
pnrpnsp.dll 0x75140000 0x75151fff Memory Mapped File rwx False False False -
pnrpnsp.dll 0x75190000 0x751a1fff Memory Mapped File rwx False False False -
dhcpcsvc6.dll 0x75190000 0x7519cfff Memory Mapped File rwx False False False -
winrnr.dll 0x751a0000 0x751a7fff Memory Mapped File rwx False False False -
napinsp.dll 0x751d0000 0x751dffff Memory Mapped File rwx False False False -
nlaapi.dll 0x751d0000 0x751dffff Memory Mapped File rwx False False False -
nlaapi.dll 0x751e0000 0x751effff Memory Mapped File rwx False False False -
napinsp.dll 0x751e0000 0x751effff Memory Mapped File rwx False False False -
profapi.dll 0x751f0000 0x751fafff Memory Mapped File rwx False False False -
ntmarta.dll 0x75200000 0x75220fff Memory Mapped File rwx False False False -
comctl32.dll 0x75230000 0x753cdfff Memory Mapped File rwx False False False -
propsys.dll 0x753d0000 0x754c4fff Memory Mapped File rwx False False False -
winnsi.dll 0x754d0000 0x754d6fff Memory Mapped File rwx False False False -
iphlpapi.dll 0x754e0000 0x754fbfff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
wldap32.dll 0x75a10000 0x75a54fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
wininet.dll 0x75a80000 0x75b74fff Memory Mapped File rwx False False False -
iertutil.dll 0x75b80000 0x75d7afff Memory Mapped File rwx False False False -
crypt32.dll 0x75d80000 0x75e9cfff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
msasn1.dll 0x75f70000 0x75f7bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
cfgmgr32.dll 0x76230000 0x76256fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
setupapi.dll 0x76340000 0x764dcfff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
urlmon.dll 0x76760000 0x76895fff Memory Mapped File rwx False False False -
devobj.dll 0x768a0000 0x768b1fff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
shell32.dll 0x76900000 0x77549fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
For performance reasons, the remaining 594 entries are omitted.
The remaining entries can be found in flog.txt.
Created Files
»
Filename File Size Hash Values YARA Match Actions
c:/windows/temp/zkts.exe 1.85 MB MD5: 5d74e736c5c4224b813bea351093c27f
SHA1: 740e59ec36ebec339f9245071f366cf601edbad7
SHA256: 7f5f134fd3ec2c14956acd7362c76e66759b8ecc51f986ef80bbf9f7f94b89fe
SSDeep: 49152:O5+hFyflCspsAaGAafcQgZ6eLSCQ6SjQBts5Euxn0k:O5aFzsaVRZ6eL+6Fs5xn0k 		False
...
c:/windows/temp/ktsi.exe 328.50 KB MD5: dd2e5fd5109c54cc90b30b88ec0c585a
SHA1: 927dc541fd29ef6341b041321fe06bf04b0efcd7
SHA256: a3dabb63f11e208a0d1d9b43b3d2575e2dc2a7d87c14eb654d3062f3bc0ad12d
SSDeep: 6144:qivqjCj/C+YiuEk3WKz1O9aiZVDkJFWTnZEPKjUSF/Qarwbbhsriqx83d2Z2k:pvqk/JYymxMYrsKS1Hkbl6xl9 		False
...
Threads
Thread 0x8e8
299 3
»
Category Operation Information Success Count Logfile
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = VirtualProtect, address_out = 0x757d435f True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\ws2_32.dll, base_address = 0x768c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 13, address_out = 0x768cb001 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 1, address_out = 0x768c68b6 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 17, address_out = 0x768cb6dc True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = freeaddrinfo, address_out = 0x768c4b1b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = getaddrinfo, address_out = 0x768c4296 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 7, address_out = 0x768c737d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 6, address_out = 0x768c30af True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 5, address_out = 0x768c7147 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 112, address_out = 0x768c37d9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 116, address_out = 0x768c3c5f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 151, address_out = 0x768c6a8a True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 2, address_out = 0x768c4582 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = WSAIoctl, address_out = 0x768c2fe7 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 3, address_out = 0x768c3918 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 52, address_out = 0x768d7673 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 18, address_out = 0x768c6989 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 14, address_out = 0x768c2d57 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 115, address_out = 0x768c3ab2 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 11, address_out = 0x768c311b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 19, address_out = 0x768c6f01 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 23, address_out = 0x768c3eb8 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 15, address_out = 0x768c2d8b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 4, address_out = 0x768c6bdd True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 12, address_out = 0x768cb131 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 57, address_out = 0x768ca05b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 16, address_out = 0x768c6b0e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 8, address_out = 0x768c2d57 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 9, address_out = 0x768c2d8b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 20, address_out = 0x768c34b5 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 10, address_out = 0x768c3084 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 21, address_out = 0x768c41b6 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\ws2_32.dll, function = 111, address_out = 0x768c37ad True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlushFileBuffers, address_out = 0x757d469b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetStdHandle, address_out = 0x7585454f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetFullPathNameW, address_out = 0x757d40d4 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCurrentDirectoryW, address_out = 0x757d5611 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WriteConsoleW, address_out = 0x757f7aca True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = OutputDebugStringW, address_out = 0x757fd1d4 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = OutputDebugStringA, address_out = 0x757fb2b7 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetProcessHeap, address_out = 0x757d14e9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = HeapQueryInformation, address_out = 0x758543ff True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetModuleFileNameA, address_out = 0x757d14b1 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SizeofResource, address_out = 0x757d5ac9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleCtrlHandler, address_out = 0x757d8a09 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = EnterCriticalSection, address_out = 0x77ad22b0 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCurrentProcess, address_out = 0x757d1809 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = ReleaseSemaphore, address_out = 0x757ed3ab True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WriteFile, address_out = 0x757d1282 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = InitializeCriticalSectionAndSpinCount, address_out = 0x757d1916 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = LeaveCriticalSection, address_out = 0x77ad2270 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetFilePointer, address_out = 0x757d17d1 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FindResourceA, address_out = 0x757ee9bb True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = lstrlenA, address_out = 0x757d5a4b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WaitForSingleObject, address_out = 0x757d1136 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetModuleHandleA, address_out = 0x757d1245 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = Sleep, address_out = 0x757d10ff True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetLastError, address_out = 0x757d11c0 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateFileA, address_out = 0x757d53c6 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetVersionExA, address_out = 0x757d3519 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = lstrcpyA, address_out = 0x757f2a9d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CloseHandle, address_out = 0x757d1410 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetTimeZoneInformation, address_out = 0x757d465a True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = LoadResource, address_out = 0x757d594c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetLocalTime, address_out = 0x757d5aa6 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetProcAddress, address_out = 0x757d1222 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = DeleteCriticalSection, address_out = 0x77ae45f5 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = lstrcpynA, address_out = 0x757e192a True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = lstrcmpiA, address_out = 0x757d3e8e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateSemaphoreA, address_out = 0x757fd172 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = QueryPerformanceCounter, address_out = 0x757d1725 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetTickCount, address_out = 0x757d110c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetLastError, address_out = 0x757d11a9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = InitializeCriticalSection, address_out = 0x77ae2c42 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SleepEx, address_out = 0x757d1215 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FormatMessageA, address_out = 0x757f5fbd True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FreeLibrary, address_out = 0x757d34c8 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WaitForMultipleObjects, address_out = 0x757d4220 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetFileType, address_out = 0x757d3531 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetStdHandle, address_out = 0x757d51b3 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = ReadFile, address_out = 0x757d3ed3 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = PeekNamedPipe, address_out = 0x75854821 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = ExpandEnvironmentStringsA, address_out = 0x757eeb39 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = VerSetConditionMask, address_out = 0x77b292b9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = LoadLibraryA, address_out = 0x757d49d7 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetSystemDirectoryA, address_out = 0x757eb66c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = VerifyVersionInfoA, address_out = 0x757ef803 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetUserDefaultLCID, address_out = 0x757d3da5 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsValidLocale, address_out = 0x757ece46 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FindClose, address_out = 0x757d4442 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FindFirstFileExA, address_out = 0x7585427f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FindNextFileA, address_out = 0x757fd53e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsValidCodePage, address_out = 0x757d4493 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetOEMCP, address_out = 0x757fd1a1 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetEnvironmentStringsW, address_out = 0x757d51e3 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FreeEnvironmentStringsW, address_out = 0x757d51cb True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetEnvironmentVariableA, address_out = 0x757de331 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetConsoleCP, address_out = 0x75877bff True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = ReadConsoleW, address_out = 0x7587739a True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetEndOfFile, address_out = 0x757ece2e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateThread, address_out = 0x757d34d5 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = HeapSize, address_out = 0x77ae3002 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = HeapReAlloc, address_out = 0x77af1f6e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = HeapFree, address_out = 0x757d14c9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetFileAttributesExW, address_out = 0x757d4574 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateProcessA, address_out = 0x757d1072 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetExitCodeProcess, address_out = 0x757e174d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = DeleteFileW, address_out = 0x757d89b3 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetConsoleMode, address_out = 0x757d1328 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetACP, address_out = 0x757d179c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCommandLineW, address_out = 0x757d5223 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCommandLineA, address_out = 0x757d51a1 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetFilePointerEx, address_out = 0x757ec807 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FreeLibraryAndExitThread, address_out = 0x757ed582 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = ExitThread, address_out = 0x77b0d598 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FileTimeToSystemTime, address_out = 0x757d542c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SystemTimeToTzSpecificLocalTime, address_out = 0x757f0652 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetDriveTypeW, address_out = 0x757d418b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateFileW, address_out = 0x757d3f5c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetModuleFileNameW, address_out = 0x757d4950 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetSystemInfo, address_out = 0x757d49ca True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = HeapValidate, address_out = 0x757eb17b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = HeapAlloc, address_out = 0x77ade026 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetModuleHandleExW, address_out = 0x757d4a6f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WideCharToMultiByte, address_out = 0x757d170d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = EncodePointer, address_out = 0x77af0fcb True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = DecodePointer, address_out = 0x77ae9d35 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = MultiByteToWideChar, address_out = 0x757d192e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateEventW, address_out = 0x757d183e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = TlsAlloc, address_out = 0x757d49ad True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = TlsGetValue, address_out = 0x757d11e0 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = TlsSetValue, address_out = 0x757d14fb True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = TlsFree, address_out = 0x757d3587 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetSystemTimeAsFileTime, address_out = 0x757d3509 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetModuleHandleW, address_out = 0x757d34b0 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CompareStringW, address_out = 0x757d3bca True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = LCMapStringW, address_out = 0x757d17b9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetLocaleInfoW, address_out = 0x757d3c42 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetStringTypeW, address_out = 0x757d1946 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCPInfo, address_out = 0x757d5189 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetEvent, address_out = 0x757d16c5 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = ResetEvent, address_out = 0x757d16dd True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WaitForSingleObjectEx, address_out = 0x757d1151 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = UnhandledExceptionFilter, address_out = 0x757f772f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetUnhandledExceptionFilter, address_out = 0x757d87c9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = TerminateProcess, address_out = 0x757ed802 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsProcessorFeaturePresent, address_out = 0x757d5235 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetStartupInfoW, address_out = 0x757d4d40 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCurrentProcessId, address_out = 0x757d11f8 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCurrentThreadId, address_out = 0x757d1450 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = InitializeSListHead, address_out = 0x77ae94a4 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = RaiseException, address_out = 0x757d58a6 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = RtlUnwind, address_out = 0x757fd1c3 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = LoadLibraryExW, address_out = 0x757d495d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = ExitProcess, address_out = 0x757d7a10 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = EnumSystemLocalesW, address_out = 0x7585425f True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\user32.dll, base_address = 0x775b0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\user32.dll, function = wsprintfA, address_out = 0x775dae5f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\user32.dll, function = ShowWindow, address_out = 0x775d0dfb True 1
Fn
Module Get Address module_name = c:\windows\syswow64\user32.dll, function = FindWindowA, address_out = 0x775cffe6 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\advapi32.dll, base_address = 0x75720000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = CryptEncrypt, address_out = 0x7574779b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = CryptReleaseContext, address_out = 0x7572e124 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = CryptDestroyHash, address_out = 0x7572df66 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = CryptHashData, address_out = 0x7572df36 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = CryptCreateHash, address_out = 0x7572df4e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = CryptAcquireContextA, address_out = 0x757291dd True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = CryptImportKey, address_out = 0x7572c532 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = CryptGetHashParam, address_out = 0x7572df7e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = CryptDestroyKey, address_out = 0x7572c51a True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\shell32.dll, base_address = 0x76900000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\shell32.dll, function = ShellExecuteA, address_out = 0x76b47078 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\iphlpapi.dll, base_address = 0x754e0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\iphlpapi.dll, function = GetIpAddrTable, address_out = 0x754e9bb0 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\iphlpapi.dll, function = GetBestInterface, address_out = 0x754e3c70 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\wldap32.dll, base_address = 0x75a10000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 32, address_out = 0x75a24910 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 27, address_out = 0x75a1fe33 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 26, address_out = 0x75a17a22 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 22, address_out = 0x75a14b2c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 33, address_out = 0x75a248aa True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 50, address_out = 0x75a49435 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 60, address_out = 0x75a3e02e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 211, address_out = 0x75a2478a True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 46, address_out = 0x75a1a855 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 143, address_out = 0x75a24bc3 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 35, address_out = 0x75a1f5af True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 79, address_out = 0x75a16447 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 30, address_out = 0x75a490b9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 200, address_out = 0x75a1b36e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 301, address_out = 0x75a43ce9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\wldap32.dll, function = 41, address_out = 0x75a14013 True 1
Fn
System Get Time type = System Time, time = 2018-10-16 14:29:08 (UTC) True 1
Fn
Module Load module_name = api-ms-win-core-synch-l1-2-0, base_address = 0x0 False 1
Fn
Module Load module_name = api-ms-win-core-synch-l1-2-0, base_address = 0x74fe0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\api-ms-win-core-synch-l1-2-0.dll, function = InitializeCriticalSectionEx, address_out = 0x0 False 1
Fn
Module Load module_name = api-ms-win-core-fibers-l1-1-1, base_address = 0x0 False 2
Fn
Module Load module_name = kernel32, base_address = 0x0 False 1
Fn
Module Load module_name = kernel32, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsAlloc, address_out = 0x757d4f2b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsSetValue, address_out = 0x757d4208 True 1
Fn
Module Load module_name = api-ms-win-core-synch-l1-2-0, base_address = 0x0 False 1
Fn
Module Load module_name = api-ms-win-core-synch-l1-2-0, base_address = 0x74fe0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\api-ms-win-core-synch-l1-2-0.dll, function = InitializeCriticalSectionEx, address_out = 0x0 False 1
Fn
Module Load module_name = api-ms-win-core-fibers-l1-1-1, base_address = 0x0 False 2
Fn
Module Load module_name = kernel32, base_address = 0x0 False 1
Fn
Module Load module_name = kernel32, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsAlloc, address_out = 0x757d4f2b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsGetValue, address_out = 0x757d1252 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsSetValue, address_out = 0x757d4208 True 1
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
File Get Info filename = STD_INPUT_HANDLE, type = file_type True 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 1
Fn
File Get Info filename = STD_OUTPUT_HANDLE, type = file_type True 1
Fn
File Open filename = STD_ERROR_HANDLE True 1
Fn
File Get Info filename = STD_ERROR_HANDLE, type = file_type True 1
Fn
Module Load module_name = api-ms-win-core-localization-l1-2-1, base_address = 0x0 False 2
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = LCMapStringEx, address_out = 0x758547f1 True 1
Fn
Module Get Filename module_name = api-ms-win-core-localization-l1-2-1, process_name = c:\users\5p5nrgjn0js halpmcxz\desktop\out.exe, file_name_orig = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\out.exe, size = 260 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsAlloc, address_out = 0x757d4f2b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsFree, address_out = 0x757d359f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsGetValue, address_out = 0x757d1252 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsSetValue, address_out = 0x757d4208 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = InitializeCriticalSectionEx, address_out = 0x757d4d28 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = InitOnceExecuteOnce, address_out = 0x757ed627 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateEventExW, address_out = 0x7585410b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateSemaphoreW, address_out = 0x757eca5a True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateSemaphoreExW, address_out = 0x75854195 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateThreadpoolTimer, address_out = 0x757eee7e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadpoolTimer, address_out = 0x77af441c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WaitForThreadpoolTimerCallbacks, address_out = 0x77b1c50e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CloseThreadpoolTimer, address_out = 0x77b1c381 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateThreadpoolWait, address_out = 0x757ef088 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadpoolWait, address_out = 0x77b005d7 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CloseThreadpoolWait, address_out = 0x77b1ca24 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlushProcessWriteBuffers, address_out = 0x77ad0b8c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FreeLibraryWhenCallbackReturns, address_out = 0x77b8fde8 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCurrentProcessorNumber, address_out = 0x77b21e1d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateSymbolicLinkW, address_out = 0x7584cd11 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCurrentPackageId, address_out = 0x0 False 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetTickCount64, address_out = 0x757eeee0 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetFileInformationByHandleEx, address_out = 0x757ec78f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetFileInformationByHandle, address_out = 0x757fcbfc True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetSystemTimePreciseAsFileTime, address_out = 0x0 False 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = InitializeConditionVariable, address_out = 0x77ae8456 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WakeConditionVariable, address_out = 0x77b57de4 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WakeAllConditionVariable, address_out = 0x77b1409d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SleepConditionVariableCS, address_out = 0x75854b32 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = InitializeSRWLock, address_out = 0x77ae8456 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = AcquireSRWLockExclusive, address_out = 0x77ae29f1 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = TryAcquireSRWLockExclusive, address_out = 0x77af4892 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = ReleaseSRWLockExclusive, address_out = 0x77ae29ab True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SleepConditionVariableSRW, address_out = 0x75854b74 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateThreadpoolWork, address_out = 0x757eee45 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SubmitThreadpoolWork, address_out = 0x77b28491 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CloseThreadpoolWork, address_out = 0x77b1d8e2 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CompareStringEx, address_out = 0x758546b1 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetLocaleInfoEx, address_out = 0x75854751 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = LCMapStringEx, address_out = 0x758547f1 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = InitializeConditionVariable, address_out = 0x77ae8456 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SleepConditionVariableCS, address_out = 0x75854b32 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WakeAllConditionVariable, address_out = 0x77b1409d True 1
Fn
Window Find class_name = ConsoleWindowClass True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = AreFileApisANSI, address_out = 0x758540d1 True 1
Fn
File Get Info filename = c:/_how_to_decrypt_you_files.txt, type = file_attributes False 1
Fn
File Get Info filename = c:/ProgramData/_how_to_decrypt_you_files.txt, type = file_attributes False 1
Fn
File Create filename = c:/windows/temp/zkts.exe, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE True 1
Fn
File Write filename = c:/windows/temp/zkts.exe, size = 1934640 True 1
Fn
System Sleep duration = 2000 milliseconds (2.000 seconds) True 1
Fn
File Create filename = c:/windows/temp/ktsi.exe, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE True 1
Fn
File Write filename = c:/windows/temp/ktsi.exe, size = 336384 True 1
Fn
Data
System Sleep duration = 2000 milliseconds (2.000 seconds) True 1
Fn
File Get Info filename = C:\Windows\system32\cmd.exe, type = file_attributes True 1
Fn
Process Create process_name = C:\Windows\system32\cmd.exe, os_pid = 0x908, show_window = SW_HIDE True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsWow64Process, address_out = 0x757d195e True 1
Fn
File Get Info filename = C:\Windows\system32\cmd.exe, type = file_attributes True 1
Fn
Process Create process_name = C:\Windows\system32\cmd.exe, os_pid = 0x930, show_window = SW_HIDE True 1
Fn
File Create filename = C:/Windows/Temp/snamelog, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Get Info filename = C:/Windows/Temp/snamelog, type = file_type True 1
Fn
File Read filename = C:/Windows/Temp/snamelog, size = 4096, size_out = 132 True 1
Fn
Data
File Create filename = C:/Windows/Temp/spasslog, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Get Info filename = C:/Windows/Temp/spasslog, type = file_type True 1
Fn
File Read filename = C:/Windows/Temp/spasslog, size = 4096, size_out = 66 True 1
Fn
Data
File Delete filename = c:/windows/temp/zkts.exe True 1
Fn
File Delete filename = c:/windows/temp/m32.exe True 1
Fn
File Delete filename = c:/windows/temp/m64.exe True 1
Fn
Process Create process_name = C:\Windows\temp\ktsi.exe, show_window = SW_HIDE True 1
Fn
DNS Get Hostname name_out = XDuwTfOno True 1
Fn
DNS Resolve Name host = XDuwTfOno, address_out = 192.168.0.66 True 1
Fn
DNS Resolve Name host = 192.168.0.66, address_out = 192.168.0.66 True 1
Fn
Thread 0x97c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x980
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x984
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x988
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x98c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x990
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x994
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x998
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x99c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9cc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9dc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9fc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.1, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa40
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa44
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa74
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa78
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa7c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa9c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaa0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaa4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.2, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaa8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xab0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xab4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xab8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xabc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xacc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xadc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xafc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.3, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb40
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb44
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb5c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb74
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb78
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb7c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb9c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbbc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbcc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.4, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbdc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbe0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbe4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbe8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbfc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x804
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x808
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x4c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6e4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x464
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x810
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5b0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5e0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x278
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5fc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x45c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x3b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x3c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x4fc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x604
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x658
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x674
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x660
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xc4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x81c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x71c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x54c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.5, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x724
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x180
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x460
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x824
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x634
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x324
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x344
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x33c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x69c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x458
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x588
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x470
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x928
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x668
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x320
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x244
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x930
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x958
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x938
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x934
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x940
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x93c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x834
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x880
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x418
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x968
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x974
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x978
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.6, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x85c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x848
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x864
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x850
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x34c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x830
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x87c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x700
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x918
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x910
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x908
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x90c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x91c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8cc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x970
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x964
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x328
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x75c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x97c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.7, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x99c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x998
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x994
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x990
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x98c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x988
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x984
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x980
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9dc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9cc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa44
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa40
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.8, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9fc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa74
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa78
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa7c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xabc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xab8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xab4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xab0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaa8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaa4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaa0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa9c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.9, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xafc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xadc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xacc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb40
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb44
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.10, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb5c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbbc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb9c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb7c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb78
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb74
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbcc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x634
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x324
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x344
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.11, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x278
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x470
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x588
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x458
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x69c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x33c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x4c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x804
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbdc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbe0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x808
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x54c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x924
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x92c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbfc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x914
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x180
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x728
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x41c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x824
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x928
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x880
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x834
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x93c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x940
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x934
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x938
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x958
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.12, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x930
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x244
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x320
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x668
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x978
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x974
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x968
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x418
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x830
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x34c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x850
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x864
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x848
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x85c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x964
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x970
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8cc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x91c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x90c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x908
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x910
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x918
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x700
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.13, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x87c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x328
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x75c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x97c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x99c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x998
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x994
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x990
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x98c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x988
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x984
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x980
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa40
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa44
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9cc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9dc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.14, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9fc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa74
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa78
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa7c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xabc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xab8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.15, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xab4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xab0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaa8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaa4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaa0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa9c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xafc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xadc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xacc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.16, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb40
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb44
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb9c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb5c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbcc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb74
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.17, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb78
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb7c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x634
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x470
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x278
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x344
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x324
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x588
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x458
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x69c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x33c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbbc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x4c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x924
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x54c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x808
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbe0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbdc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x804
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x41c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x728
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.18, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x180
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x914
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbfc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x92c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x824
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x928
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x880
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x834
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x93c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x940
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x934
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x938
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x958
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x930
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x244
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x320
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x668
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x978
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x974
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x85c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x848
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x864
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x850
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x34c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x830
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x418
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x968
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8cc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x970
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.19, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x964
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x700
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x918
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x910
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x908
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x90c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x91c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x97c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x75c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x328
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x87c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.20, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9fc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x99c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x998
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x994
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x990
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x98c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x988
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x984
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x980
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa40
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa44
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa9c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaa0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaa4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaa8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xab0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xab4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xab8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xabc
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa7c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa78
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.21, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa74
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9cc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xadc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xafc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xacc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.22, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9dc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x758
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x2a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb44
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb9c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.23, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb5c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb7c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb78
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb74
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbcc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x634
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x470
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x278
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x344
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x324
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x588
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x458
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x69c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x33c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbbc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x4c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.24, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x924
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x834
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x880
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x928
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x824
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x92c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbfc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x914
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x180
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x728
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x41c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x804
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbdc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbe0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x808
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x54c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x34c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x850
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x864
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x848
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x85c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x974
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x978
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x668
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.25, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x320
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x244
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x930
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x958
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x938
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x934
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x940
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x93c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x700
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x964
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x970
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8cc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x968
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x418
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x830
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x328
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x75c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x97c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x91c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x90c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x908
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x910
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.26, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x918
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa18
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x87c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaa0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa9c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa44
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa40
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x980
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x984
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x988
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x98c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x990
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x994
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x998
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x99c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.27, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9fc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xafc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb40
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xacc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.28, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x2a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x758
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9dc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb9c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb44
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb5c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.29, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x344
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x278
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x470
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x634
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbcc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb74
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb78
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb7c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x458
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x588
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x324
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x834
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x924
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x4c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbbc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x33c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x69c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.30, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x880
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x928
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x824
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x92c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbfc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x914
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x668
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x320
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x244
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x930
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x958
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x938
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x830
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x418
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x968
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8cc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x970
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x964
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x700
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x93c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x940
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x934
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x97c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x75c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x328
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.31, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x918
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x910
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x908
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x90c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x91c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa40
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa44
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa9c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaa0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x87c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9fc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.32, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x99c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x998
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x994
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x990
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x98c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x988
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x984
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x980
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x180
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x728
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x41c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x804
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbdc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbe0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x808
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x864
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x848
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x85c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x974
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x978
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xcc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xd0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xd4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xd8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.33, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xdc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xe0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xe4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xe8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x658
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x660
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x674
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xc4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x81c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x850
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x34c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x54c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x71c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xafc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb40
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.34, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xacc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9dc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x758
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x2a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.35, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb9c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb44
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb5c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x344
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x278
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x470
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x634
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb7c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb78
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb74
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbcc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.36, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x458
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x588
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x324
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x834
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbfc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x92c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x824
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x928
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x328
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x75c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x97c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x934
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x940
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x93c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x700
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x964
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x970
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8cc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x90c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x908
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x910
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x918
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.37, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x924
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x4c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbbc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x33c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x69c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x880
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x968
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x418
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x830
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x938
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x958
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x930
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x244
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x320
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x668
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x914
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x91c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.38, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x99c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9fc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x808
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbe0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbdc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x804
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x41c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x728
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x180
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x980
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x984
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x988
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x98c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x990
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x994
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x720
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x740
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x864
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9cc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 8888 False 1
Fn
Socket Close - True 1
Fn
Thread 0x848
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.39, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x85c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xd0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xcc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x978
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x974
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xab4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xabc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa7c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa78
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa74
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xd4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xadc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xd8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xdc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xe0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xe4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xe8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x54c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x34c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x850
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x81c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xc4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x674
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x660
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x658
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.40, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xafc
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x71c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xacc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb40
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.41, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9dc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb9c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x2a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x758
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x278
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x344
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb5c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.42, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb44
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x458
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbcc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb74
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb78
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb7c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb80
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x634
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x470
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x588
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x324
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x700
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x93c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x940
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x934
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x97c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.43, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x75c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x328
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x928
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x824
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x92c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbfc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x834
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x33c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbbc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x4c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x924
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x918
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x910
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x908
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x90c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8cc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x970
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x930
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x958
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x938
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x830
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x418
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x968
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x880
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x69c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.44, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x244
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x320
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x668
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x914
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x91c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x964
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x99c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9fc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x808
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.45, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbe0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x52c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbdc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x804
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x41c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x728
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x180
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x980
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x984
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x988
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x98c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x990
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x994
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x720
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x740
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x864
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9f4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9cc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x578
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x310
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x224
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x848
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xab4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x974
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x978
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xcc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xd0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x85c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.46, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xe0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xdc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xd8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xadc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xd4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa74
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa78
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa7c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xabc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x850
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x34c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x54c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xe8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xe4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x81c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb10
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb0c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb08
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb04
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb00
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xafc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x658
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x660
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x674
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xc4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.47, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x71c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb18
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb14
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xac8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9dc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9e8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9ec
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb1c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb40
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9c0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xacc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb9c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb94
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb20
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb30
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb34
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.48, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xaf0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb3c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xae0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa24
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x758
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x2a8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9d8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xba0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa98
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb5c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb60
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb64
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb38
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbb8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x344
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x278
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa2c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa28
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbc8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbcc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbd0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb68
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x458
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb90
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb8c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb44
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb88
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.49, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xad4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb6c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb80
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb7c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb78
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x328
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x75c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x97c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x9b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x934
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x940
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x93c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbf8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x924
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x4c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbbc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5a0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x33c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x834
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xbfc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb74
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb70
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x5f8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x700
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x324
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7c8
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x588
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x470
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x634
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb84
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xb54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.50, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x92c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x824
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x928
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa4c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa48
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa58
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 99 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7ac
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 445 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x4f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 6060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x4e4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 7001 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x65c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 7080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x774
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 777 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x440
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x304
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8181 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x39c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8008 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa50
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8009 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x238
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8010 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x538
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8020 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x490
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8030 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x63c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8040 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x61c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8050 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xa54
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8060 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8b4
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8070 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x918
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x910
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8081 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x908
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8082 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x90c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8083 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8cc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8084 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x970
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8085 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x6bc
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8086 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x958
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8087 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x930
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8088 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x938
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x830
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 8888 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x418
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 9000 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x67c
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 9080 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x420
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 9090 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0xc0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.51, remote_port = 9999 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x7f0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 80 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x770
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 81 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x968
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 88 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x8d0
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 89 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x880
0 3
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 90 False 1
Fn
Socket Close type = SOCK_STREAM True 1
Fn
Thread 0x69c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 99 False 1
Fn
Thread 0x6a0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 445 False 1
Fn
Thread 0x244
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 6060 False 1
Fn
Thread 0x320
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 7001 False 1
Fn
Thread 0x668
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 7080 False 1
Fn
Thread 0x7ec
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 777 False 1
Fn
Thread 0x914
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8080 False 1
Fn
Thread 0x8a4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8181 False 1
Fn
Thread 0x8b0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8008 False 1
Fn
Thread 0x91c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8009 False 1
Fn
Thread 0x8d8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8010 False 1
Fn
Thread 0x9a4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8020 False 1
Fn
Thread 0x964
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8030 False 1
Fn
Thread 0xa20
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8040 False 1
Fn
Thread 0xa68
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8050 False 1
Fn
Thread 0xbd4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8060 False 1
Fn
Thread 0x9a0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8070 False 1
Fn
Thread 0x99c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8080 False 1
Fn
Thread 0x9a8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8081 False 1
Fn
Thread 0x9ac
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8082 False 1
Fn
Thread 0xa6c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8083 False 1
Fn
Thread 0xa70
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8084 False 1
Fn
Thread 0xa08
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8085 False 1
Fn
Thread 0xa0c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8086 False 1
Fn
Thread 0xa10
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8087 False 1
Fn
Thread 0xa14
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8088 False 1
Fn
Thread 0xa18
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8090 False 1
Fn
Thread 0xa1c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 8888 False 1
Fn
Thread 0xa64
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 9000 False 1
Fn
Thread 0x9fc
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 9080 False 1
Fn
Thread 0xa60
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 9090 False 1
Fn
Thread 0x180
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.52, remote_port = 9999 False 1
Fn
Thread 0x728
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 80 False 1
Fn
Thread 0x41c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 81 False 1
Fn
Thread 0x804
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 88 False 1
Fn
Thread 0xbdc
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 89 False 1
Fn
Thread 0x52c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 90 False 1
Fn
Thread 0xbe0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 99 False 1
Fn
Thread 0x808
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 445 False 1
Fn
Thread 0xae4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 6060 False 1
Fn
Thread 0x8d4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 7001 False 1
Fn
Thread 0x8a0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 7080 False 1
Fn
Thread 0x8c8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 777 False 1
Fn
Thread 0xa04
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8080 False 1
Fn
Thread 0xa00
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8181 False 1
Fn
Thread 0x9f8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8008 False 1
Fn
Thread 0x980
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8009 False 1
Fn
Thread 0x984
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8010 False 1
Fn
Thread 0x988
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8020 False 1
Fn
Thread 0x98c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8030 False 1
Fn
Thread 0x990
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8040 False 1
Fn
Thread 0x994
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8050 False 1
Fn
Thread 0x720
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8060 False 1
Fn
Thread 0x740
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8070 False 1
Fn
Thread 0x864
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8080 False 1
Fn
Thread 0x9f4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8081 False 1
Fn
Thread 0x9cc
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8082 False 1
Fn
Thread 0x578
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8083 False 1
Fn
Thread 0x310
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8084 False 1
Fn
Thread 0x224
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8085 False 1
Fn
Thread 0x848
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8086 False 1
Fn
Thread 0xab4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8087 False 1
Fn
Thread 0x974
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8088 False 1
Fn
Thread 0x7e8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8090 False 1
Fn
Thread 0x8bc
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 8888 False 1
Fn
Thread 0x85c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 9000 False 1
Fn
Thread 0x8c0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 9080 False 1
Fn
Thread 0x8a8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 9090 False 1
Fn
Thread 0xd0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.53, remote_port = 9999 False 1
Fn
Thread 0xcc
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 80 False 1
Fn
Thread 0xa94
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 81 False 1
Fn
Thread 0xb0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 88 False 1
Fn
Thread 0x978
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 89 False 1
Fn
Thread 0xabc
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 90 False 1
Fn
Thread 0xac0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 99 False 1
Fn
Thread 0xa7c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 445 False 1
Fn
Thread 0xa78
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 6060 False 1
Fn
Thread 0xa74
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 7001 False 1
Fn
Thread 0x9d4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 7080 False 1
Fn
Thread 0x9c8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 777 False 1
Fn
Thread 0xd4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8080 False 1
Fn
Thread 0xadc
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8181 False 1
Fn
Thread 0xd8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8008 False 1
Fn
Thread 0xdc
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8009 False 1
Fn
Thread 0xe0
0 1
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Thread 0x9c4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8020 False 1
Fn
Thread 0x9d0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8030 False 1
Fn
Thread 0xad8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8040 False 1
Fn
Thread 0xb00
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8050 False 1
Fn
Thread 0xb04
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8060 False 1
Fn
Thread 0xbd8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8070 False 1
Fn
Thread 0xec
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8080 False 1
Fn
Thread 0xaec
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8081 False 1
Fn
Thread 0xae8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8082 False 1
Fn
Thread 0xb08
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8083 False 1
Fn
Thread 0xb0c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8084 False 1
Fn
Thread 0xb10
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8085 False 1
Fn
Thread 0xa80
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8086 False 1
Fn
Thread 0x81c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8087 False 1
Fn
Thread 0xe4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8088 False 1
Fn
Thread 0xe8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8090 False 1
Fn
Thread 0x54c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 8888 False 1
Fn
Thread 0x34c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 9000 False 1
Fn
Thread 0xbf0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 9080 False 1
Fn
Thread 0x850
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 9090 False 1
Fn
Thread 0x6d0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.54, remote_port = 9999 False 1
Fn
Thread 0xafc
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 80 False 1
Fn
Thread 0x658
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 81 False 1
Fn
Thread 0x660
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 88 False 1
Fn
Thread 0x674
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 89 False 1
Fn
Thread 0xc4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 90 False 1
Fn
Thread 0xaf8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 99 False 1
Fn
Thread 0xaf4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 445 False 1
Fn
Thread 0xa90
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 6060 False 1
Fn
Thread 0xa8c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 7001 False 1
Fn
Thread 0x71c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 7080 False 1
Fn
Thread 0x6c8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 777 False 1
Fn
Thread 0x6e8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8080 False 1
Fn
Thread 0xb18
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8181 False 1
Fn
Thread 0xa38
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8008 False 1
Fn
Thread 0xa34
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8009 False 1
Fn
Thread 0xa30
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8010 False 1
Fn
Thread 0xb1c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8020 False 1
Fn
Thread 0xb48
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8030 False 1
Fn
Thread 0xb40
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8040 False 1
Fn
Thread 0x9c0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8050 False 1
Fn
Thread 0xa84
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8060 False 1
Fn
Thread 0xa88
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8070 False 1
Fn
Thread 0xacc
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8080 False 1
Fn
Thread 0xb9c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8081 False 1
Fn
Thread 0xba8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8082 False 1
Fn
Thread 0xbac
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8083 False 1
Fn
Thread 0x2a8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8084 False 1
Fn
Thread 0xb3c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8086 False 1
Fn
Thread 0xaf0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8087 False 1
Fn
Thread 0xb34
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8088 False 1
Fn
Thread 0xb30
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8090 False 1
Fn
Thread 0xb2c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 8888 False 1
Fn
Thread 0xb28
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 9000 False 1
Fn
Thread 0xb24
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 9080 False 1
Fn
Thread 0xb20
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 9090 False 1
Fn
Thread 0xb94
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.55, remote_port = 9999 False 1
Fn
Thread 0xb98
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 80 False 1
Fn
Thread 0xba4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 81 False 1
Fn
Thread 0xba0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 88 False 1
Fn
Thread 0xa98
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 89 False 1
Fn
Thread 0xb5c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 90 False 1
Fn
Thread 0xb60
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 99 False 1
Fn
Thread 0xb64
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 445 False 1
Fn
Thread 0xb38
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 6060 False 1
Fn
Thread 0xbb8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 7001 False 1
Fn
Thread 0x344
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 7080 False 1
Fn
Thread 0x278
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 777 False 1
Fn
Thread 0xa2c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 8080 False 1
Fn
Thread 0xa28
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 8181 False 1
Fn
Thread 0xbc0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 8008 False 1
Fn
Thread 0xbc4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 8009 False 1
Fn
Thread 0xbc8
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 8010 False 1
Fn
Thread 0xbcc
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 8020 False 1
Fn
Thread 0xbd0
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 8030 False 1
Fn
Thread 0xb50
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 8040 False 1
Fn
Thread 0xb68
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 8050 False 1
Fn
Thread 0x458
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 8060 False 1
Fn
Thread 0x42c
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 8070 False 1
Fn
Thread 0xb90
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 8080 False 1
Fn
Thread 0xbf4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 8081 False 1
Fn
Thread 0xad4
0 2
»
Category Operation Information Success Count Logfile
Socket Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Socket Connect remote_address = 192.168.0.56, remote_port = 8082 False 1
Fn
Process #2: cmd.exe
58 0
»
Information Value
ID #2
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c c:/windows/temp/zkts.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:26, Reason: Child Process
Unmonitor End Time: 00:00:31, Reason: Self Terminated
Monitor Duration 00:00:05
OS Process Information
»
Information Value
PID 0x908
Parent PID 0x8e4 (c:\users\5p5nrgjn0js halpmcxz\desktop\out.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 90C
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e1fff Pagefile Backed Memory rw True False False -
private_0x00000000000f0000 0x000f0000 0x000f0fff Private Memory rw True False False -
private_0x0000000000100000 0x00100000 0x00100fff Private Memory rw True False False -
private_0x0000000000190000 0x00190000 0x001cffff Private Memory rw True False False -
private_0x0000000000260000 0x00260000 0x0035ffff Private Memory rw True False False -
pagefile_0x0000000000360000 0x00360000 0x004e7fff Pagefile Backed Memory r True False False -
private_0x0000000000510000 0x00510000 0x0058ffff Private Memory rw True False False -
pagefile_0x0000000000590000 0x00590000 0x00710fff Pagefile Backed Memory r True False False -
private_0x0000000000740000 0x00740000 0x0083ffff Private Memory rw True False False -
private_0x0000000000a10000 0x00a10000 0x00a1ffff Private Memory rw True False False -
pagefile_0x0000000000a20000 0x00a20000 0x01e1ffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001e20000 0x01e20000 0x02162fff Pagefile Backed Memory r True False False -
sortdefault.nls 0x02170000 0x0243efff Memory Mapped File r False False False -
cmd.exe 0x4aaa0000 0x4aaebfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x754c0000 0x754c6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x90c
58 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:12 (UTC) True 1
Fn
System Get Time type = Ticks, time = 94209 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4aaa0000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 2
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Process Create process_name = c:\windows\temp\zkts.exe, os_pid = 0x910, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000000 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #3: zkts.exe
1204 0
»
Information Value
ID #3
File Name c:\windows\temp\zkts.exe
Command Line c:/windows/temp/zkts.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:27, Reason: Child Process
Unmonitor End Time: 00:00:29, Reason: Self Terminated
Monitor Duration 00:00:02
OS Process Information
»
Information Value
PID 0x910
Parent PID 0x908 (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable True
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 914
0x 920
0x 924
0x 928
0x 92C
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
private_0x0000000000020000 0x00020000 0x00020fff Private Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00030fff Private Memory rw True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
private_0x0000000000050000 0x00050000 0x0008ffff Private Memory rw True False False -
private_0x0000000000090000 0x00090000 0x0018ffff Private Memory rw True False False -
pagefile_0x0000000000190000 0x00190000 0x00193fff Pagefile Backed Memory r True False False -
pagefile_0x00000000001a0000 0x001a0000 0x001a1fff Pagefile Backed Memory r True False False -
locale.nls 0x001b0000 0x00216fff Memory Mapped File r False False False -
pagefile_0x0000000000220000 0x00220000 0x00221fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000220000 0x00220000 0x00226fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000230000 0x00230000 0x00231fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000240000 0x00240000 0x00241fff Pagefile Backed Memory rw True False False -
private_0x0000000000250000 0x00250000 0x0025ffff Private Memory rw True False False -
pagefile_0x0000000000260000 0x00260000 0x003e7fff Pagefile Backed Memory r True False False -
msctf.dll.mui 0x003f0000 0x003f0fff Memory Mapped File rw False False False -
zkts.exe 0x00400000 0x0042bfff Memory Mapped File rwx True True False
...
pagefile_0x0000000000430000 0x00430000 0x005b0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000005c0000 0x005c0000 0x005c1fff Pagefile Backed Memory r True False False -
pagefile_0x00000000005c0000 0x005c0000 0x005c0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000005d0000 0x005d0000 0x005d0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000005e0000 0x005e0000 0x005e0fff Pagefile Backed Memory rw True False False -
private_0x0000000000610000 0x00610000 0x0068ffff Private Memory rw True False False -
private_0x0000000000690000 0x00690000 0x007effff Private Memory rw True False False -
pagefile_0x0000000000690000 0x00690000 0x0076efff Pagefile Backed Memory r True False False -
private_0x0000000000770000 0x00770000 0x007affff Private Memory rw True False False -
private_0x00000000007b0000 0x007b0000 0x007effff Private Memory rw True False False -
private_0x00000000007f0000 0x007f0000 0x0086ffff Private Memory rw True False False -
private_0x0000000000870000 0x00870000 0x0096ffff Private Memory rw True False False -
pagefile_0x0000000000970000 0x00970000 0x01d6ffff Pagefile Backed Memory r True False False -
sortdefault.nls 0x01d70000 0x0203efff Memory Mapped File r False False False -
private_0x0000000002040000 0x02040000 0x0215ffff Private Memory rw True False False -
private_0x0000000002040000 0x02040000 0x0207ffff Private Memory rw True False False -
private_0x0000000002080000 0x02080000 0x020bffff Private Memory rw True False False -
private_0x00000000020c0000 0x020c0000 0x020fffff Private Memory rw True False False -
private_0x0000000002120000 0x02120000 0x0215ffff Private Memory rw True False False -
staticcache.dat 0x02160000 0x02a8ffff Memory Mapped File r False False False -
private_0x0000000002a90000 0x02a90000 0x02b8ffff Private Memory rw True False False -
private_0x0000000002b90000 0x02b90000 0x02c8ffff Private Memory rw True False False -
private_0x0000000002c90000 0x02c90000 0x03090fff Private Memory rw True False False -
private_0x0000000002c90000 0x02c90000 0x02d90fff Private Memory rw True False False -
private_0x0000000002da0000 0x02da0000 0x02ea0fff Private Memory rw True False False -
private_0x0000000002eb0000 0x02eb0000 0x02fb0fff Private Memory rw True False False -
private_0x0000000002fc0000 0x02fc0000 0x030c0fff Private Memory rw True False False -
private_0x00000000030a0000 0x030a0000 0x0319ffff Private Memory rw True False False -
private_0x00000000030d0000 0x030d0000 0x034d0fff Private Memory rw True False False -
private_0x00000000034e0000 0x034e0000 0x035dffff Private Memory rw True False False -
private_0x00000000035e0000 0x035e0000 0x036dffff Private Memory rw True False False -
private_0x00000000036e0000 0x036e0000 0x037dffff Private Memory rw True False False -
private_0x00000000037e0000 0x037e0000 0x038dffff Private Memory rw True False False -
private_0x00000000038e0000 0x038e0000 0x0395ffff Private Memory rw True False False -
private_0x0000000003960000 0x03960000 0x039dffff Private Memory rw True False False -
private_0x00000000039e0000 0x039e0000 0x03a5ffff Private Memory rw True False False -
private_0x0000000003a60000 0x03a60000 0x03a9ffff Private Memory rw True False False -
private_0x0000000003aa0000 0x03aa0000 0x03adffff Private Memory rw True False False -
dwmapi.dll 0x74f40000 0x74f52fff Memory Mapped File rwx False False False -
uxtheme.dll 0x74f60000 0x74fdffff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
profapi.dll 0x75310000 0x7531afff Memory Mapped File rwx False False False -
comctl32.dll 0x75320000 0x754bdfff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
shell32.dll 0x76900000 0x77549fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Created Files
»
Filename File Size Hash Values YARA Match Actions
c:\windows\temp\svchostb.exe 60.00 KB MD5: 292c31454d142fce23f6dfaf921fbd08
SHA1: 733728393a10686b4a6c463231f8e34ec40a38d5
SHA256: 22501da84c7604912d730681de696f9d60c04e81c12f3641f306449474c299ea
SSDeep: 1536:M4a+klCorZsVWmAi2dqux+ZjsTAAcNWbTCe:U+uRZ+3AJEvwVTJ 		False
...
c:\windows\temp\trch-1.dll 58.50 KB MD5: 838ceb02081ac27de43da56bec20fc76
SHA1: 972ab587cdb63c8263eb977f10977fd7d27ecf7b
SHA256: 0259d41720f7084716a3b2bbe34ac6d3021224420f81a4e839b0b3401e5ef29f
SSDeep: 768:9fo4XJn+xrNRFydS3allJVAI5az6oL5BsterNpGEi1Yt4KH8va:9DurNRFoS38lJD+B4te5pGjY+da 		False
...
c:\windows\temp\ssleay32.dll 180.00 KB MD5: 5e8ecdc3e70e2ecb0893cbda2c18906f
SHA1: 43f92d0e47b1371c0442c6cc8af3685c2119f82c
SHA256: be8eb97d8171b8c91c6bc420346f7a6d2d2f76809a667ade03c990feffadaad5
SSDeep: 3072:mLTO9u7hG/sRtbvSRvkFKSmxuMy2n+WztW56X3AdGa1XW3VL7uGLnPhanJE+hX:eyg7hztbvSRvkWxuMlndzouWnmPLcnJ 		False
...
c:\windows\temp\svchostbs.exe 25.00 KB MD5: ae802629233bc39c66c7f136cb10a939
SHA1: 13c5c6918063c31691caf1522d3e09bc2d1bdd85
SHA256: c8af5abb931257aec0f33ecbe8cb1731dbc1695369c800810cad2fb1cc004b08
SSDeep: 384:YvLBWDRL//PoBncRA0YaQ7rsgi8ZM4oLZDI4owY6KmjCezMbgOlMcMIdU7vvxlL:Y9WD1TC0YaQ/3i8+LWfIEbLlI2U7D 		True
...
c:\windows\temp\libeay32.dll 882.00 KB MD5: f01f09fe90d0f810c44dce4e94785227
SHA1: 036f327417b7e1c6e0b91831440992972bc7802e
SHA256: 5f30aa2fe338191b972705412b8043b0a134cdb287d754771fc225f2309e82ee
SSDeep: 12288:G8Vbf1xLg6nelYgv1GZzd6qNvFBMhLG/SV2qvteuhNJspc4z84mbKeV4gbU:bo1v1GZFNvDya/SVQuhN2p9z84m3e+U 		False
...
c:\windows\temp\trfo-2.dll 29.00 KB MD5: 3e89c56056e5525bf4d9e52b28fbbca7
SHA1: 08f93ab25190a44c4e29bee5e8aacecc90dab80c
SHA256: b2a3172a1d676f00a62df376d8da805714553bb3221a8426f9823a8a5887daaa
SSDeep: 768:NluruFqeE4KRu8B/4VHNaEoPw6HtFhCC48qkfg:Nlu0EDRTl4VHkw6NLA8 		False
...
c:\windows\temp\dmgd-4.dll 468.50 KB MD5: a05c7011ab464e6c353a057973f5a06e
SHA1: e819a4f985657b58d06b4f8ad483d8e9733e0c37
SHA256: 50f329e034db96ba254328cd1e0f588af6126c341ed92ddf4aeb96bc76835937
SSDeep: 3072:VgSjV199+51p9xrQmd1xHQmh1t38lzwpzKVJV2E5Jp2rxrI1+uhHIZ+gHTTnIv+g:Vg1gm 		False
...
c:\windows\temp\svchostbs.xml 5.22 KB MD5: 09d45ae26830115fd8d9cdc2aa640ca5
SHA1: 41a6ad8d88b6999ac8a3ff00dd9641a37ee20933
SHA256: cf33a92a05ba3c807447a5f6b7e45577ed53174699241da360876d4f4a2eb2de
SSDeep: 96:yJhKJ6yPl/rGH4rAH+6UlbscJsZPF97yr+HKSB+x+M+rEH:k4JFIXepb9ga 		False
...
c:\windows\temp\m64.exe 363.50 KB MD5: 2d2e3b0d8a9723eb49bd6f817cbe2e22
SHA1: 0de80d21c389061e69dd3a0c61ac3ba225b9bb44
SHA256: db995430707d2d34de8e5ce5fb4b22a87422f5a7b4d38960ed6615d4ea3d9495
SSDeep: 6144:J7a3Ui4FEK7EwGV/2Bk2qvwsWK1a6wWjed90AIEOznjKP/k3IKiMSUP+mPH8W1OL:J7a3UB7vG8qIsb18WwKE+jKPo/SC4UiB 		False
...
c:\windows\temp\KillDuplicate.cmd 0.22 KB MD5: 68cecdf24aa2fd011ece466f00ef8450
SHA1: 2f859046187e0d5286d0566fac590b1836f6e1b7
SHA256: 64929489dc8a0d66ea95113d4e676368edb576ea85d23564d53346b21c202770
SSDeep: 6:vFuj9HUHOPLtInnIgvRY77flFjfA+qpxuArS3+xTfVk3:duj9HeONgvRYnlfYFrSMTtk3 		False
...
c:\windows\temp\m32.exe 322.00 KB MD5: 0b5469b69a0d2e205640b78157ca225a
SHA1: b2d7079a39fe7bbb835090ec74512d4bfa5c44cf
SHA256: 4179a1bff4c698ea6958bacb1f1734b9ab804cef35ecaf0e2a2b4b2eadf8e935
SSDeep: 6144:nLMTrKephodcr8tIV7bDb8hVqgB2DWF7HwDFTLPIDZXws1gq0BcDnLy3/:nA3Ks1d8VqgB2DI+XADd/LS/ 		False
...
c:\windows\temp\posh-0.dll 11.00 KB MD5: 2f0a52ce4f445c6e656ecebbcaceade5
SHA1: 35493e06b0b2cdab2211c0fc02286f45d5e2606d
SHA256: cde45f7ff05f52b7215e4b0ea1f2f42ad9b42031e16a3be9772aa09e014bacdb
SSDeep: 192:BNn+r+YB4cdCjWXGyby8Eaw5Xs+dNjnGy6W4l5t1Ib/X:BdW+k4z3yu8rwy+dNjnGlW40 		False
...
c:\windows\temp\tibe-2.dll 232.00 KB MD5: f0881d5a7f75389deba3eff3f4df09ac
SHA1: 8404f2776fa8f7f8eaffb7a1859c19b0817b147a
SHA256: ca63dbb99d9da431bf23aca80dc787df67bb01104fb9358a7813ed2fce479362
SSDeep: 3072:GQng3MAngh6CNXfdUrYSaocn484kQL93ZnV6Bbf5+1qo3/mlch9VQ816oPYQ3:GwkQf4q481Qx3hV6Bbf5+1qbch9V91J 		False
...
c:\windows\temp\tucl-1.dll 9.00 KB MD5: 83076104ae977d850d1e015704e5730a
SHA1: 776e7079734bc4817e3af0049f42524404a55310
SHA256: cf25bdc6711a72713d80a4a860df724a79042be210930dcbfc522da72b39bb12
SSDeep: 192:EXTHmlw2IjGFKL6rBbnbO8slVnZp7snHQNv8uU4l5XLIb/p2:yHm218DrB768mFZxsKv8v4/cF2 		False
...
c:\windows\temp\coli-0.dll 15.00 KB MD5: 3c2fe2dbdf09cfa869344fdb53307cb2
SHA1: b67a8475e6076a24066b7cb6b36d307244bb741f
SHA256: 0439628816cabe113315751e7113a9e9f720d7e499ffdd78acbac1ed8ba35887
SSDeep: 192:c1VDVzDJuoJ/a8yRIB4Al4rKoRbFjGgGz3bG8sEwdCs8Ej2uHR0EhBkM2NFU+z4o:c1VxsoNKI++u1qz3K8BwxCO103z4VL2 		False
...
c:\windows\temp\cnli-1.dll 98.50 KB MD5: a539d27f33ef16e52430d3d2e92e9d5c
SHA1: f6d4f160705dc5a8a028baca75b2601574925ac5
SHA256: db0831e19a4e3a736ea7498dadc2d6702342f75fd8f7fbae1894ee2e9738c2b4
SSDeep: 3072:LrZL1wTcqmJ3QthbjsKXhoF3P3aTCLEA7HHxJPt:LN47aF3CTC37H 		False
...
c:\windows\temp\katyusha.dll 5.00 KB MD5: 94bd92ad65ee59117db13eab0d40ae21
SHA1: ef3f3c19f8f5618c40da861f99b1292da926df16
SHA256: ad8008d02b66ad40acb6389e51aee351363968da5a6b7dc4ac293af354af738f
SSDeep: 24:ev1GSFGFiKT9D8iOWDKunsoZ9cniXPwLi/njpnNfuMAcaKq9KWZRCIpF:qFGFxrdsoZ9cPL2cMPE9JZRCc 		False
...
c:\windows\temp\zlib1.dll 59.00 KB MD5: e4ad4df4e41240587b4fe8bbcb32db15
SHA1: e8c98dbcd20d45bbbbf4994cc4c95dfcf504c690
SHA256: aa8adf96fc5a7e249a6a487faaf0ed3e00c40259fdae11d4caf47a24a9d3aaed
SSDeep: 1536:B/Dm7yqxVqWk9XZDGu8I+rnToIfnIOwIOkyk:B/DmWaq/9XZDwLTBfJmkyk 		False
...
c:\windows\temp\exma-1.dll 10.00 KB MD5: ba629216db6cf7c0c720054b0c9a13f3
SHA1: 37bb800b2bb812d4430e2510f14b5b717099abaa
SHA256: 15292172a83f2e7f07114693ab92753ed32311dfba7d54fe36cc7229136874d9
SSDeep: 192:+ouDzncwrjGQmzZbO8sEk3jMkx6VuxLj4l5JVIb/A:+xDz1azZa8Bkz5xDxH4xmk 		False
...
c:\windows\temp\libxml2.dll 807.00 KB MD5: 9a5cec05e9c158cbc51cdc972693363d
SHA1: ca4d1bb44c64a85871944f3913ca6ccddfa2dc04
SHA256: aceb27720115a63b9d47e737fd878a61c52435ea4ec86ba8e58ee744bc85c4f3
SSDeep: 12288:OhdWYPkG1r0VtrTMhsGCQcdGfGwKaNAu5uld+tirrmrx+448+:4lPpr0PsBCfYfGg6t3rm 		False
...
c:\windows\temp\crli-0.dll 17.00 KB MD5: f82fa69bfe0522163eb0cf8365497da2
SHA1: 75be54839f3d01dc4755ddc319f23f287b1f9a7b
SHA256: b556b5c077e38dcb65d21a707c19618d02e0a65ff3f9887323728ec078660cc3
SSDeep: 384://8GSU0q4AG2FuEe4k9k+kGP599OdcxwX6Sn+P47kAkluNO8Nofi/4Rtz://8GSU0qnhEEe4QTHP79OdcxwX6S+PQA 		False
...
c:\windows\temp\ucl.dll 57.00 KB MD5: 6b7276e4aa7a1e50735d2f6923b40de4
SHA1: db8603ac6cac7eb3690f67af7b8d081aa9ce3075
SHA256: f0df80978b3a563077def7ba919e2f49e5883d24176e6b3371a8eef1efe2b06a
SSDeep: 1536:ncZeBwroDJXSoY9/8qqG9aCapIu2GfUFd0:ZWrSJCoyUlG9sg0 		False
...
c:\windows\temp\svchostp.exe 67.00 KB MD5: 0e2d6be0556d0a1ec47a934da3244fc0
SHA1: 72d71778aa892d1dfa96e2727e378e9ceb06e88d
SHA256: fa2a5db45a4808a3d087bb9cf807c5672be9e856166a049d15997b56c4626af4
SSDeep: 1536:wd0DYbKaBmRiPLzTKIO8qn+FOcHJLFdTr:smwPXTtwn+gcHJnf 		False
...
c:\windows\temp\svchostb.xml 7.60 KB MD5: f56025565de4f53f5771d4966c2b5555
SHA1: b22162a38cdd4b85254b6c909a9e5210711d77af
SHA256: ea7caa08e115dbb438e29da46b47f54c62c29697617bae44464a9b63d9bddf18
SSDeep: 192:O56qWdem0F0H6/OrYO/ysg7mBMCv7GHrCucPFTU:O5CdZ0F6Le 		False
...
c:\windows\temp\xdvl-0.dll 31.50 KB MD5: 5b72ccfa122e403919a613785779af49
SHA1: f560ea0a109772be2b62c539b0bb67c46279abd1
SHA256: b7d8fcc3fb533e5e0069e00bc5a68551479e54a990bb1b658e1bd092c0507d68
SSDeep: 768:ah/VicQqYL6tqi5CzTbvNJKMEKRW2FN4fn9n:ah/P5YJi5CzvvNJKMEX2FN4f9 		False
...
Threads
Thread 0x914
705 0
»
Category Operation Information Success Count Logfile
System Get Info type = Operating System True 1
Fn
Module Get Handle module_name = c:\windows\temp\zkts.exe, base_address = 0x400000 True 2
Fn
Window Create window_name = sfx, class_name = tooltips_class32, wndproc_parameter = 0 True 1
Fn
System Sleep duration = 1 milliseconds (0.001 seconds) True 1
Fn
System Get Info type = Operating System True 1
Fn
Module Load module_name = kernel32, base_address = 0x757c0000 True 1
Fn
Environment Get Environment String name = SfxString3 False 1
Fn
Environment Get Environment String name = SfxString40 False 1
Fn
Environment Get Environment String name = SfxString2 False 1
Fn
Environment Get Environment String name = SfxString5 False 1
Fn
Environment Get Environment String name = SfxString21 False 1
Fn
Environment Get Environment String name = SfxString22 False 1
Fn
Environment Get Environment String name = SfxString23 False 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetNativeSystemInfo, address_out = 0x757e10b5 True 1
Fn
System Get Info type = Hardware Information True 1
Fn
Module Get Filename process_name = c:\windows\temp\zkts.exe, file_name_orig = c:\windows\temp\zkts.exe, size = 520 True 1
Fn
Environment Get Environment String name = SfxString4 False 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetNativeSystemInfo, address_out = 0x757e10b5 True 1
Fn
System Get Info type = Hardware Information True 1
Fn
File Create filename = c:\windows\temp\zkts.exe, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetNativeSystemInfo, address_out = 0x757e10b5 True 1
Fn
System Get Info type = Hardware Information True 1
Fn
File Read filename = c:\windows\temp\zkts.exe, size = 4096, size_out = 4096 True 1
Fn
Data
File Read filename = c:\windows\temp\zkts.exe, size = 4079, size_out = 4079 True 37
Fn
Data
File Read filename = c:\windows\temp\zkts.exe, size = 4096, size_out = 4096 True 1
Fn
Data
File Read filename = c:\windows\temp\zkts.exe, size = 4075, size_out = 4075 True 210
Fn
Data
Environment Get Environment String name = SfxString1 False 1
Fn
Environment Get Environment String name = SfxString2 False 1
Fn
Environment Get Environment String name = SfxString3 False 1
Fn
Environment Get Environment String name = SfxString4 False 1
Fn
Environment Get Environment String name = SfxString5 False 1
Fn
Environment Get Environment String name = SfxString6 False 1
Fn
Environment Get Environment String name = SfxString7 False 1
Fn
Environment Get Environment String name = SfxString8 False 1
Fn
Environment Get Environment String name = SfxString9 False 1
Fn
Environment Get Environment String name = SfxString10 False 1
Fn
Environment Get Environment String name = SfxString11 False 1
Fn
Environment Get Environment String name = SfxString12 False 1
Fn
Environment Get Environment String name = SfxString13 False 1
Fn
Environment Get Environment String name = SfxString14 False 1
Fn
Environment Get Environment String name = SfxString15 False 1
Fn
Environment Get Environment String name = SfxString16 False 1
Fn
Environment Get Environment String name = SfxString17 False 1
Fn
Environment Get Environment String name = SfxString18 False 1
Fn
Environment Get Environment String name = SfxString19 False 1
Fn
Environment Get Environment String name = SfxString20 False 1
Fn
Environment Get Environment String name = SfxString33 False 1
Fn
Environment Get Environment String name = SfxString34 False 1
Fn
Environment Get Environment String name = SfxString21 False 1
Fn
Environment Get Environment String name = SfxString22 False 1
Fn
Environment Get Environment String name = SfxString23 False 1
Fn
Environment Get Environment String name = SfxString24 False 1
Fn
Environment Get Environment String name = SfxString25 False 1
Fn
Environment Get Environment String name = SfxString26 False 1
Fn
Environment Get Environment String name = SfxString27 False 1
Fn
Environment Get Environment String name = SfxString28 False 1
Fn
Environment Get Environment String name = SfxString29 False 1
Fn
Environment Get Environment String name = SfxString30 False 1
Fn
Environment Get Environment String name = SfxString31 False 1
Fn
Environment Get Environment String name = SfxString32 False 1
Fn
Environment Get Environment String name = SfxString35 False 1
Fn
Environment Get Environment String name = SfxString36 False 1
Fn
Environment Get Environment String name = SfxString37 False 1
Fn
Environment Get Environment String name = SfxString38 False 1
Fn
Environment Get Environment String name = SfxString39 False 1
Fn
Environment Get Environment String name = SfxString40 False 1
Fn
Environment Get Environment String name = SfxString41 False 1
Fn
Environment Get Environment String name = SfxString42 False 1
Fn
Environment Get Environment String name = SfxString43 False 1
Fn
Environment Get Environment String name = SfxString44 False 1
Fn
Environment Get Environment String name = SfxString45 False 1
Fn
Environment Get Environment String name = SfxString44 False 1
Fn
File Read filename = c:\windows\temp\zkts.exe, size = 32, size_out = 32 True 1
Fn
Data
File Read filename = c:\windows\temp\zkts.exe, size = 32736, size_out = 32736 True 5
Fn
Data
File Read filename = c:\windows\temp\zkts.exe, size = 36, size_out = 36 True 1
Fn
Data
File Read filename = c:\windows\temp\zkts.exe, size = 525, size_out = 525 True 1
Fn
Data
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetNativeSystemInfo, address_out = 0x757e10b5 True 1
Fn
System Get Info type = Hardware Information True 1
Fn
File Read filename = c:\windows\temp\zkts.exe, size = 4096, size_out = 4096 True 1
Fn
Data
File Read filename = c:\windows\temp\zkts.exe, size = 4079, size_out = 4079 True 37
Fn
Data
File Read filename = c:\windows\temp\zkts.exe, size = 4096, size_out = 4096 True 1
Fn
Data
File Read filename = c:\windows\temp\zkts.exe, size = 4075, size_out = 4075 True 202
Fn
Data
Environment Get Environment String name = SfxString44 False 2
Fn
Environment Set Environment String name = SfxFolder00, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = 7zSfxFolder00, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = SfxFolder02, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = 7zSfxFolder02, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = SfxFolder05, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = 7zSfxFolder05, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = MyDocuments, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = MyDocs, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = SfxFolder06, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = 7zSfxFolder06, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = SfxFolder07, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder07, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder08, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Recent True 1
Fn
Environment Set Environment String name = 7zSfxFolder08, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Recent True 1
Fn
Environment Set Environment String name = SfxFolder09, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\SendTo True 1
Fn
Environment Set Environment String name = 7zSfxFolder09, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\SendTo True 1
Fn
Environment Set Environment String name = SfxFolder11, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = 7zSfxFolder11, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = SfxFolder13, value = C:\Users\5p5NrGJn0jS HALPmcxz\Music True 1
Fn
Environment Set Environment String name = 7zSfxFolder13, value = C:\Users\5p5NrGJn0jS HALPmcxz\Music True 1
Fn
Environment Set Environment String name = SfxFolder14, value = C:\Users\5p5NrGJn0jS HALPmcxz\Videos True 1
Fn
Environment Set Environment String name = 7zSfxFolder14, value = C:\Users\5p5NrGJn0jS HALPmcxz\Videos True 1
Fn
Environment Set Environment String name = SfxFolder16, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = 7zSfxFolder16, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = UserDesktop, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = SfxFolder19, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Network Shortcuts True 1
Fn
Environment Set Environment String name = 7zSfxFolder19, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Network Shortcuts True 1
Fn
Environment Set Environment String name = SfxFolder20, value = C:\Windows\Fonts True 1
Fn
Environment Set Environment String name = 7zSfxFolder20, value = C:\Windows\Fonts True 1
Fn
Environment Set Environment String name = SfxFolder21, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = 7zSfxFolder21, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = SfxFolder22, value = C:\ProgramData\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = 7zSfxFolder22, value = C:\ProgramData\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = SfxFolder23, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = 7zSfxFolder23, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = SfxFolder24, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder24, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder25, value = C:\Users\Public\Desktop True 1
Fn
Environment Set Environment String name = 7zSfxFolder25, value = C:\Users\Public\Desktop True 1
Fn
Environment Set Environment String name = CommonDesktop, value = C:\Users\Public\Desktop True 1
Fn
Environment Set Environment String name = SfxFolder26, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming True 1
Fn
Environment Set Environment String name = 7zSfxFolder26, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming True 1
Fn
Environment Set Environment String name = SfxFolder27, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Printer Shortcuts True 1
Fn
Environment Set Environment String name = 7zSfxFolder27, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Printer Shortcuts True 1
Fn
Environment Set Environment String name = SfxFolder28, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local True 1
Fn
Environment Set Environment String name = 7zSfxFolder28, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local True 1
Fn
Environment Set Environment String name = SfxFolder29, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder29, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder30, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder30, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder31, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = 7zSfxFolder31, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = SfxFolder32, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\Temporary Internet Files True 1
Fn
Environment Set Environment String name = 7zSfxFolder32, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\Temporary Internet Files True 1
Fn
Environment Set Environment String name = SfxFolder33, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Cookies True 1
Fn
Environment Set Environment String name = 7zSfxFolder33, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Cookies True 1
Fn
Environment Set Environment String name = SfxFolder34, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\History True 1
Fn
Environment Set Environment String name = 7zSfxFolder34, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\History True 1
Fn
Environment Set Environment String name = SfxFolder35, value = C:\ProgramData True 1
Fn
Environment Set Environment String name = 7zSfxFolder35, value = C:\ProgramData True 1
Fn
Environment Set Environment String name = SfxFolder36, value = C:\Windows True 1
Fn
Environment Set Environment String name = 7zSfxFolder36, value = C:\Windows True 1
Fn
Environment Set Environment String name = SfxFolder37, value = C:\Windows\system32 True 1
Fn
Environment Set Environment String name = 7zSfxFolder37, value = C:\Windows\system32 True 1
Fn
Environment Set Environment String name = SfxFolder38, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = 7zSfxFolder38, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = SfxFolder39, value = C:\Users\5p5NrGJn0jS HALPmcxz\Pictures True 1
Fn
Environment Set Environment String name = 7zSfxFolder39, value = C:\Users\5p5NrGJn0jS HALPmcxz\Pictures True 1
Fn
Environment Set Environment String name = SfxFolder40, value = C:\Users\5p5NrGJn0jS HALPmcxz True 1
Fn
Environment Set Environment String name = 7zSfxFolder40, value = C:\Users\5p5NrGJn0jS HALPmcxz True 1
Fn
Environment Set Environment String name = SfxFolder41, value = C:\Windows\SysWOW64 True 1
Fn
Environment Set Environment String name = 7zSfxFolder41, value = C:\Windows\SysWOW64 True 1
Fn
Environment Set Environment String name = SfxFolder42, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = 7zSfxFolder42, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = SfxFolder43, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = 7zSfxFolder43, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = SfxFolder44, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = 7zSfxFolder44, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = SfxFolder45, value = C:\ProgramData\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = 7zSfxFolder45, value = C:\ProgramData\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = SfxFolder46, value = C:\Users\Public\Documents True 1
Fn
Environment Set Environment String name = 7zSfxFolder46, value = C:\Users\Public\Documents True 1
Fn
Environment Set Environment String name = CommonDocuments, value = C:\Users\Public\Documents True 1
Fn
Environment Set Environment String name = SfxFolder47, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = 7zSfxFolder47, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = SfxFolder48, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = 7zSfxFolder48, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = SfxFolder53, value = C:\Users\Public\Music True 1
Fn
Environment Set Environment String name = 7zSfxFolder53, value = C:\Users\Public\Music True 1
Fn
Environment Set Environment String name = SfxFolder54, value = C:\Users\Public\Pictures True 1
Fn
Environment Set Environment String name = 7zSfxFolder54, value = C:\Users\Public\Pictures True 1
Fn
Environment Set Environment String name = SfxFolder55, value = C:\Users\Public\Videos True 1
Fn
Environment Set Environment String name = 7zSfxFolder55, value = C:\Users\Public\Videos True 1
Fn
Environment Set Environment String name = SfxFolder56, value = C:\Windows\resources True 1
Fn
Environment Set Environment String name = 7zSfxFolder56, value = C:\Windows\resources True 1
Fn
Environment Set Environment String name = SfxFolder59, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\Burn\Burn True 1
Fn
Environment Set Environment String name = 7zSfxFolder59, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\Burn\Burn True 1
Fn
Environment Set Environment String name = SfxVarModulePlatform, value = x86 True 1
Fn
Environment Set Environment String name = 7zSfxVarModulePlatform, value = x86 True 1
Fn
Environment Set Environment String name = SfxVarSystemPlatform, value = x64 True 1
Fn
Environment Set Environment String name = 7zSfxVarSystemPlatform, value = x64 True 1
Fn
Environment Set Environment String name = SfxVarCmdLine0, value = c:/windows/temp/zkts.exe True 1
Fn
Environment Set Environment String name = 7zSfxVarCmdLine0, value = c:/windows/temp/zkts.exe True 1
Fn
Environment Set Environment String name = SfxVarSystemLanguage, value = 1033 True 1
Fn
Environment Set Environment String name = 7zSfxVarSystemLanguage, value = 1033 True 1
Fn
Environment Set Environment String name = SfxString1, value = SFX module - Copyright (c) 2005-2016 Oleg Scherbakov 1.7.0 develop [x86] build 3900 (April 1, 2016) 7-Zip archiver - Copyright (c) 1999-2015 Igor Pavlov 15.14 (December 31, 2015) Supported methods and filters, build options: True 1
Fn
Environment Set Environment String name = SfxString2, value = 7z SFX True 1
Fn
Environment Set Environment String name = SfxString3, value = 7z SFX: error True 1
Fn
Environment Set Environment String name = SfxString4, value = : error True 1
Fn
Environment Set Environment String name = SfxString5, value = Extracting True 1
Fn
Environment Set Environment String name = SfxString6, value = Could not get SFX filename. True 1
Fn
Environment Set Environment String name = SfxString7, value = Could not open archive file "%s". True 1
Fn
Environment Set Environment String name = SfxString8, value = Non 7z archive. True 1
Fn
Environment Set Environment String name = SfxString9, value = Could not read SFX configuration or configuration not found. True 1
Fn
Environment Set Environment String name = SfxString10, value = Could not write SFX configuration. True 1
Fn
Environment Set Environment String name = SfxString11, value = Error in line %d of configuration data: %s True 1
Fn
Environment Set Environment String name = SfxString12, value = Could not create folder "%s". True 1
Fn
Environment Set Environment String name = SfxString13, value = Could not delete file or folder "%s". True 1
Fn
Environment Set Environment String name = SfxString14, value = Could not find command for "%s". True 1
Fn
Environment Set Environment String name = SfxString15, value = Could not find "setup.exe". True 1
Fn
Environment Set Environment String name = SfxString16, value = Error during execution "%s". True 1
Fn
Environment Set Environment String name = SfxString17, value = 7-Zip: Unsupported method. True 1
Fn
Environment Set Environment String name = SfxString18, value = 7-Zip: CRC error. True 1
Fn
Environment Set Environment String name = SfxString19, value = 7-Zip: Data error. The archive is corrupted, or invalid password was entered. True 1
Fn
Environment Set Environment String name = SfxString20, value = 7-Zip: Internal error, code %u. True 1
Fn
Environment Set Environment String name = SfxString33, value = 7-Zip: Internal error, code 0x%08X. True 1
Fn
Environment Set Environment String name = SfxString34, value = 7-Zip: Extraction error. True 1
Fn
Environment Set Environment String name = SfxString21, value = Extraction path True 1
Fn
Environment Set Environment String name = SfxString22, value = Extraction path: True 1
Fn
Environment Set Environment String name = SfxString23, value = Really cancel the installation? True 1
Fn
Environment Set Environment String name = SfxString24, value = No "HelpText" in the configuration file. True 1
Fn
Environment Set Environment String name = SfxString25, value = OK True 1
Fn
Environment Set Environment String name = SfxString26, value = Cancel True 1
Fn
Environment Set Environment String name = SfxString27, value = Yes True 1
Fn
Environment Set Environment String name = SfxString28, value = No True 1
Fn
Environment Set Environment String name = SfxString29, value = s True 1
Fn
Environment Set Environment String name = SfxString30, value = Could not create file "%s". True 1
Fn
Environment Set Environment String name = SfxString31, value = Could not overwrite file "%s". True 1
Fn
Environment Set Environment String name = SfxString32, value = Error in command line: %s True 1
Fn
Environment Set Environment String name = SfxString35, value = Back True 1
Fn
Environment Set Environment String name = SfxString36, value = Next True 1
Fn
Environment Set Environment String name = SfxString37, value = Finish True 1
Fn
Environment Set Environment String name = SfxString38, value = Cancel True 1
Fn
Environment Set Environment String name = SfxString39, value = Application error: Exception code: 0x%08x Address: 0x%08x Exception data: True 1
Fn
Environment Set Environment String name = SfxString40, value = 7z SFX: warning True 1
Fn
Environment Set Environment String name = SfxString41, value = : warning True 1
Fn
Environment Set Environment String name = SfxString42, value = Not enough free space for extracting. Do you want to continue? True 1
Fn
Environment Set Environment String name = SfxString43, value = Insufficient physical memory. Extracting may take a long time. Do you want to continue? True 1
Fn
Environment Set Environment String name = SfxString44, value = Enter password: True 1
Fn
Environment Set Environment String name = SfxString45, value = Preparing... True 1
Fn
Environment Set Environment String name = SfxVarCmdLine1 True 1
Fn
Environment Set Environment String name = 7zSfxVarCmdLine1 True 1
Fn
Environment Set Environment String name = SfxVarCmdLine2 True 1
Fn
Environment Set Environment String name = 7zSfxVarCmdLine2 True 1
Fn
Environment Set Environment String name = SfxVarCmdLine1 True 1
Fn
Environment Set Environment String name = 7zSfxVarCmdLine1 True 1
Fn
Environment Set Environment String name = SfxVarCmdLine2 True 1
Fn
Environment Set Environment String name = 7zSfxVarCmdLine2 True 1
Fn
Environment Set Environment String name = SfxFolder00, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = 7zSfxFolder00, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = SfxFolder02, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = 7zSfxFolder02, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = SfxFolder05, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = 7zSfxFolder05, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = MyDocuments, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = MyDocs, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = SfxFolder06, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = 7zSfxFolder06, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = SfxFolder07, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder07, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder08, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Recent True 1
Fn
Environment Set Environment String name = 7zSfxFolder08, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Recent True 1
Fn
Environment Set Environment String name = SfxFolder09, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\SendTo True 1
Fn
Environment Set Environment String name = 7zSfxFolder09, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\SendTo True 1
Fn
Environment Set Environment String name = SfxFolder11, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = 7zSfxFolder11, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = SfxFolder13, value = C:\Users\5p5NrGJn0jS HALPmcxz\Music True 1
Fn
Environment Set Environment String name = 7zSfxFolder13, value = C:\Users\5p5NrGJn0jS HALPmcxz\Music True 1
Fn
Environment Set Environment String name = SfxFolder14, value = C:\Users\5p5NrGJn0jS HALPmcxz\Videos True 1
Fn
Environment Set Environment String name = 7zSfxFolder14, value = C:\Users\5p5NrGJn0jS HALPmcxz\Videos True 1
Fn
Environment Set Environment String name = SfxFolder16, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = 7zSfxFolder16, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = UserDesktop, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = SfxFolder19, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Network Shortcuts True 1
Fn
Environment Set Environment String name = 7zSfxFolder19, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Network Shortcuts True 1
Fn
Environment Set Environment String name = SfxFolder20, value = C:\Windows\Fonts True 1
Fn
Environment Set Environment String name = 7zSfxFolder20, value = C:\Windows\Fonts True 1
Fn
Environment Set Environment String name = SfxFolder21, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = 7zSfxFolder21, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = SfxFolder22, value = C:\ProgramData\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = 7zSfxFolder22, value = C:\ProgramData\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = SfxFolder23, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = 7zSfxFolder23, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = SfxFolder24, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder24, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder25, value = C:\Users\Public\Desktop True 1
Fn
Environment Set Environment String name = 7zSfxFolder25, value = C:\Users\Public\Desktop True 1
Fn
Environment Set Environment String name = CommonDesktop, value = C:\Users\Public\Desktop True 1
Fn
Environment Set Environment String name = SfxFolder26, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming True 1
Fn
Environment Set Environment String name = 7zSfxFolder26, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming True 1
Fn
Environment Set Environment String name = SfxFolder27, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Printer Shortcuts True 1
Fn
Environment Set Environment String name = 7zSfxFolder27, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Printer Shortcuts True 1
Fn
Environment Set Environment String name = SfxFolder28, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local True 1
Fn
Environment Set Environment String name = 7zSfxFolder28, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local True 1
Fn
Environment Set Environment String name = SfxFolder29, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder29, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder30, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder30, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder31, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = 7zSfxFolder31, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = SfxFolder32, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\Temporary Internet Files True 1
Fn
Environment Set Environment String name = 7zSfxFolder32, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\Temporary Internet Files True 1
Fn
Environment Set Environment String name = SfxFolder33, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Cookies True 1
Fn
Environment Set Environment String name = 7zSfxFolder33, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Cookies True 1
Fn
Environment Set Environment String name = SfxFolder34, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\History True 1
Fn
Environment Set Environment String name = 7zSfxFolder34, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\History True 1
Fn
Environment Set Environment String name = SfxFolder35, value = C:\ProgramData True 1
Fn
Environment Set Environment String name = 7zSfxFolder35, value = C:\ProgramData True 1
Fn
Environment Set Environment String name = SfxFolder36, value = C:\Windows True 1
Fn
Environment Set Environment String name = 7zSfxFolder36, value = C:\Windows True 1
Fn
Environment Set Environment String name = SfxFolder37, value = C:\Windows\system32 True 1
Fn
Environment Set Environment String name = 7zSfxFolder37, value = C:\Windows\system32 True 1
Fn
Environment Set Environment String name = SfxFolder38, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = 7zSfxFolder38, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = SfxFolder39, value = C:\Users\5p5NrGJn0jS HALPmcxz\Pictures True 1
Fn
Environment Set Environment String name = 7zSfxFolder39, value = C:\Users\5p5NrGJn0jS HALPmcxz\Pictures True 1
Fn
Environment Set Environment String name = SfxFolder40, value = C:\Users\5p5NrGJn0jS HALPmcxz True 1
Fn
Environment Set Environment String name = 7zSfxFolder40, value = C:\Users\5p5NrGJn0jS HALPmcxz True 1
Fn
Environment Set Environment String name = SfxFolder41, value = C:\Windows\SysWOW64 True 1
Fn
Environment Set Environment String name = 7zSfxFolder41, value = C:\Windows\SysWOW64 True 1
Fn
Environment Set Environment String name = SfxFolder42, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = 7zSfxFolder42, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = SfxFolder43, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = 7zSfxFolder43, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = SfxFolder44, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = 7zSfxFolder44, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = SfxFolder45, value = C:\ProgramData\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = 7zSfxFolder45, value = C:\ProgramData\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = SfxFolder46, value = C:\Users\Public\Documents True 1
Fn
Environment Set Environment String name = 7zSfxFolder46, value = C:\Users\Public\Documents True 1
Fn
Environment Set Environment String name = CommonDocuments, value = C:\Users\Public\Documents True 1
Fn
Environment Set Environment String name = SfxFolder47, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = 7zSfxFolder47, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = SfxFolder48, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = 7zSfxFolder48, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = SfxFolder53, value = C:\Users\Public\Music True 1
Fn
Environment Set Environment String name = 7zSfxFolder53, value = C:\Users\Public\Music True 1
Fn
Environment Set Environment String name = SfxFolder54, value = C:\Users\Public\Pictures True 1
Fn
Environment Set Environment String name = 7zSfxFolder54, value = C:\Users\Public\Pictures True 1
Fn
File Get Info filename = c:\windows\temp, type = file_attributes True 1
Fn
System Get Time type = System Time, time = 2018-10-16 14:29:13 (UTC) True 1
Fn
File Get Info filename = c:\windows\temp, type = file_attributes True 1
Fn
File Create Directory c:\windows\temp False 1
Fn
File Get Info filename = c:\windows\temp, type = file_attributes True 1
Fn
Environment Set Environment String name = SfxFolder00, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = 7zSfxFolder00, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = SfxFolder02, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = 7zSfxFolder02, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = SfxFolder05, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = 7zSfxFolder05, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = MyDocuments, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = MyDocs, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = SfxFolder06, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = 7zSfxFolder06, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = SfxFolder07, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder07, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder08, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Recent True 1
Fn
Environment Set Environment String name = 7zSfxFolder08, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Recent True 1
Fn
Environment Set Environment String name = SfxFolder09, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\SendTo True 1
Fn
Environment Set Environment String name = 7zSfxFolder09, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\SendTo True 1
Fn
Environment Set Environment String name = SfxFolder11, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = 7zSfxFolder11, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = SfxFolder13, value = C:\Users\5p5NrGJn0jS HALPmcxz\Music True 1
Fn
Environment Set Environment String name = 7zSfxFolder13, value = C:\Users\5p5NrGJn0jS HALPmcxz\Music True 1
Fn
Environment Set Environment String name = SfxFolder14, value = C:\Users\5p5NrGJn0jS HALPmcxz\Videos True 1
Fn
Environment Set Environment String name = 7zSfxFolder14, value = C:\Users\5p5NrGJn0jS HALPmcxz\Videos True 1
Fn
Environment Set Environment String name = SfxFolder16, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = 7zSfxFolder16, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = UserDesktop, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = SfxFolder19, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Network Shortcuts True 1
Fn
Environment Set Environment String name = 7zSfxFolder19, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Network Shortcuts True 1
Fn
Environment Set Environment String name = SfxFolder20, value = C:\Windows\Fonts True 1
Fn
Environment Set Environment String name = 7zSfxFolder20, value = C:\Windows\Fonts True 1
Fn
Environment Set Environment String name = SfxFolder21, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = 7zSfxFolder21, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = SfxFolder22, value = C:\ProgramData\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = 7zSfxFolder22, value = C:\ProgramData\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = SfxFolder23, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = 7zSfxFolder23, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = SfxFolder24, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder24, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder25, value = C:\Users\Public\Desktop True 1
Fn
Environment Set Environment String name = 7zSfxFolder25, value = C:\Users\Public\Desktop True 1
Fn
Environment Set Environment String name = CommonDesktop, value = C:\Users\Public\Desktop True 1
Fn
Environment Set Environment String name = SfxFolder26, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming True 1
Fn
Environment Set Environment String name = 7zSfxFolder26, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming True 1
Fn
Environment Set Environment String name = SfxFolder27, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Printer Shortcuts True 1
Fn
Environment Set Environment String name = 7zSfxFolder27, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Printer Shortcuts True 1
Fn
Environment Set Environment String name = SfxFolder28, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local True 1
Fn
Environment Set Environment String name = 7zSfxFolder28, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local True 1
Fn
Environment Set Environment String name = SfxFolder29, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder29, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder30, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder30, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder31, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = 7zSfxFolder31, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = SfxFolder32, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\Temporary Internet Files True 1
Fn
Environment Set Environment String name = 7zSfxFolder32, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\Temporary Internet Files True 1
Fn
Environment Set Environment String name = SfxFolder33, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Cookies True 1
Fn
Environment Set Environment String name = 7zSfxFolder33, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Cookies True 1
Fn
Environment Set Environment String name = SfxFolder34, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\History True 1
Fn
Environment Set Environment String name = 7zSfxFolder34, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\History True 1
Fn
Environment Set Environment String name = SfxFolder35, value = C:\ProgramData True 1
Fn
Environment Set Environment String name = 7zSfxFolder35, value = C:\ProgramData True 1
Fn
Environment Set Environment String name = SfxFolder36, value = C:\Windows True 1
Fn
Environment Set Environment String name = 7zSfxFolder36, value = C:\Windows True 1
Fn
Environment Set Environment String name = SfxFolder37, value = C:\Windows\system32 True 1
Fn
Environment Set Environment String name = 7zSfxFolder37, value = C:\Windows\system32 True 1
Fn
Environment Set Environment String name = SfxFolder38, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = 7zSfxFolder38, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = SfxFolder39, value = C:\Users\5p5NrGJn0jS HALPmcxz\Pictures True 1
Fn
Environment Set Environment String name = 7zSfxFolder39, value = C:\Users\5p5NrGJn0jS HALPmcxz\Pictures True 1
Fn
Environment Set Environment String name = SfxFolder40, value = C:\Users\5p5NrGJn0jS HALPmcxz True 1
Fn
Environment Set Environment String name = 7zSfxFolder40, value = C:\Users\5p5NrGJn0jS HALPmcxz True 1
Fn
Environment Set Environment String name = SfxFolder41, value = C:\Windows\SysWOW64 True 1
Fn
Environment Set Environment String name = 7zSfxFolder41, value = C:\Windows\SysWOW64 True 1
Fn
Environment Set Environment String name = SfxFolder42, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = 7zSfxFolder42, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = SfxFolder43, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = 7zSfxFolder43, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = SfxFolder44, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = 7zSfxFolder44, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = SfxFolder45, value = C:\ProgramData\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = 7zSfxFolder45, value = C:\ProgramData\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = SfxFolder46, value = C:\Users\Public\Documents True 1
Fn
Environment Set Environment String name = 7zSfxFolder46, value = C:\Users\Public\Documents True 1
Fn
Environment Set Environment String name = CommonDocuments, value = C:\Users\Public\Documents True 1
Fn
Environment Set Environment String name = SfxFolder47, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = 7zSfxFolder47, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = SfxFolder48, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = 7zSfxFolder48, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = SfxFolder53, value = C:\Users\Public\Music True 1
Fn
Environment Set Environment String name = 7zSfxFolder53, value = C:\Users\Public\Music True 1
Fn
Environment Set Environment String name = SfxFolder54, value = C:\Users\Public\Pictures True 1
Fn
Environment Set Environment String name = 7zSfxFolder54, value = C:\Users\Public\Pictures True 1
Fn
Environment Set Environment String name = SfxFolder55, value = C:\Users\Public\Videos True 1
Fn
Environment Set Environment String name = 7zSfxFolder55, value = C:\Users\Public\Videos True 1
Fn
Environment Set Environment String name = SfxFolder56, value = C:\Windows\resources True 1
Fn
Environment Set Environment String name = 7zSfxFolder56, value = C:\Windows\resources True 1
Fn
Environment Set Environment String name = SfxFolder59, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\Burn\Burn True 1
Fn
Environment Set Environment String name = 7zSfxFolder59, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\Burn\Burn True 1
Fn
Environment Set Environment String name = SfxVarModulePlatform, value = x86 True 1
Fn
Environment Set Environment String name = 7zSfxVarModulePlatform, value = x86 True 1
Fn
Environment Set Environment String name = SfxVarSystemPlatform, value = x64 True 1
Fn
Environment Set Environment String name = 7zSfxVarSystemPlatform, value = x64 True 1
Fn
Environment Set Environment String name = SfxVarCmdLine0, value = c:/windows/temp/zkts.exe True 1
Fn
Environment Set Environment String name = 7zSfxVarCmdLine0, value = c:/windows/temp/zkts.exe True 1
Fn
Environment Set Environment String name = SfxVarSystemLanguage, value = 1033 True 1
Fn
Environment Set Environment String name = 7zSfxVarSystemLanguage, value = 1033 True 1
Fn
Environment Set Environment String name = SfxString1, value = SFX module - Copyright (c) 2005-2016 Oleg Scherbakov 1.7.0 develop [x86] build 3900 (April 1, 2016) 7-Zip archiver - Copyright (c) 1999-2015 Igor Pavlov 15.14 (December 31, 2015) Supported methods and filters, build options: True 1
Fn
Environment Set Environment String name = SfxString2, value = 7z SFX True 1
Fn
Environment Set Environment String name = SfxString3, value = 7z SFX: error True 1
Fn
Environment Set Environment String name = SfxString4, value = : error True 1
Fn
Environment Set Environment String name = SfxString5, value = Extracting True 1
Fn
Environment Set Environment String name = SfxString6, value = Could not get SFX filename. True 1
Fn
Environment Set Environment String name = SfxString7, value = Could not open archive file "%s". True 1
Fn
Environment Set Environment String name = SfxString8, value = Non 7z archive. True 1
Fn
Environment Set Environment String name = SfxString9, value = Could not read SFX configuration or configuration not found. True 1
Fn
Environment Set Environment String name = SfxString10, value = Could not write SFX configuration. True 1
Fn
Environment Set Environment String name = SfxString11, value = Error in line %d of configuration data: %s True 1
Fn
Environment Set Environment String name = SfxString12, value = Could not create folder "%s". True 1
Fn
Environment Set Environment String name = SfxString13, value = Could not delete file or folder "%s". True 1
Fn
Environment Set Environment String name = SfxString14, value = Could not find command for "%s". True 1
Fn
Environment Set Environment String name = SfxString15, value = Could not find "setup.exe". True 1
Fn
Environment Set Environment String name = SfxString16, value = Error during execution "%s". True 1
Fn
Environment Set Environment String name = SfxString17, value = 7-Zip: Unsupported method. True 1
Fn
Environment Set Environment String name = SfxString18, value = 7-Zip: CRC error. True 1
Fn
Environment Set Environment String name = SfxString19, value = 7-Zip: Data error. The archive is corrupted, or invalid password was entered. True 1
Fn
Environment Set Environment String name = SfxString20, value = 7-Zip: Internal error, code %u. True 1
Fn
Environment Set Environment String name = SfxString33, value = 7-Zip: Internal error, code 0x%08X. True 1
Fn
Environment Set Environment String name = SfxString34, value = 7-Zip: Extraction error. True 1
Fn
Environment Set Environment String name = SfxString21, value = Extraction path True 1
Fn
Environment Set Environment String name = SfxString22, value = Extraction path: True 1
Fn
Environment Set Environment String name = SfxString23, value = Really cancel the installation? True 1
Fn
Environment Set Environment String name = SfxString24, value = No "HelpText" in the configuration file. True 1
Fn
Environment Set Environment String name = SfxString25, value = OK True 1
Fn
Environment Set Environment String name = SfxString26, value = Cancel True 1
Fn
Environment Set Environment String name = SfxString27, value = Yes True 1
Fn
Environment Set Environment String name = SfxString28, value = No True 1
Fn
Environment Set Environment String name = SfxString29, value = s True 1
Fn
Environment Set Environment String name = SfxString30, value = Could not create file "%s". True 1
Fn
Environment Set Environment String name = SfxString31, value = Could not overwrite file "%s". True 1
Fn
Environment Set Environment String name = SfxString32, value = Error in command line: %s True 1
Fn
Environment Set Environment String name = SfxString35, value = Back True 1
Fn
Environment Set Environment String name = SfxString36, value = Next True 1
Fn
Environment Set Environment String name = SfxString37, value = Finish True 1
Fn
Environment Set Environment String name = SfxString38, value = Cancel True 1
Fn
Environment Set Environment String name = SfxString39, value = Application error: Exception code: 0x%08x Address: 0x%08x Exception data: True 1
Fn
Environment Set Environment String name = SfxString40, value = 7z SFX: warning True 1
Fn
Environment Set Environment String name = SfxString41, value = : warning True 1
Fn
Environment Set Environment String name = SfxString42, value = Not enough free space for extracting. Do you want to continue? True 1
Fn
Environment Set Environment String name = SfxString43, value = Insufficient physical memory. Extracting may take a long time. Do you want to continue? True 1
Fn
Environment Set Environment String name = SfxString44, value = Enter password: True 1
Fn
Environment Set Environment String name = SfxString45, value = Preparing... True 1
Fn
Environment Set Environment String name = SfxVarCmdLine1 True 1
Fn
Environment Set Environment String name = 7zSfxVarCmdLine1 True 1
Fn
Environment Set Environment String name = SfxVarCmdLine2 True 1
Fn
Environment Set Environment String name = 7zSfxVarCmdLine2 True 1
Fn
Environment Set Environment String name = SfxVarCmdLine1 True 1
Fn
Environment Set Environment String name = 7zSfxVarCmdLine1 True 1
Fn
Environment Set Environment String name = SfxVarCmdLine2 True 1
Fn
Environment Set Environment String name = 7zSfxVarCmdLine2 True 1
Fn
Environment Set Environment String name = SfxVarApiPath True 1
Fn
Environment Set Environment String name = SfxFolder00, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = 7zSfxFolder00, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = SfxFolder02, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = 7zSfxFolder02, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = SfxFolder05, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = 7zSfxFolder05, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = MyDocuments, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = MyDocs, value = C:\Users\5p5NrGJn0jS HALPmcxz\Documents True 1
Fn
Environment Set Environment String name = SfxFolder06, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = 7zSfxFolder06, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = SfxFolder07, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder07, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder08, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Recent True 1
Fn
Environment Set Environment String name = 7zSfxFolder08, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Recent True 1
Fn
Environment Set Environment String name = SfxFolder09, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\SendTo True 1
Fn
Environment Set Environment String name = 7zSfxFolder09, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\SendTo True 1
Fn
Environment Set Environment String name = SfxFolder11, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = 7zSfxFolder11, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = SfxFolder13, value = C:\Users\5p5NrGJn0jS HALPmcxz\Music True 1
Fn
Environment Set Environment String name = 7zSfxFolder13, value = C:\Users\5p5NrGJn0jS HALPmcxz\Music True 1
Fn
Environment Set Environment String name = SfxFolder14, value = C:\Users\5p5NrGJn0jS HALPmcxz\Videos True 1
Fn
Environment Set Environment String name = 7zSfxFolder14, value = C:\Users\5p5NrGJn0jS HALPmcxz\Videos True 1
Fn
Environment Set Environment String name = SfxFolder16, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = 7zSfxFolder16, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = UserDesktop, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Set Environment String name = SfxFolder19, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Network Shortcuts True 1
Fn
Environment Set Environment String name = 7zSfxFolder19, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Network Shortcuts True 1
Fn
Environment Set Environment String name = SfxFolder20, value = C:\Windows\Fonts True 1
Fn
Environment Set Environment String name = 7zSfxFolder20, value = C:\Windows\Fonts True 1
Fn
Environment Set Environment String name = SfxFolder21, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = 7zSfxFolder21, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = SfxFolder22, value = C:\ProgramData\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = 7zSfxFolder22, value = C:\ProgramData\Microsoft\Windows\Start Menu True 1
Fn
Environment Set Environment String name = SfxFolder23, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = 7zSfxFolder23, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs True 1
Fn
Environment Set Environment String name = SfxFolder24, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder24, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder25, value = C:\Users\Public\Desktop True 1
Fn
Environment Set Environment String name = 7zSfxFolder25, value = C:\Users\Public\Desktop True 1
Fn
Environment Set Environment String name = CommonDesktop, value = C:\Users\Public\Desktop True 1
Fn
Environment Set Environment String name = SfxFolder26, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming True 1
Fn
Environment Set Environment String name = 7zSfxFolder26, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming True 1
Fn
Environment Set Environment String name = SfxFolder27, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Printer Shortcuts True 1
Fn
Environment Set Environment String name = 7zSfxFolder27, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Printer Shortcuts True 1
Fn
Environment Set Environment String name = SfxFolder28, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local True 1
Fn
Environment Set Environment String name = 7zSfxFolder28, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local True 1
Fn
Environment Set Environment String name = SfxFolder29, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder29, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder30, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = 7zSfxFolder30, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup True 1
Fn
Environment Set Environment String name = SfxFolder31, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = 7zSfxFolder31, value = C:\Users\5p5NrGJn0jS HALPmcxz\Favorites True 1
Fn
Environment Set Environment String name = SfxFolder32, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\Temporary Internet Files True 1
Fn
Environment Set Environment String name = 7zSfxFolder32, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\Temporary Internet Files True 1
Fn
Environment Set Environment String name = SfxFolder33, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Cookies True 1
Fn
Environment Set Environment String name = 7zSfxFolder33, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Cookies True 1
Fn
Environment Set Environment String name = SfxFolder34, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\History True 1
Fn
Environment Set Environment String name = 7zSfxFolder34, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Microsoft\Windows\History True 1
Fn
Environment Set Environment String name = SfxFolder35, value = C:\ProgramData True 1
Fn
Environment Set Environment String name = 7zSfxFolder35, value = C:\ProgramData True 1
Fn
Environment Set Environment String name = SfxFolder36, value = C:\Windows True 1
Fn
Environment Set Environment String name = 7zSfxFolder36, value = C:\Windows True 1
Fn
Environment Set Environment String name = SfxFolder37, value = C:\Windows\system32 True 1
Fn
Environment Set Environment String name = 7zSfxFolder37, value = C:\Windows\system32 True 1
Fn
Environment Set Environment String name = SfxFolder38, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = 7zSfxFolder38, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = SfxFolder39, value = C:\Users\5p5NrGJn0jS HALPmcxz\Pictures True 1
Fn
Environment Set Environment String name = 7zSfxFolder39, value = C:\Users\5p5NrGJn0jS HALPmcxz\Pictures True 1
Fn
Environment Set Environment String name = SfxFolder40, value = C:\Users\5p5NrGJn0jS HALPmcxz True 1
Fn
Environment Set Environment String name = 7zSfxFolder40, value = C:\Users\5p5NrGJn0jS HALPmcxz True 1
Fn
Environment Set Environment String name = SfxFolder41, value = C:\Windows\SysWOW64 True 1
Fn
Environment Set Environment String name = 7zSfxFolder41, value = C:\Windows\SysWOW64 True 1
Fn
Environment Set Environment String name = SfxFolder42, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = 7zSfxFolder42, value = C:\Program Files (x86) True 1
Fn
Environment Set Environment String name = SfxFolder43, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = 7zSfxFolder43, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = SfxFolder44, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = 7zSfxFolder44, value = C:\Program Files (x86)\Common Files True 1
Fn
Environment Set Environment String name = SfxFolder45, value = C:\ProgramData\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = 7zSfxFolder45, value = C:\ProgramData\Microsoft\Windows\Templates True 1
Fn
Environment Set Environment String name = SfxFolder46, value = C:\Users\Public\Documents True 1
Fn
Environment Set Environment String name = 7zSfxFolder46, value = C:\Users\Public\Documents True 1
Fn
Environment Set Environment String name = CommonDocuments, value = C:\Users\Public\Documents True 1
Fn
Environment Set Environment String name = SfxFolder47, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = 7zSfxFolder47, value = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = SfxFolder48, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = 7zSfxFolder48, value = C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools True 1
Fn
Environment Set Environment String name = SfxFolder53, value = C:\Users\Public\Music True 1
Fn
Environment Set Environment String name = 7zSfxFolder53, value = C:\Users\Public\Music True 1
Fn
Environment Set Environment String name = SfxFolder54, value = C:\Users\Public\Pictures True 1
Fn
Thread 0x920
116 0
»
Category Operation Information Success Count Logfile
File Read filename = c:\windows\temp\zkts.exe, size = 2532, size_out = 2532 True 1
Fn
Data
File Create filename = c:\windows\temp\KillDuplicate.cmd, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\KillDuplicate.cmd, size = 222 True 1
Fn
Data
File Create filename = c:\windows\temp\svchostb.xml, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\svchostb.xml, size = 7782 True 1
Fn
Data
File Create filename = c:\windows\temp\svchostbs.xml, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\svchostbs.xml, size = 5349 True 1
Fn
Data
File Read filename = c:\windows\temp\zkts.exe, size = 3335, size_out = 3335 True 1
Fn
Data
File Create filename = c:\windows\temp\cnli-1.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\cnli-1.dll, size = 100864 True 1
Fn
Data
File Create filename = c:\windows\temp\coli-0.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\coli-0.dll, size = 15360 True 1
Fn
Data
File Create filename = c:\windows\temp\crli-0.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\crli-0.dll, size = 17408 True 1
Fn
Data
File Create filename = c:\windows\temp\dmgd-4.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\dmgd-4.dll, size = 128512 True 1
Fn
Data
File Write filename = c:\windows\temp\dmgd-4.dll, size = 262144 True 1
Fn
Data
File Write filename = c:\windows\temp\dmgd-4.dll, size = 89088 True 1
Fn
Data
File Create filename = c:\windows\temp\exma-1.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\exma-1.dll, size = 10240 True 1
Fn
Data
File Create filename = c:\windows\temp\katyusha.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\katyusha.dll, size = 5120 True 1
Fn
Data
File Create filename = c:\windows\temp\libeay32.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\libeay32.dll, size = 157696 True 1
Fn
Data
File Write filename = c:\windows\temp\libeay32.dll, size = 262144 True 2
Fn
Data
File Write filename = c:\windows\temp\libeay32.dll, size = 221184 True 1
Fn
Data
File Create filename = c:\windows\temp\libxml2.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\libxml2.dll, size = 40960 True 1
Fn
Data
File Write filename = c:\windows\temp\libxml2.dll, size = 262144 True 2
Fn
Data
File Write filename = c:\windows\temp\libxml2.dll, size = 261120 True 1
Fn
Data
File Create filename = c:\windows\temp\m32.exe, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\m32.exe, size = 1024 True 1
Fn
Data
File Write filename = c:\windows\temp\m32.exe, size = 262144 True 1
Fn
Data
File Write filename = c:\windows\temp\m32.exe, size = 66560 True 1
Fn
Data
File Create filename = c:\windows\temp\m64.exe, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\m64.exe, size = 195584 True 1
Fn
Data
File Write filename = c:\windows\temp\m64.exe, size = 176640 True 1
Fn
Data
File Create filename = c:\windows\temp\posh-0.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\posh-0.dll, size = 11264 True 1
Fn
Data
File Create filename = c:\windows\temp\ssleay32.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\ssleay32.dll, size = 74240 True 1
Fn
Data
File Write filename = c:\windows\temp\ssleay32.dll, size = 110080 True 1
Fn
Data
File Create filename = c:\windows\temp\svchostb.exe, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\svchostb.exe, size = 61440 True 1
Fn
Data
File Create filename = c:\windows\temp\svchostbs.exe, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\svchostbs.exe, size = 25600 True 1
Fn
Data
File Create filename = c:\windows\temp\svchostp.exe, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\svchostp.exe, size = 65024 True 1
Fn
Data
File Write filename = c:\windows\temp\svchostp.exe, size = 3584 True 1
Fn
Data
File Create filename = c:\windows\temp\tibe-2.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\tibe-2.dll, size = 237568 True 1
Fn
Data
File Create filename = c:\windows\temp\trch-1.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\trch-1.dll, size = 20992 True 1
Fn
Data
File Write filename = c:\windows\temp\trch-1.dll, size = 38912 True 1
Fn
Data
File Create filename = c:\windows\temp\trfo-2.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\trfo-2.dll, size = 29696 True 1
Fn
Data
File Create filename = c:\windows\temp\tucl-1.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\tucl-1.dll, size = 9216 True 1
Fn
Data
File Create filename = c:\windows\temp\ucl.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\ucl.dll, size = 58368 True 1
Fn
Data
File Create filename = c:\windows\temp\xdvl-0.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\xdvl-0.dll, size = 32256 True 1
Fn
Data
File Create filename = c:\windows\temp\zlib1.dll, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ True 1
Fn
File Write filename = c:\windows\temp\zlib1.dll, size = 60416 True 1
Fn
Data
Thread 0x924
2 0
»
Category Operation Information Success Count Logfile
File Read filename = c:\windows\temp\zkts.exe, size = 23908, size_out = 23908 True 1
Fn
Data
System Sleep duration = -1 (infinite) True 1
Fn
Thread 0x928
2 0
»
Category Operation Information Success Count Logfile
File Read filename = c:\windows\temp\zkts.exe, size = 46489, size_out = 46489 True 1
Fn
Data
System Sleep duration = -1 (infinite) True 1
Fn
Thread 0x92c
9 0
»
Category Operation Information Success Count Logfile
File Read filename = c:\windows\temp\zkts.exe, size = 1048576, size_out = 1048576 True 1
Fn
Data
System Sleep duration = -1 (infinite) True 4
Fn
File Read filename = c:\windows\temp\zkts.exe, size = 656502, size_out = 656502 True 1
Fn
Data
System Sleep duration = -1 (infinite) True 3
Fn
Process #4: cmd.exe
57 0
»
Information Value
ID #4
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c c:/windows/temp/m64.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:29, Reason: Child Process
Unmonitor End Time: 00:00:34, Reason: Self Terminated
Monitor Duration 00:00:05
OS Process Information
»
Information Value
PID 0x930
Parent PID 0x8e4 (c:\users\5p5nrgjn0js halpmcxz\desktop\out.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 934
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e1fff Pagefile Backed Memory rw True False False -
private_0x00000000000f0000 0x000f0000 0x000f0fff Private Memory rw True False False -
private_0x0000000000100000 0x00100000 0x00100fff Private Memory rw True False False -
private_0x0000000000180000 0x00180000 0x0018ffff Private Memory rw True False False -
private_0x00000000001d0000 0x001d0000 0x0020ffff Private Memory rw True False False -
private_0x00000000002e0000 0x002e0000 0x003dffff Private Memory rw True False False -
pagefile_0x00000000003e0000 0x003e0000 0x00567fff Pagefile Backed Memory r True False False -
private_0x0000000000570000 0x00570000 0x005effff Private Memory rw True False False -
pagefile_0x00000000005f0000 0x005f0000 0x00770fff Pagefile Backed Memory r True False False -
private_0x0000000000780000 0x00780000 0x0087ffff Private Memory rw True False False -
pagefile_0x0000000000880000 0x00880000 0x01c7ffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001c80000 0x01c80000 0x01fc2fff Pagefile Backed Memory r True False False -
sortdefault.nls 0x01fd0000 0x0229efff Memory Mapped File r False False False -
cmd.exe 0x4ab90000 0x4abdbfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x754b0000 0x754b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x934
57 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:13 (UTC) True 1
Fn
System Get Time type = Ticks, time = 95363 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4ab90000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Process Create process_name = c:\windows\temp\m64.exe, os_pid = 0x938, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000000 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #5: m64.exe
872 0
»
Information Value
ID #5
File Name c:\windows\temp\m64.exe
Command Line c:/windows/temp/m64.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:29, Reason: Child Process
Unmonitor End Time: 00:00:34, Reason: Self Terminated
Monitor Duration 00:00:05
OS Process Information
»
Information Value
PID 0x938
Parent PID 0x930 (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable True
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 93C
0x 940
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x0012ffff Private Memory rw True False False -
pagefile_0x0000000000130000 0x00130000 0x00133fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000140000 0x00140000 0x00140fff Pagefile Backed Memory r True False False -
private_0x0000000000150000 0x00150000 0x00150fff Private Memory rw True False False -
private_0x0000000000160000 0x00160000 0x00160fff Private Memory rw True False False -
pagefile_0x0000000000170000 0x00170000 0x00176fff Pagefile Backed Memory r True False False -
private_0x0000000000180000 0x00180000 0x0027ffff Private Memory rw True False False -
locale.nls 0x00280000 0x002e6fff Memory Mapped File r False False False -
pagefile_0x00000000002f0000 0x002f0000 0x002f1fff Pagefile Backed Memory rw True False False -
rpcss.dll 0x00300000 0x0037cfff Memory Mapped File r False False False -
private_0x00000000003c0000 0x003c0000 0x003cffff Private Memory rw True False False -
private_0x00000000003d0000 0x003d0000 0x004cffff Private Memory rw True False False -
pagefile_0x00000000004d0000 0x004d0000 0x00657fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000660000 0x00660000 0x007e0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000007f0000 0x007f0000 0x01beffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001bf0000 0x01bf0000 0x01fe2fff Pagefile Backed Memory r True False False -
sortdefault.nls 0x01ff0000 0x022befff Memory Mapped File r False False False -
private_0x00000000022c0000 0x022c0000 0x023bffff Private Memory rw True False False -
private_0x00000000023c0000 0x023c0000 0x024bffff Private Memory rw True False False -
user32.dll 0x776b0000 0x777a9fff Memory Mapped File rwx False False False -
kernel32.dll 0x777b0000 0x778cefff Memory Mapped File rwx False False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff2000 0x7fff2000 0x7fff2fff Private Memory rw True False False -
m64.exe 0x140000000 0x140105fff Memory Mapped File rwx True True False
...
winscard.dll 0x7fef4700000 0x7fef4737fff Memory Mapped File rwx False False False -
vaultcli.dll 0x7fef8370000 0x7fef837dfff Memory Mapped File rwx False False False -
api-ms-win-core-synch-l1-2-0.dll 0x7fef8380000 0x7fef8382fff Memory Mapped File rwx False False False -
fltlib.dll 0x7fef83b0000 0x7fef83b8fff Memory Mapped File rwx False False False -
cabinet.dll 0x7fef83c0000 0x7fef83dafff Memory Mapped File rwx False False False -
wkscli.dll 0x7fefba10000 0x7fefba24fff Memory Mapped File rwx False False False -
netutils.dll 0x7fefba30000 0x7fefba3bfff Memory Mapped File rwx False False False -
netapi32.dll 0x7fefba40000 0x7fefba55fff Memory Mapped File rwx False False False -
hid.dll 0x7fefbd80000 0x7fefbd8afff Memory Mapped File rwx False False False -
samlib.dll 0x7fefc2d0000 0x7fefc2ecfff Memory Mapped File rwx False False False -
version.dll 0x7fefc9e0000 0x7fefc9ebfff Memory Mapped File rwx False False False -
userenv.dll 0x7fefcbc0000 0x7fefcbddfff Memory Mapped File rwx False False False -
bcryptprimitives.dll 0x7fefcd50000 0x7fefcd9bfff Memory Mapped File rwx False False False -
rsaenh.dll 0x7fefce10000 0x7fefce56fff Memory Mapped File rwx False False False -
logoncli.dll 0x7fefcf00000 0x7fefcf2ffff Memory Mapped File rwx False False False -
bcrypt.dll 0x7fefd280000 0x7fefd2a1fff Memory Mapped File rwx False False False -
cryptdll.dll 0x7fefd3b0000 0x7fefd3c3fff Memory Mapped File rwx False False False -
srvcli.dll 0x7fefd610000 0x7fefd632fff Memory Mapped File rwx False False False -
secur32.dll 0x7fefd6b0000 0x7fefd6bafff Memory Mapped File rwx False False False -
sspicli.dll 0x7fefd6e0000 0x7fefd704fff Memory Mapped File rwx False False False -
cryptbase.dll 0x7fefd710000 0x7fefd71efff Memory Mapped File rwx False False False -
winsta.dll 0x7fefd7c0000 0x7fefd7fcfff Memory Mapped File rwx False False False -
profapi.dll 0x7fefd820000 0x7fefd82efff Memory Mapped File rwx False False False -
msasn1.dll 0x7fefd8c0000 0x7fefd8cefff Memory Mapped File rwx False False False -
kernelbase.dll 0x7fefd8d0000 0x7fefd93afff Memory Mapped File rwx False False False -
crypt32.dll 0x7fefd940000 0x7fefdaa6fff Memory Mapped File rwx False False False -
cfgmgr32.dll 0x7fefdab0000 0x7fefdae5fff Memory Mapped File rwx False False False -
devobj.dll 0x7fefdaf0000 0x7fefdb09fff Memory Mapped File rwx False False False -
wintrust.dll 0x7fefdbb0000 0x7fefdbe9fff Memory Mapped File rwx False False False -
lpk.dll 0x7fefdec0000 0x7fefdecdfff Memory Mapped File rwx False False False -
oleaut32.dll 0x7fefded0000 0x7fefdfa6fff Memory Mapped File rwx False False False -
imm32.dll 0x7fefdfb0000 0x7fefdfddfff Memory Mapped File rwx False False False -
gdi32.dll 0x7fefe100000 0x7fefe166fff Memory Mapped File rwx False False False -
msvcrt.dll 0x7fefe170000 0x7fefe20efff Memory Mapped File rwx False False False -
msctf.dll 0x7fefe210000 0x7fefe318fff Memory Mapped File rwx False False False -
usp10.dll 0x7fefe320000 0x7fefe3e8fff Memory Mapped File rwx False False False -
advapi32.dll 0x7fefe3f0000 0x7fefe4cafff Memory Mapped File rwx False False False -
rpcrt4.dll 0x7fefe4d0000 0x7fefe5fcfff Memory Mapped File rwx False False False -
shlwapi.dll 0x7fefe900000 0x7fefe970fff Memory Mapped File rwx False False False -
wldap32.dll 0x7fefe9d0000 0x7fefea21fff Memory Mapped File rwx False False False -
sechost.dll 0x7fefea30000 0x7fefea4efff Memory Mapped File rwx False False False -
setupapi.dll 0x7fefea50000 0x7fefec26fff Memory Mapped File rwx False False False -
shell32.dll 0x7fefec30000 0x7feff9b7fff Memory Mapped File rwx False False False -
ole32.dll 0x7feff9d0000 0x7feffbd2fff Memory Mapped File rwx False False False -
apisetschema.dll 0x7feffbf0000 0x7feffbf0fff Memory Mapped File rwx False False False -
pagefile_0x000007fffffb0000 0x7fffffb0000 0x7fffffd2fff Pagefile Backed Memory r True False False -
private_0x000007fffffd3000 0x7fffffd3000 0x7fffffd3fff Private Memory rw True False False -
private_0x000007fffffdc000 0x7fffffdc000 0x7fffffddfff Private Memory rw True False False -
private_0x000007fffffde000 0x7fffffde000 0x7fffffdffff Private Memory rw True False False -
Created Files
»
Filename File Size Hash Values YARA Match Actions
C:\Windows\temp\snamelog 0.09 KB MD5: 4b8087ec44aa670c5ded3c0f0ed5181e
SHA1: 0438738922fd7425cffb5fa19940c40743c6f847
SHA256: bb3d12ea94c3edce913e4dce63a3ca5e03525d2967d15e8546acc4b9f5b43bc1
SSDeep: 3:A+aktGJoiTktGJoiTktGJoiTktGy:ALk4tTk4tTk4tTk4y 		False
...
C:\Windows\temp\spasslog 0.02 KB MD5: 55f4877f42efd234ac09f6917638815e
SHA1: 4a9397c02641a11ba800e4957afa9d96325c22a1
SHA256: 104f85e225a7d61b90e51c77a929a0499b11076bc54b680be332a8634571d2ab
SSDeep: 3:EB+mS2+v:rmSv 		False
...
C:\Windows\temp\spasslog 0.04 KB MD5: 8b2aaad0ab43761aa1e21776c1ed6abb
SHA1: e8dc690ed319ffce6e9944859b98c7f8176605bc
SHA256: d71044bba2bc1c851b9dc92bb0b80af1d92c12227efd863659a464b09985b3ca
SSDeep: 3:EB+mS2+mS2+mS2+v:rmSmSmSv 		False
...
C:\Windows\temp\snamelog 0.13 KB MD5: 6e4134227775963a2292dfb24fc13589
SHA1: 470a39c445b48942ce08bbebc5f863e194184169
SHA256: b9bc94de89d0614470cee4d796b558a8a7ae9324886d0d0d08d2b6c742f49446
SSDeep: 3:A+aktGJoiTktGJoiTktGJoiTktGJoiTktGJoiTktGy:ALk4tTk4tTk4tTk4tTk4tTk4y 		False
...
C:\Windows\temp\spasslog 0.03 KB MD5: d7b71db2a3b0fab3a680b87d25f0d7be
SHA1: a67e9ce207230b099449a66f0f64aa6c1deb18af
SHA256: df0c2ffa6dcb0da5369f9a0d84097bfb8cfa05895071e527e0a0ebf079f63922
SSDeep: 3:EB+mS2+mS2+v:rmSmSv 		False
...
C:\Windows\temp\snamelog 0.11 KB MD5: 4ee6589a0118e74bc1da717c882ce860
SHA1: f257639e24ea24ba693308147349d3a6c2cae0c6
SHA256: f67648be7cc55e5cdc9fe47c493ab463003e15c934b39f594d55065e419b0251
SSDeep: 3:A+aktGJoiTktGJoiTktGJoiTktGJoiTktGy:ALk4tTk4tTk4tTk4tTk4y 		False
...
C:\Windows\temp\spasslog 0.01 KB MD5: 9eeb0b45c472b477e58b1b2e053a29c6
SHA1: 342c1efe3950ec050f3a6705ae8abff876b6fe4e
SHA256: af5d93bbb6d1e96dd3ccb830951790612e5f81d6765f081ed2ca8ee7a0d03b88
SSDeep: 3:EB+v:rv 		False
...
C:\Windows\temp\spasslog 0.06 KB MD5: fcadd0a8f5a3edb4042dc65f08d2a9ce
SHA1: ccc8ec23c42cebee231b4f4f0c0a381e55e5b115
SHA256: 6e97db867acf54d449f54387a9efc21d49be72fa262ccd29fdc568cde4b44415
SSDeep: 3:EB+mS2+mS2+mS2+mS2+mS2+v:rmSmSmSmSmSv 		False
...
C:\Windows\temp\spasslog 0.05 KB MD5: e8cdce80946fb5b56560510c5ba939c1
SHA1: 7627e51c008747f000c6f537c04dd42f2c2abfce
SHA256: 3d70971c452ed312c95bab5e4dfa9fb67281472043f39b3c6c0573c226cde8d4
SSDeep: 3:EB+mS2+mS2+mS2+mS2+v:rmSmSmSmSv 		False
...
C:\Windows\temp\snamelog 0.06 KB MD5: 48401e5fcdd281a139ce34b616d82861
SHA1: 871010918ba08f4e60a851edb1a0498c2c50f026
SHA256: 73a34ea312d1543ca3af57eec50116af71195c168f09d348e229944a1c40a878
SSDeep: 3:A+aktGJoiTktGJoiTktGy:ALk4tTk4tTk4y 		False
...
C:\Windows\temp\snamelog 0.02 KB MD5: 70621146e9381a42f5c17c3bd50f3b8d
SHA1: 926eb1f34ecfbdefc655f2b3901a0d5bd8c875de
SHA256: e35a5546cc9626d7a7f579b37ec72714dffcf4d7789d9b5cd868ed8fef5fbd35
SSDeep: 3:A+aktGy:ALk4y 		False
...
C:\Windows\temp\snamelog 0.04 KB MD5: 3987bea11c4d22ae0bddda27730df005
SHA1: d49cb80b941e21b55319b53c1190a92a44237dc9
SHA256: 3cab9d330ab209bbbf2064803532f80d251c060f40235a7b1d3f15120b10f2f6
SSDeep: 3:A+aktGJoiTktGy:ALk4tTk4y 		False
...
Threads
Thread 0x93c
872 0
»
Category Operation Information Success Count Logfile
Module Get Handle module_name = c:\windows\system32\kernel32.dll, base_address = 0x777b0000 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = VirtualProtect, address_out = 0x777b2ef0 True 1
Fn
Module Get Handle module_name = c:\windows\system32\advapi32.dll, base_address = 0x7fefe3f0000 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptReleaseContext, address_out = 0x7fefe3fdd10 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptGenKey, address_out = 0x7fefe3f19bc True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptGetProvParam, address_out = 0x7fefe42b538 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptGetHashParam, address_out = 0x7fefe3fdb20 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptImportKey, address_out = 0x7fefe3faf6c True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptSetKeyParam, address_out = 0x7fefe42b508 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptDestroyHash, address_out = 0x7fefe3fdb00 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptSetHashParam, address_out = 0x7fefe42b514 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptHashData, address_out = 0x7fefe3fdac0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptCreateHash, address_out = 0x7fefe3fdad4 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptExportKey, address_out = 0x7fefe3f8140 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptDecrypt, address_out = 0x7fefe42b6d0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = SystemFunction007, address_out = 0x7fefe3fc800 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptDuplicateKey, address_out = 0x7fefe42b690 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptEncrypt, address_out = 0x7fefe42b650 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptAcquireContextW, address_out = 0x7fefe3fd98c True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptGetKeyParam, address_out = 0x7fefe42b554 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptAcquireContextA, address_out = 0x7fefe3f8180 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptDestroyKey, address_out = 0x7fefe3fafa0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = GetLengthSid, address_out = 0x7fefe40b580 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CopySid, address_out = 0x7fefe40bda0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = LsaClose, address_out = 0x7fefe412040 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = LsaOpenPolicy, address_out = 0x7fefe410b40 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = LsaQueryInformationPolicy, address_out = 0x7fefe4120b0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CreateWellKnownSid, address_out = 0x7fefe3fdd34 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CreateProcessAsUserW, address_out = 0x7fefe3fafe8 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CreateProcessWithLogonW, address_out = 0x7fefe45fa50 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = RegQueryValueExW, address_out = 0x7fefe40c2d0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = RegEnumValueW, address_out = 0x7fefe40c420 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = RegOpenKeyExW, address_out = 0x7fefe4106f0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = RegSetValueExW, address_out = 0x7fefe401ed0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = RegEnumKeyExW, address_out = 0x7fefe40c310 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = RegQueryInfoKeyW, address_out = 0x7fefe40c360 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = RegCloseKey, address_out = 0x7fefe410710 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = SystemFunction032, address_out = 0x7fefe4438f0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = ConvertSidToStringSidW, address_out = 0x7fefe40bf70 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = QueryServiceObjectSecurity, address_out = 0x7fefe42b23c True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = QueryServiceStatusEx, address_out = 0x7fefe3f7004 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = BuildSecurityDescriptorW, address_out = 0x7fefe3f5e80 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = OpenServiceW, address_out = 0x7fefe3fc2c0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = StartServiceW, address_out = 0x7fefe3f6ff0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = FreeSid, address_out = 0x7fefe40b818 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = ControlService, address_out = 0x7fefe413bd8 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = SetServiceObjectSecurity, address_out = 0x7fefe42b1ac True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = DeleteService, address_out = 0x7fefe413bc4 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = AllocateAndInitializeSid, address_out = 0x7fefe40b63c True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = OpenSCManagerW, address_out = 0x7fefe3fc2a8 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CloseServiceHandle, address_out = 0x7fefe407e04 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CreateServiceW, address_out = 0x7fefe413b44 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = IsTextUnicode, address_out = 0x7fefe410720 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = GetTokenInformation, address_out = 0x7fefe40bd50 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = LookupAccountNameW, address_out = 0x7fefe3fded4 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = LookupAccountSidW, address_out = 0x7fefe40b898 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x7fefe3fd310 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CheckTokenMembership, address_out = 0x7fefe3fd980 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = OpenProcessToken, address_out = 0x7fefe40bd70 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptEnumProvidersW, address_out = 0x7fefe42b5b0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = ConvertStringSidToSidW, address_out = 0x7fefe410ec0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = LsaFreeMemory, address_out = 0x7fefe3fe390 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = SystemFunction006, address_out = 0x7fefe3f68e0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptEnumProviderTypesW, address_out = 0x7fefe42b600 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptSetProvParam, address_out = 0x7fefe42b4fc True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptGetUserKey, address_out = 0x7fefe42b52c True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = OpenEventLogW, address_out = 0x7fefe3f6a90 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = ClearEventLogW, address_out = 0x7fefe451f00 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = GetNumberOfEventLogRecords, address_out = 0x7fefe4520d0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptSignHashW, address_out = 0x7fefe42b474 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = LsaRetrievePrivateData, address_out = 0x7fefe3f4450 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = LsaOpenSecret, address_out = 0x7fefe459c40 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = LsaQueryTrustedDomainInfoByName, address_out = 0x7fefe438d80 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CryptDeriveKey, address_out = 0x7fefe42b6b0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = LsaQuerySecret, address_out = 0x7fefe459ba0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = SystemFunction001, address_out = 0x7fefe42da0c True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = SystemFunction005, address_out = 0x7fefe42d934 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = SystemFunction013, address_out = 0x7fefe450c30 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = LsaEnumerateTrustedDomainsEx, address_out = 0x7fefe438c80 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = LookupPrivilegeValueW, address_out = 0x7fefe40b9e0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = StartServiceCtrlDispatcherW, address_out = 0x7fefe3f5e58 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = RegisterServiceCtrlHandlerW, address_out = 0x7fefe3f36c0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = SetServiceStatus, address_out = 0x7fefe3fa6d8 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = IsValidSid, address_out = 0x7fefe401730 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = OpenThreadToken, address_out = 0x7fefe40bd84 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = SetThreadToken, address_out = 0x7fefe3fd344 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = LookupPrivilegeNameW, address_out = 0x7fefe456cf0 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CredFree, address_out = 0x7fefe410c10 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = CredEnumerateW, address_out = 0x7fefe45cf50 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = SystemFunction025, address_out = 0x7fefe412b80 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = ConvertStringSecurityDescriptorToSecurityDescriptorW, address_out = 0x7fefe402040 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = GetSidSubAuthority, address_out = 0x7fefe401754 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = GetSidSubAuthorityCount, address_out = 0x7fefe401740 True 1
Fn
Module Get Address module_name = c:\windows\system32\advapi32.dll, function = SystemFunction024, address_out = 0x7fefe450b10 True 1
Fn
Module Get Handle module_name = c:\windows\system32\crypt32.dll, base_address = 0x7fefd940000 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CertAddCertificateContextToStore, address_out = 0x7fefd96d8e4 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CertGetCertificateContextProperty, address_out = 0x7fefd94b390 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CertGetNameStringW, address_out = 0x7fefd9697b0 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CertFindCertificateInStore, address_out = 0x7fefd94aed4 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CryptEncodeObject, address_out = 0x7fefd95e450 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CertAddEncodedCertificateToStore, address_out = 0x7fefd948f40 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CertFreeCertificateContext, address_out = 0x7fefd946d3c True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CertCloseStore, address_out = 0x7fefd94925c True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = PFXExportCertStoreEx, address_out = 0x7fefd9e7f30 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CertSetCertificateContextProperty, address_out = 0x7fefd96c940 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CertOpenStore, address_out = 0x7fefd9498fc True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CryptUnprotectData, address_out = 0x7fefd969d70 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CryptBinaryToStringW, address_out = 0x7fefd974198 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CryptStringToBinaryW, address_out = 0x7fefd98e9a0 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CryptProtectData, address_out = 0x7fefd96a290 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CryptAcquireCertificatePrivateKey, address_out = 0x7fefd9938ac True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CryptExportPublicKeyInfo, address_out = 0x7fefd970440 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CertEnumSystemStore, address_out = 0x7fefd999478 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CertNameToStrW, address_out = 0x7fefd96c5b0 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CryptSignAndEncodeCertificate, address_out = 0x7fefd995fe4 True 1
Fn
Module Get Address module_name = c:\windows\system32\crypt32.dll, function = CertEnumCertificatesInStore, address_out = 0x7fefd959eb0 True 1
Fn
Module Get Handle module_name = c:\windows\system32\cabinet.dll, base_address = 0x7fef83c0000 True 1
Fn
Module Get Address module_name = c:\windows\system32\cabinet.dll, function = 11, address_out = 0x7fef83c9b24 True 1
Fn
Module Get Address module_name = c:\windows\system32\cabinet.dll, function = 14, address_out = 0x7fef83c9d68 True 1
Fn
Module Get Address module_name = c:\windows\system32\cabinet.dll, function = 10, address_out = 0x7fef83c98c0 True 1
Fn
Module Get Address module_name = c:\windows\system32\cabinet.dll, function = 13, address_out = 0x7fef83c9c90 True 1
Fn
Module Get Handle module_name = c:\windows\system32\fltlib.dll, base_address = 0x7fef83b0000 True 1
Fn
Module Get Address module_name = c:\windows\system32\fltlib.dll, function = FilterFindNext, address_out = 0x7fef83b21f0 True 1
Fn
Module Get Address module_name = c:\windows\system32\fltlib.dll, function = FilterFindFirst, address_out = 0x7fef83b1e9c True 1
Fn
Module Get Handle module_name = c:\windows\system32\hid.dll, base_address = 0x7fefbd80000 True 1
Fn
Module Get Address module_name = c:\windows\system32\hid.dll, function = HidD_GetHidGuid, address_out = 0x7fefbd81434 True 1
Fn
Module Get Address module_name = c:\windows\system32\hid.dll, function = HidD_FreePreparsedData, address_out = 0x7fefbd81370 True 1
Fn
Module Get Address module_name = c:\windows\system32\hid.dll, function = HidD_GetPreparsedData, address_out = 0x7fefbd814dc True 1
Fn
Module Get Address module_name = c:\windows\system32\hid.dll, function = HidP_GetCaps, address_out = 0x7fefbd815f8 True 1
Fn
Module Get Address module_name = c:\windows\system32\hid.dll, function = HidD_GetAttributes, address_out = 0x7fefbd81454 True 1
Fn
Module Get Handle module_name = c:\windows\system32\kernel32.dll, base_address = 0x777b0000 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetCPInfo, address_out = 0x777c6ce0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetEnvironmentStringsW, address_out = 0x777c6d00 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = IsValidCodePage, address_out = 0x777c9080 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = FindFirstFileExW, address_out = 0x777cc4e0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetStringTypeW, address_out = 0x777c9060 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetStdHandle, address_out = 0x777fbce0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetConsoleMode, address_out = 0x777d2e60 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetConsoleCP, address_out = 0x777f05f0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = LCMapStringW, address_out = 0x777d0dd0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = CompareStringW, address_out = 0x777c5a10 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetFileType, address_out = 0x777d2e00 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetACP, address_out = 0x777c6f90 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetModuleHandleExW, address_out = 0x777bb780 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = TerminateProcess, address_out = 0x777fbca0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetModuleFileNameW, address_out = 0x777c7700 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetCommandLineW, address_out = 0x777cc480 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetCommandLineA, address_out = 0x777d1e70 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = LoadLibraryExW, address_out = 0x777c6640 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = TlsFree, address_out = 0x777c1590 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = TlsSetValue, address_out = 0x777c5cd0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = TlsGetValue, address_out = 0x777d2bd0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = TlsAlloc, address_out = 0x777c7100 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = InitializeCriticalSectionAndSpinCount, address_out = 0x777c64e0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = RtlUnwindEx, address_out = 0x777e2d90 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = IsProcessorFeaturePresent, address_out = 0x777fcc80 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetStartupInfoW, address_out = 0x777c8070 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetUnhandledExceptionFilter, address_out = 0x777c9b70 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = UnhandledExceptionFilter, address_out = 0x77849330 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x777b8290 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = RtlVirtualUnwind, address_out = 0x777fb5b0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = RtlLookupFunctionEntry, address_out = 0x777fb610 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = RtlCaptureContext, address_out = 0x777fb6f0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = InitializeSListHead, address_out = 0x778f7700 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetCurrentThreadId, address_out = 0x777c3ee0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = LoadLibraryExA, address_out = 0x777be3b0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetProcessId, address_out = 0x777b81f0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetComputerNameW, address_out = 0x777bd130 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = ProcessIdToSessionId, address_out = 0x777bd950 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetCurrentThread, address_out = 0x777c3f20 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetConsoleCursorPosition, address_out = 0x777bd090 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetCurrentDirectoryW, address_out = 0x777ccab0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = FillConsoleOutputCharacterW, address_out = 0x77804920 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetTimeZoneInformation, address_out = 0x777b33c0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetSystemDirectoryW, address_out = 0x777c7120 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetStdHandle, address_out = 0x777cd750 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetConsoleScreenBufferInfo, address_out = 0x777c3aa0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetEvent, address_out = 0x777c3f00 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = CreateEventW, address_out = 0x777c5290 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = CreatePipe, address_out = 0x777b4a10 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetHandleInformation, address_out = 0x777b5bb0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetModuleHandleW, address_out = 0x777d3730 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GlobalSize, address_out = 0x777fe400 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = FreeLibrary, address_out = 0x777c6620 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetProcAddress, address_out = 0x777d3690 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = LoadLibraryW, address_out = 0x777c6f80 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = lstrlenA, address_out = 0x777ccaf0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = ExitProcess, address_out = 0x778f40f0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = RaiseException, address_out = 0x777bcf10 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetConsoleCtrlHandler, address_out = 0x777c6f00 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetTickCount, address_out = 0x777d2b00 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = QueryPerformanceCounter, address_out = 0x777c6500 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = FormatMessageA, address_out = 0x777fc230 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetSystemTime, address_out = 0x777d3540 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetProcessHeap, address_out = 0x777d3050 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetCurrentProcessId, address_out = 0x777c5a50 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = DeleteCriticalSection, address_out = 0x778f5350 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetFileSize, address_out = 0x777bf9d0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = LockFileEx, address_out = 0x777fbea0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = CreateFileMappingA, address_out = 0x777bead0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = UnlockFile, address_out = 0x777fbc30 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = HeapDestroy, address_out = 0x777c1490 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = HeapCompact, address_out = 0x777fbfa0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = HeapAlloc, address_out = 0x779233a0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetSystemInfo, address_out = 0x777c6f70 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = HeapReAlloc, address_out = 0x77903f20 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = DeleteFileW, address_out = 0x777bad90 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetVersionExA, address_out = 0x777c70c0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = WaitForSingleObjectEx, address_out = 0x777d2ff0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = FlushViewOfFile, address_out = 0x777fc290 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = OutputDebugStringW, address_out = 0x777bb760 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetFileAttributesExW, address_out = 0x777bb7a0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetFileAttributesA, address_out = 0x777c13e0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetDiskFreeSpaceA, address_out = 0x777fc140 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = FormatMessageW, address_out = 0x777c3840 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = MultiByteToWideChar, address_out = 0x777c5b50 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = HeapSize, address_out = 0x778f82d0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = HeapValidate, address_out = 0x777c10e0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetVersionExW, address_out = 0x777bd910 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = CreateMutexW, address_out = 0x777c13c0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetTempPathW, address_out = 0x77812040 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = UnlockFileEx, address_out = 0x777fbc10 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetEndOfFile, address_out = 0x777fbd70 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetFullPathNameA, address_out = 0x777d3670 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = InitializeCriticalSection, address_out = 0x778f8100 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = LeaveCriticalSection, address_out = 0x77923000 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = LockFile, address_out = 0x777fbed0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = OutputDebugStringA, address_out = 0x777b4f60 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetDiskFreeSpaceW, address_out = 0x777fc110 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetFullPathNameW, address_out = 0x777c76e0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = EnterCriticalSection, address_out = 0x77922fc0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = HeapFree, address_out = 0x777d3070 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = HeapCreate, address_out = 0x777c70e0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = TryEnterCriticalSection, address_out = 0x778f5320 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = AreFileApisANSI, address_out = 0x777fc5d0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetDateFormatW, address_out = 0x777bbe40 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetSystemTimeAsFileTime, address_out = 0x777c3f40 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = WideCharToMultiByte, address_out = 0x777d35f0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SystemTimeToFileTime, address_out = 0x777d3560 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetTimeFormatW, address_out = 0x777bc830 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = lstrlenW, address_out = 0x777c3ec0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = ClearCommError, address_out = 0x777fa450 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = PurgeComm, address_out = 0x777f9760 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = CreateRemoteThread, address_out = 0x777fc4f0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = WaitForSingleObject, address_out = 0x777d2b20 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetLastError, address_out = 0x777d2df0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = FreeEnvironmentStringsW, address_out = 0x777c6d20 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetEnvironmentVariableA, address_out = 0x777fbd60 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetEnvironmentVariableW, address_out = 0x777c6ee0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetFilePointerEx, address_out = 0x777baf00 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = WriteConsoleW, address_out = 0x777c3d40 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetOEMCP, address_out = 0x777cb580 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = CreateProcessW, address_out = 0x777d1bb0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetConsoleOutputCP, address_out = 0x77819fe0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = GetConsoleOutputCP, address_out = 0x777c9780 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = MapViewOfFile, address_out = 0x777be390 True 1
Fn
Module Get Handle module_name = c:\windows\system32\netapi32.dll, base_address = 0x7fefba40000 True 1
Fn
Module Load module_name = api-ms-win-core-synch-l1-2-0, base_address = 0x0 False 1
Fn
Module Load module_name = api-ms-win-core-synch-l1-2-0, base_address = 0x7fef8380000 True 1
Fn
Module Get Address module_name = c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll, function = InitializeCriticalSectionEx, address_out = 0x0 False 1
Fn
Module Load module_name = api-ms-win-core-fibers-l1-1-1, base_address = 0x0 False 2
Fn
Module Load module_name = kernel32, base_address = 0x0 False 1
Fn
Module Load module_name = kernel32, base_address = 0x777b0000 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = FlsAlloc, address_out = 0x777c7190 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = FlsGetValue, address_out = 0x777d3520 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = FlsSetValue, address_out = 0x777cbd90 True 1
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
File Get Info filename = STD_INPUT_HANDLE, type = file_type True 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 1
Fn
File Get Info filename = STD_OUTPUT_HANDLE, type = file_type True 1
Fn
File Open filename = STD_ERROR_HANDLE True 1
Fn
File Get Info filename = STD_ERROR_HANDLE, type = file_type True 1
Fn
Module Load module_name = api-ms-win-core-localization-l1-2-1, base_address = 0x0 False 2
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = LCMapStringEx, address_out = 0x777fb710 True 1
Fn
Module Get Filename module_name = api-ms-win-core-localization-l1-2-1, process_name = c:\windows\temp\m64.exe, file_name_orig = c:\windows\temp\m64.exe, size = 260 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = AreFileApisANSI, address_out = 0x777fc5d0 True 1
Fn
File Delete filename = C:\Windows\temp\snamelog False 1
Fn
File Delete filename = C:\Windows\temp\spasslog False 1
Fn
Module Load module_name = rsaenh, base_address = 0x7fefce10000 True 1
Fn
Module Get Address module_name = c:\windows\system32\rsaenh.dll, function = CPExportKey, address_out = 0x7fefce159e8 True 1
Fn
Module Load module_name = vaultcli, base_address = 0x7fef8370000 True 1
Fn
Module Get Address module_name = c:\windows\system32\vaultcli.dll, function = VaultEnumerateItemTypes, address_out = 0x7fef8374b60 True 1
Fn
Module Get Address module_name = c:\windows\system32\vaultcli.dll, function = VaultEnumerateVaults, address_out = 0x7fef837468c True 1
Fn
Module Get Address module_name = c:\windows\system32\vaultcli.dll, function = VaultOpenVault, address_out = 0x7fef8374274 True 1
Fn
Module Get Address module_name = c:\windows\system32\vaultcli.dll, function = VaultGetInformation, address_out = 0x7fef8373fb0 True 1
Fn
Module Get Address module_name = c:\windows\system32\vaultcli.dll, function = VaultEnumerateItems, address_out = 0x7fef83750d4 True 1
Fn
Module Get Address module_name = c:\windows\system32\vaultcli.dll, function = VaultCloseVault, address_out = 0x7fef83742fc True 1
Fn
Module Get Address module_name = c:\windows\system32\vaultcli.dll, function = VaultFree, address_out = 0x7fef837626c True 1
Fn
Module Get Address module_name = c:\windows\system32\vaultcli.dll, function = VaultGetItem, address_out = 0x7fef8375370 True 1
Fn
Keyboard Get Info type = KB_LOCALE_ID, os_tid = 0, result_out = 67699721 True 1
Fn
File Create filename = \\?\hid#vid_045e&pid_0029#6&9d4e2fb&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Create filename = \\?\hid#vid_08c3&pid_0003#6&b31e8e6&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
Module Load module_name = bcrypt.dll, base_address = 0x7fefd280000 True 1
Fn
Module Get Address module_name = c:\windows\system32\bcrypt.dll, function = BCryptOpenAlgorithmProvider, address_out = 0x7fefd282640 True 1
Fn
Module Get Address module_name = c:\windows\system32\bcrypt.dll, function = BCryptSetProperty, address_out = 0x7fefd285160 True 1
Fn
Module Get Address module_name = c:\windows\system32\bcrypt.dll, function = BCryptGetProperty, address_out = 0x7fefd281510 True 1
Fn
System Get Info type = SYSTEM_PROCESS_INFORMATION False 4
Fn
System Get Info type = SYSTEM_PROCESS_INFORMATION True 1
Fn
Process Open desired_access = PROCESS_VM_READ, PROCESS_QUERY_LIMITED_INFORMATION True 1
Fn
Process Get Info type = PROCESS_BASIC_INFORMATION True 1
Fn
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fffffd7000, size = 32 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x77a02640, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3224a0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x322336, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0xff1b0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0xff1b00f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0xff1b00f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x322590, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x779e53f8, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x778d0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x778d00e0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x778d00e0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x322910, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3228e8, size = 26 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x777b0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x777b00e8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x777b00e8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x322a80, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x322a58, size = 30 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd8d0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd8d00f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd8d00f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3237b0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x323788, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe170000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe1700e8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe1700e8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3239e0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3239b8, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe4d0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe4d00f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe4d00f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x323ef0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x323ec8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd600000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd6000f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd6000f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3377d0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3377a8, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd490000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd4900e8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd4900e8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3378c0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x337758, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefea30000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefea300e8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefea300e8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3375a0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x337578, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd6e0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd6e00e8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd6e00e8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3379b0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x337528, size = 26 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe3f0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe3f00e0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe3f00e0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x337aa0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3376b8, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x776b0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x776b00f8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x776b00f8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x337b90, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x337708, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe100000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe1000f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe1000f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x337c80, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3361c8, size = 16 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefdec0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefdec00e0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefdec00e0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x337dc0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x337d98, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe320000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe3200e0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe3200e0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x338980, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x338958, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd3d0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd3d00f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd3d00f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339a70, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x338b18, size = 26 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd3b0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd3b00e8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd3b00e8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339b90, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x338ac8, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd8c0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd8c00e0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd8c00e0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339c80, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x338bb8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd340000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd3400f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd3400f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339d70, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x338b68, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefdfb0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefdfb00f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefdfb00f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339e60, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x338c08, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe210000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe2100f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe2100f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339f50, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339068, size = 26 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd330000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd3300e8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd3300e8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33a040, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3390b8, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd300000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd3000f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd3000f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33a130, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x338e38, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd2b0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd2b00f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd2b00f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33a220, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x338cf8, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd280000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd2800f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd2800f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33a310, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x338d98, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x755f0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x755f00b8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x755f00b8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33a400, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339018, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd220000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd2200e8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd2200e8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33a4f0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3392e8, size = 26 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd1f0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd1f00e8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd1f00e8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33a5e0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339338, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd6b0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd6b00f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd6b00f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33a6d0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339388, size = 28 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd710000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd7100f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd7100f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33a7c0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3394c8, size = 26 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd130000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd1300f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd1300f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33a8b0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3395b8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd110000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd1100e8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd1100e8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33a9a0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339608, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe980000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe9800e0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefe9800e0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33aa90, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x358608, size = 16 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7feff9c0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7feff9c00f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7feff9c00f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33ab80, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3396a8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0b0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0b00e8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0b00e8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33ac70, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3396f8, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0a0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0a00f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0a00f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33ad60, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339838, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd040000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0400e0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0400e0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33ae50, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339978, size = 26 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcf90000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcf900e0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcf900e0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33af40, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3399c8, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcf30000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcf300e8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcf300e8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33b030, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339a18, size = 26 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcf00000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcf000e0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcf000e0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33b120, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3609f8, size = 26 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcea0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcea00e0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcea00e0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33b210, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3609a8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd940000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd9400f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd9400f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33b300, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x367318, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce60000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce600e0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce600e0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33b3f0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x367458, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce10000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce100f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce100f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33b4e0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x367598, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcdf0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcdf00e0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcdf00e0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33b5d0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3676d8, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcda0000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcda00f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcda00f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33b6c0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x368778, size = 42 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcd50000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcd500e8, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcd500e8, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33b7b0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x339248, size = 32 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd800000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd8000e0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd8000e0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33b8a0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3678b8, size = 28 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcd30000, size = 64 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcd300f0, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcd300f0, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x33b990, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x367a98, size = 22 True 1
Fn
Data
Module Get Address module_name = c:\windows\system32\bcrypt.dll, function = BCryptGenerateSymmetricKey, address_out = 0x7fefd281aa0 True 1
Fn
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd5d97c0, size = 4 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd5dd440, size = 8 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3fd440, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3e1030, size = 32 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3e0eb0, size = 26 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x34e751, size = 1 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x34e750, size = 12 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d8710, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c4810, size = 42 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d7d50, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0500, size = 18 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0521, size = 1 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0520, size = 28 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d7d10, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x397030, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x397060, size = 160 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x397058, size = 8 True 1
Fn
Data
Module Get Address module_name = c:\windows\system32\bcrypt.dll, function = BCryptDecrypt, address_out = 0x7fefd281030 True 1
Fn
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcdf0000, size = 98304 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefcdf5b09, size = 4 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce04b00, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396190, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0a20, size = 116 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3dcc80, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0ad0, size = 116 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0b58, size = 8 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3b2120, size = 56 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0710, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3961e0, size = 42 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0740, size = 24 True 1
Fn
Data
File Create filename = C:\Windows\temp\snamelog, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Get Info filename = C:\Windows\temp\snamelog, type = file_type True 1
Fn
File Write filename = C:\Windows\temp\snamelog, size = 22 True 1
Fn
Data
File Create filename = C:\Windows\temp\spasslog, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Get Info filename = C:\Windows\temp\spasslog, type = file_type True 1
Fn
File Write filename = C:\Windows\temp\spasslog, size = 11 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce60000, size = 221184 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce617c2, size = 4 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce912c0, size = 8 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3774b0, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3774b0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c4bd0, size = 42 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d7e70, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d7e90, size = 24 True 1
Fn
Data
File Create filename = C:\Windows\temp\snamelog, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Get Info filename = C:\Windows\temp\snamelog, type = file_type True 1
Fn
File Read filename = C:\Windows\temp\snamelog, size = 1, size_out = 1 True 1
Fn
Data
File Write filename = C:\Windows\temp\snamelog, size = 22 True 1
Fn
Data
File Create filename = C:\Windows\temp\spasslog, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Get Info filename = C:\Windows\temp\spasslog, type = file_type True 1
Fn
File Read filename = C:\Windows\temp\spasslog, size = 1, size_out = 1 True 1
Fn
Data
File Write filename = C:\Windows\temp\spasslog, size = 11 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd130000, size = 737280 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd19955d, size = 4 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd1d2840, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x394590, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3b5110, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x399350, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3abbe0, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c49e0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d2970, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x366d90, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x373a30, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c4b60, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d2b80, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d2b80, size = 312 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c4b10, size = 42 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d7dd0, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d7df0, size = 24 True 1
Fn
Data
File Create filename = C:\Windows\temp\snamelog, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Get Info filename = C:\Windows\temp\snamelog, type = file_type True 1
Fn
File Read filename = C:\Windows\temp\snamelog, size = 1, size_out = 1 True 1
Fn
Data
File Write filename = C:\Windows\temp\snamelog, size = 22 True 1
Fn
Data
File Create filename = C:\Windows\temp\spasslog, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Get Info filename = C:\Windows\temp\spasslog, type = file_type True 1
Fn
File Read filename = C:\Windows\temp\spasslog, size = 1, size_out = 1 True 1
Fn
Data
File Write filename = C:\Windows\temp\spasslog, size = 11 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd040000, size = 331776 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0423e0, size = 4 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0878d0, size = 16 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c78d0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c80f0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7ce0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c79a0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7730, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7250, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c6fe0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3bacd0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x36ffd0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x346cf0, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3da040, size = 16 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d7950, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c4850, size = 42 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d7d70, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0560, size = 18 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0581, size = 1 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0580, size = 28 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396a00, size = 24 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396e50, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396e80, size = 160 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396e78, size = 8 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce04b00, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396190, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0a20, size = 116 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0aa8, size = 8 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3b21e0, size = 56 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0620, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x395c40, size = 42 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d06e0, size = 24 True 1
Fn
Data
File Create filename = C:\Windows\temp\snamelog, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Get Info filename = C:\Windows\temp\snamelog, type = file_type True 1
Fn
File Read filename = C:\Windows\temp\snamelog, size = 1, size_out = 1 True 1
Fn
Data
File Write filename = C:\Windows\temp\snamelog, size = 22 True 1
Fn
Data
File Create filename = C:\Windows\temp\spasslog, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Get Info filename = C:\Windows\temp\spasslog, type = file_type True 1
Fn
File Read filename = C:\Windows\temp\spasslog, size = 1, size_out = 1 True 1
Fn
Data
File Write filename = C:\Windows\temp\spasslog, size = 11 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce912c0, size = 8 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3774b0, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x377390, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x377390, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c4890, size = 42 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d7e30, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d7e50, size = 24 True 1
Fn
Data
File Create filename = C:\Windows\temp\snamelog, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Get Info filename = C:\Windows\temp\snamelog, type = file_type True 1
Fn
File Read filename = C:\Windows\temp\snamelog, size = 1, size_out = 1 True 1
Fn
Data
File Write filename = C:\Windows\temp\snamelog, size = 22 True 1
Fn
Data
File Create filename = C:\Windows\temp\spasslog, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Get Info filename = C:\Windows\temp\spasslog, type = file_type True 1
Fn
File Read filename = C:\Windows\temp\spasslog, size = 1, size_out = 1 True 1
Fn
Data
File Write filename = C:\Windows\temp\spasslog, size = 11 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd1d2840, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x394590, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3b5110, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x399350, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3abbe0, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c49e0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d2970, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d2970, size = 312 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c4990, size = 42 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d7d30, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d7d90, size = 24 True 1
Fn
Data
File Create filename = C:\Windows\temp\snamelog, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Get Info filename = C:\Windows\temp\snamelog, type = file_type True 1
Fn
File Read filename = C:\Windows\temp\snamelog, size = 1, size_out = 1 True 1
Fn
Data
File Write filename = C:\Windows\temp\snamelog, size = 22 True 1
Fn
Data
File Create filename = C:\Windows\temp\spasslog, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE True 1
Fn
File Get Info filename = C:\Windows\temp\spasslog, type = file_type True 1
Fn
File Read filename = C:\Windows\temp\spasslog, size = 1, size_out = 1 True 1
Fn
Data
File Write filename = C:\Windows\temp\spasslog, size = 11 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0878d0, size = 16 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c78d0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c80f0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7ce0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c79a0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7730, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7250, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c6fe0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3bacd0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x36ffd0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x346cf0, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3da040, size = 16 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3b4800, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3a31b0, size = 28 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3a3210, size = 26 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3966e1, size = 1 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3966e0, size = 12 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce04b00, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396190, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0a20, size = 116 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3dcc80, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0ad0, size = 116 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce912c0, size = 8 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3774b0, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x377390, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x376e80, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x376e80, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3594e0, size = 2 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3594d0, size = 2 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd1d2840, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x394590, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3b5110, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3b5110, size = 312 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3594f0, size = 2 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x359500, size = 2 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0878d0, size = 16 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c78d0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c80f0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7ce0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c79a0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7730, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7250, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c6fe0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3bacd0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x36ffd0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x369fd0, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3b4c80, size = 16 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3a7380, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3964c0, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3964e0, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396501, size = 1 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396500, size = 12 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce04b00, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396190, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0a20, size = 116 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3dcc80, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0ad0, size = 116 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce912c0, size = 8 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3774b0, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x377390, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x376e80, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3a0c60, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3a0c60, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396560, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396540, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd1d2840, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x394590, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3b5110, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x399350, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3abbe0, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3abbe0, size = 312 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396580, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3965a0, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0878d0, size = 16 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c78d0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c80f0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7ce0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c79a0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7730, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7250, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c6fe0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3bacd0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x36ffd0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3509a0, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3ab750, size = 16 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x35f590, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x1, size = 1 False 1
Fn
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce04b00, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396190, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0a20, size = 116 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3dcc80, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0ad0, size = 116 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce912c0, size = 8 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3774b0, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x377390, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x376e80, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3a0c60, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3708f0, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd1d2840, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x394590, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3b5110, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x399350, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3abbe0, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c49e0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d2970, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x366d90, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x373a30, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c4b60, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d2b80, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0878d0, size = 16 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c78d0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c80f0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7ce0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c79a0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7730, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7250, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c6fe0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3bacd0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x36ffd0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x34ff40, size = 264 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x354460, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x354480, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x34e631, size = 1 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x34e630, size = 12 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce04b00, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x396190, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0a20, size = 116 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3dcc80, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d0ad0, size = 116 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefce912c0, size = 8 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3774b0, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x377390, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x376e80, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3a0c60, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3708f0, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3708f0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x354500, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x354520, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd1d2840, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x394590, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3b5110, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x399350, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3abbe0, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c49e0, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3d2970, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x366d90, size = 104 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x373a30, size = 72 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x373a30, size = 312 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x354540, size = 22 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x354560, size = 20 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x7fefd0878d0, size = 16 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c78d0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c80f0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7ce0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c79a0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7730, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c7250, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3c6fe0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3bacd0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x36ffd0, size = 96 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x369be0, size = 40 True 1
Fn
Data
Memory Read process_name = c:\windows\system32\lsass.exe, address = 0x3735a0, size = 16 True 1
Fn
Data
Module Get Address module_name = c:\windows\system32\bcrypt.dll, function = BCryptCloseAlgorithmProvider, address_out = 0x7fefd2832b0 True 1
Fn
Module Get Address module_name = c:\windows\system32\bcrypt.dll, function = BCryptDestroyKey, address_out = 0x7fefd2816a0 True 1
Fn
Process #6: ktsi.exe
207 0
»
Information Value
ID #6
File Name c:\windows\temp\ktsi.exe
Command Line "C:\Windows\temp\ktsi.exe"
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:34, Reason: Child Process
Unmonitor End Time: 00:01:31, Reason: Self Terminated
Monitor Duration 00:00:57
OS Process Information
»
Information Value
PID 0x94c
Parent PID 0x8e4 (c:\users\5p5nrgjn0js halpmcxz\desktop\out.exe)
Is Created or Modified Executable True
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 950
0x 868
0x 920
0x 9B0
0x 998
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00030fff Private Memory rw True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
private_0x0000000000050000 0x00050000 0x0008ffff Private Memory rw True False False -
private_0x0000000000090000 0x00090000 0x0018ffff Private Memory rw True False False -
pagefile_0x0000000000190000 0x00190000 0x00193fff Pagefile Backed Memory r True False False -
pagefile_0x00000000001a0000 0x001a0000 0x001a0fff Pagefile Backed Memory r True False False -
private_0x00000000001b0000 0x001b0000 0x001b0fff Private Memory rw True False False -
pagefile_0x00000000001c0000 0x001c0000 0x001c0fff Pagefile Backed Memory rw True False False -
private_0x00000000001d0000 0x001d0000 0x001dffff Private Memory rw True False False -
private_0x00000000001e0000 0x001e0000 0x0025ffff Private Memory rw True False False -
private_0x0000000000260000 0x00260000 0x00260fff Private Memory rw True False False -
pagefile_0x0000000000270000 0x00270000 0x00276fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000280000 0x00280000 0x00281fff Pagefile Backed Memory rw True False False -
private_0x0000000000290000 0x00290000 0x0038ffff Private Memory rw True False False -
locale.nls 0x00390000 0x003f6fff Memory Mapped File r False False False -
ktsi.exe 0x00400000 0x00503fff Memory Mapped File rwx True True False
...
pagefile_0x0000000000510000 0x00510000 0x00697fff Pagefile Backed Memory r True False False -
pagefile_0x00000000006a0000 0x006a0000 0x00820fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000830000 0x00830000 0x01c2ffff Pagefile Backed Memory r True False False -
private_0x0000000001c30000 0x01c30000 0x01c6ffff Private Memory rw True False False -
private_0x0000000001c70000 0x01c70000 0x01d6ffff Private Memory rw True False False -
private_0x0000000001d70000 0x01d70000 0x01deffff Private Memory rw True False False -
private_0x0000000001df0000 0x01df0000 0x01e2ffff Private Memory rw True False False -
private_0x0000000001e30000 0x01e30000 0x01f2ffff Private Memory rw True False False -
sortdefault.nls 0x01f30000 0x021fefff Memory Mapped File r False False False -
pagefile_0x0000000002200000 0x02200000 0x025f2fff Pagefile Backed Memory r True False False -
private_0x0000000002600000 0x02600000 0x0263ffff Private Memory rw True False False -
private_0x0000000002640000 0x02640000 0x0273ffff Private Memory rw True False False -
private_0x0000000002740000 0x02740000 0x0277ffff Private Memory rw True False False -
private_0x0000000002780000 0x02780000 0x0287ffff Private Memory rw True False False -
api-ms-win-core-synch-l1-2-0.dll 0x74fe0000 0x74fe2fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
shell32.dll 0x76900000 0x77549fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x950
207 0
»
Category Operation Information Success Count Logfile
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = VirtualProtect, address_out = 0x757d435f True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCurrentProcessId, address_out = 0x757d11f8 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetTickCount, address_out = 0x757d110c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FreeLibrary, address_out = 0x757d34c8 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GlobalMemoryStatus, address_out = 0x757d8b6d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = LoadLibraryA, address_out = 0x757d49d7 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlushConsoleInputBuffer, address_out = 0x75877a9f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = QueryPerformanceCounter, address_out = 0x757d1725 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetEnvironmentVariableA, address_out = 0x757de331 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FreeEnvironmentStringsW, address_out = 0x757d51cb True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetEnvironmentStringsW, address_out = 0x757d51e3 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCPInfo, address_out = 0x757d5189 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetOEMCP, address_out = 0x757fd1a1 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsValidCodePage, address_out = 0x757d4493 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CloseHandle, address_out = 0x757d1410 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = MultiByteToWideChar, address_out = 0x757d192e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetProcAddress, address_out = 0x757d1222 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCurrentThreadId, address_out = 0x757d1450 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WriteFile, address_out = 0x757d1282 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetLastError, address_out = 0x757d11c0 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetFileType, address_out = 0x757d3531 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetStdHandle, address_out = 0x757d51b3 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetModuleHandleA, address_out = 0x757d1245 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = Wow64EnableWow64FsRedirection, address_out = 0x757eebe8 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetDriveTypeA, address_out = 0x757eef75 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetEndOfFile, address_out = 0x757ece2e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetModuleFileNameA, address_out = 0x757d14b1 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FindNextFileA, address_out = 0x757fd53e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FindFirstFileExA, address_out = 0x7585427f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetProcessHeap, address_out = 0x757d14e9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = EnterCriticalSection, address_out = 0x77ad22b0 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = LeaveCriticalSection, address_out = 0x77ad2270 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = DeleteCriticalSection, address_out = 0x77ae45f5 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetLastError, address_out = 0x757d11a9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = InitializeCriticalSectionAndSpinCount, address_out = 0x757d1916 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = TlsAlloc, address_out = 0x757d49ad True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = TlsGetValue, address_out = 0x757d11e0 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = TlsSetValue, address_out = 0x757d14fb True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = TlsFree, address_out = 0x757d3587 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetSystemTimeAsFileTime, address_out = 0x757d3509 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetModuleHandleW, address_out = 0x757d34b0 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = UnhandledExceptionFilter, address_out = 0x757f772f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetUnhandledExceptionFilter, address_out = 0x757d87c9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCurrentProcess, address_out = 0x757d1809 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = TerminateProcess, address_out = 0x757ed802 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsProcessorFeaturePresent, address_out = 0x757d5235 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = InitializeSListHead, address_out = 0x77ae94a4 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetStartupInfoW, address_out = 0x757d4d40 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = EncodePointer, address_out = 0x77af0fcb True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = RaiseException, address_out = 0x757d58a6 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = RtlUnwind, address_out = 0x757fd1c3 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = LoadLibraryExW, address_out = 0x757d495d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = ExitProcess, address_out = 0x757d7a10 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetModuleHandleExW, address_out = 0x757d4a6f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FindClose, address_out = 0x757d4442 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FindFirstFileExW, address_out = 0x757e1811 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FindNextFileW, address_out = 0x757d54ee True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SystemTimeToTzSpecificLocalTime, address_out = 0x757f0652 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FileTimeToSystemTime, address_out = 0x757d542c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetModuleFileNameW, address_out = 0x757d4950 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleCtrlHandler, address_out = 0x757d8a09 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = ReadFile, address_out = 0x757d3ed3 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetConsoleMode, address_out = 0x757d1328 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = ReadConsoleInputA, address_out = 0x75876f53 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleMode, address_out = 0x757ea77d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = HeapAlloc, address_out = 0x77ade026 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = HeapValidate, address_out = 0x757eb17b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetSystemInfo, address_out = 0x757d49ca True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WideCharToMultiByte, address_out = 0x757d170d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCommandLineA, address_out = 0x757d51a1 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCommandLineW, address_out = 0x757d5223 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetACP, address_out = 0x757d179c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CompareStringW, address_out = 0x757d3bca True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = LCMapStringW, address_out = 0x757d17b9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetStdHandle, address_out = 0x7585454f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetConsoleCP, address_out = 0x75877bff True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = DeleteFileW, address_out = 0x757d89b3 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WaitForSingleObject, address_out = 0x757d1136 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetExitCodeProcess, address_out = 0x757e174d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateProcessA, address_out = 0x757d1072 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetFileAttributesExW, address_out = 0x757d4574 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = OutputDebugStringA, address_out = 0x757fb2b7 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = OutputDebugStringW, address_out = 0x757fd1d4 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WriteConsoleW, address_out = 0x757f7aca True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WaitForSingleObjectEx, address_out = 0x757d1151 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateThread, address_out = 0x757d34d5 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = ReadConsoleW, address_out = 0x7587739a True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetStringTypeW, address_out = 0x757d1946 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlushFileBuffers, address_out = 0x757d469b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetFilePointerEx, address_out = 0x757ec807 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetTimeZoneInformation, address_out = 0x757d465a True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateFileW, address_out = 0x757d3f5c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = HeapFree, address_out = 0x757d14c9 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = HeapReAlloc, address_out = 0x77af1f6e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = HeapSize, address_out = 0x77ae3002 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = HeapQueryInformation, address_out = 0x758543ff True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = DecodePointer, address_out = 0x77ae9d35 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\user32.dll, base_address = 0x775b0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\user32.dll, function = GetUserObjectInformationW, address_out = 0x775c8068 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\user32.dll, function = GetProcessWindowStation, address_out = 0x775c9eea True 1
Fn
Module Get Address module_name = c:\windows\syswow64\user32.dll, function = ShowWindow, address_out = 0x775d0dfb True 1
Fn
Module Get Address module_name = c:\windows\syswow64\user32.dll, function = FindWindowA, address_out = 0x775cffe6 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\user32.dll, function = MessageBoxA, address_out = 0x7761fd1e True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\advapi32.dll, base_address = 0x75720000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = RegisterEventSourceA, address_out = 0x75732d46 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = DeregisterEventSource, address_out = 0x757335dd True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = CloseEventLog, address_out = 0x757277c3 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = ClearEventLogA, address_out = 0x75760ef1 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = OpenEventLogA, address_out = 0x75760fc3 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\advapi32.dll, function = ReportEventA, address_out = 0x75723ee9 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\shell32.dll, base_address = 0x76900000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\shell32.dll, function = SHGetFolderPathA, address_out = 0x76a17804 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\shell32.dll, function = ShellExecuteA, address_out = 0x76b47078 True 1
Fn
System Get Time type = System Time, time = 2018-10-16 14:29:14 (UTC) True 1
Fn
Module Load module_name = api-ms-win-core-synch-l1-2-0, base_address = 0x0 False 1
Fn
Module Load module_name = api-ms-win-core-synch-l1-2-0, base_address = 0x74fe0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\api-ms-win-core-synch-l1-2-0.dll, function = InitializeCriticalSectionEx, address_out = 0x0 False 1
Fn
Module Load module_name = api-ms-win-core-fibers-l1-1-1, base_address = 0x0 False 2
Fn
Module Load module_name = kernel32, base_address = 0x0 False 1
Fn
Module Load module_name = kernel32, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsAlloc, address_out = 0x757d4f2b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsSetValue, address_out = 0x757d4208 True 1
Fn
Module Load module_name = api-ms-win-core-synch-l1-2-0, base_address = 0x0 False 1
Fn
Module Load module_name = api-ms-win-core-synch-l1-2-0, base_address = 0x74fe0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\api-ms-win-core-synch-l1-2-0.dll, function = InitializeCriticalSectionEx, address_out = 0x0 False 1
Fn
Module Load module_name = api-ms-win-core-fibers-l1-1-1, base_address = 0x0 False 2
Fn
Module Load module_name = kernel32, base_address = 0x0 False 1
Fn
Module Load module_name = kernel32, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsAlloc, address_out = 0x757d4f2b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsGetValue, address_out = 0x757d1252 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsSetValue, address_out = 0x757d4208 True 1
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
File Get Info filename = STD_INPUT_HANDLE, type = file_type True 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 1
Fn
File Get Info filename = STD_OUTPUT_HANDLE, type = file_type True 1
Fn
File Open filename = STD_ERROR_HANDLE True 1
Fn
File Get Info filename = STD_ERROR_HANDLE, type = file_type True 1
Fn
Module Load module_name = api-ms-win-core-localization-l1-2-1, base_address = 0x0 False 2
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = LCMapStringEx, address_out = 0x758547f1 True 1
Fn
Module Get Filename module_name = api-ms-win-core-localization-l1-2-1, process_name = c:\windows\temp\ktsi.exe, file_name_orig = C:\Windows\temp\ktsi.exe, size = 260 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsAlloc, address_out = 0x757d4f2b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsFree, address_out = 0x757d359f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsGetValue, address_out = 0x757d1252 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlsSetValue, address_out = 0x757d4208 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = InitializeCriticalSectionEx, address_out = 0x757d4d28 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = InitOnceExecuteOnce, address_out = 0x757ed627 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateEventExW, address_out = 0x7585410b True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateSemaphoreW, address_out = 0x757eca5a True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateSemaphoreExW, address_out = 0x75854195 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateThreadpoolTimer, address_out = 0x757eee7e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadpoolTimer, address_out = 0x77af441c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WaitForThreadpoolTimerCallbacks, address_out = 0x77b1c50e True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CloseThreadpoolTimer, address_out = 0x77b1c381 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateThreadpoolWait, address_out = 0x757ef088 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadpoolWait, address_out = 0x77b005d7 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CloseThreadpoolWait, address_out = 0x77b1ca24 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FlushProcessWriteBuffers, address_out = 0x77ad0b8c True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = FreeLibraryWhenCallbackReturns, address_out = 0x77b8fde8 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCurrentProcessorNumber, address_out = 0x77b21e1d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateSymbolicLinkW, address_out = 0x7584cd11 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetCurrentPackageId, address_out = 0x0 False 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetTickCount64, address_out = 0x757eeee0 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetFileInformationByHandleEx, address_out = 0x757ec78f True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetFileInformationByHandle, address_out = 0x757fcbfc True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetSystemTimePreciseAsFileTime, address_out = 0x0 False 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = InitializeConditionVariable, address_out = 0x77ae8456 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WakeConditionVariable, address_out = 0x77b57de4 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = WakeAllConditionVariable, address_out = 0x77b1409d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SleepConditionVariableCS, address_out = 0x75854b32 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = InitializeSRWLock, address_out = 0x77ae8456 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = AcquireSRWLockExclusive, address_out = 0x77ae29f1 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = TryAcquireSRWLockExclusive, address_out = 0x77af4892 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = ReleaseSRWLockExclusive, address_out = 0x77ae29ab True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SleepConditionVariableSRW, address_out = 0x75854b74 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CreateThreadpoolWork, address_out = 0x757eee45 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SubmitThreadpoolWork, address_out = 0x77b28491 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CloseThreadpoolWork, address_out = 0x77b1d8e2 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CompareStringEx, address_out = 0x758546b1 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = GetLocaleInfoEx, address_out = 0x75854751 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = LCMapStringEx, address_out = 0x758547f1 True 1
Fn
Window Find class_name = ConsoleWindowClass True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = AreFileApisANSI, address_out = 0x758540d1 True 1
Fn
File Get Info filename = C:\Windows\system32\cmd.exe, type = file_attributes True 1
Fn
Process Create process_name = C:\Windows\system32\cmd.exe, os_pid = 0x964, show_window = SW_HIDE True 1
Fn
File Get Info filename = C:\Windows\system32\cmd.exe, type = file_attributes True 1
Fn
Process Create process_name = C:\Windows\system32\cmd.exe, os_pid = 0x328, show_window = SW_HIDE True 1
Fn
File Get Info filename = C:\Windows\system32\cmd.exe, type = file_attributes True 1
Fn
Process Create process_name = C:\Windows\system32\cmd.exe, os_pid = 0x7f8, show_window = SW_HIDE True 1
Fn
File Get Info filename = C:\Windows\system32\cmd.exe, type = file_attributes True 1
Fn
Process Create process_name = C:\Windows\system32\cmd.exe, os_pid = 0x84c, show_window = SW_HIDE True 1
Fn
File Get Info filename = C:\Windows\system32\cmd.exe, type = file_attributes True 1
Fn
Process Create process_name = C:\Windows\system32\cmd.exe, os_pid = 0x890, show_window = SW_HIDE True 1
Fn
File Get Info filename = C:\Windows\system32\cmd.exe, type = file_attributes True 1
Fn
Process Create process_name = C:\Windows\system32\cmd.exe, os_pid = 0x3a0, show_window = SW_HIDE True 1
Fn
File Get Info filename = C:\Windows\system32\cmd.exe, type = file_attributes True 1
Fn
Process Create process_name = C:\Windows\system32\cmd.exe, os_pid = 0x700, show_window = SW_HIDE True 1
Fn
File Get Info filename = C:\Windows\system32\cmd.exe, type = file_attributes True 1
Fn
Process Create process_name = C:\Windows\system32\cmd.exe, os_pid = 0x8b0, show_window = SW_HIDE True 1
Fn
Process #7: cmd.exe
57 0
»
Information Value
ID #7
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c taskkill /F /IM mysqld.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:34, Reason: Child Process
Unmonitor End Time: 00:00:38, Reason: Self Terminated
Monitor Duration 00:00:04
OS Process Information
»
Information Value
PID 0x964
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 968
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e1fff Pagefile Backed Memory rw True False False -
private_0x00000000000f0000 0x000f0000 0x001effff Private Memory rw True False False -
private_0x00000000001f0000 0x001f0000 0x001f0fff Private Memory rw True False False -
private_0x0000000000200000 0x00200000 0x00200fff Private Memory rw True False False -
private_0x0000000000230000 0x00230000 0x0026ffff Private Memory rw True False False -
private_0x00000000002b0000 0x002b0000 0x0032ffff Private Memory rw True False False -
private_0x0000000000370000 0x00370000 0x0046ffff Private Memory rw True False False -
private_0x0000000000590000 0x00590000 0x0059ffff Private Memory rw True False False -
pagefile_0x00000000005a0000 0x005a0000 0x00727fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000730000 0x00730000 0x008b0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000008c0000 0x008c0000 0x01cbffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001cc0000 0x01cc0000 0x02002fff Pagefile Backed Memory r True False False -
cmd.exe 0x4a060000 0x4a0abfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751b0000 0x751b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x968
57 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:14 (UTC) True 1
Fn
System Get Time type = Ticks, time = 96595 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4a060000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 2
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000080 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #8: taskkill.exe
0 0
»
Information Value
ID #8
File Name c:\windows\syswow64\taskkill.exe
Command Line taskkill /F /IM mysqld.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:35, Reason: Child Process
Unmonitor End Time: 00:00:38, Reason: Self Terminated
Monitor Duration 00:00:03
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x970
Parent PID 0x964 (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 974
0x 978
0x 7E8
0x 244
0x 668
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e1fff Pagefile Backed Memory rw True False False -
taskkill.exe.mui 0x000f0000 0x000f3fff Memory Mapped File rw False False False -
private_0x0000000000100000 0x00100000 0x00100fff Private Memory rw True False False -
private_0x0000000000110000 0x00110000 0x00110fff Private Memory rw True False False -
pagefile_0x0000000000120000 0x00120000 0x00120fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000130000 0x00130000 0x00130fff Pagefile Backed Memory r True False False -
private_0x0000000000190000 0x00190000 0x0019ffff Private Memory rw True False False -
private_0x00000000001b0000 0x001b0000 0x001effff Private Memory rw True False False -
private_0x0000000000230000 0x00230000 0x0026ffff Private Memory rw True False False -
private_0x0000000000280000 0x00280000 0x002bffff Private Memory rw True False False -
private_0x00000000002f0000 0x002f0000 0x0032ffff Private Memory rw True False False -
kernelbase.dll.mui 0x00330000 0x003effff Memory Mapped File rw False False False -
private_0x00000000003f0000 0x003f0000 0x0046ffff Private Memory rw True False False -
private_0x0000000000490000 0x00490000 0x004cffff Private Memory rw True False False -
private_0x0000000000510000 0x00510000 0x0054ffff Private Memory rw True False False -
private_0x0000000000550000 0x00550000 0x0058ffff Private Memory rw True False False -
private_0x00000000005b0000 0x005b0000 0x005effff Private Memory rw True False False -
private_0x00000000005f0000 0x005f0000 0x006effff Private Memory rw True False False -
pagefile_0x00000000006f0000 0x006f0000 0x00877fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000880000 0x00880000 0x00a00fff Pagefile Backed Memory r True False False -
private_0x0000000000a20000 0x00a20000 0x00a5ffff Private Memory rw True False False -
taskkill.exe 0x00a80000 0x00a95fff Memory Mapped File rwx False False False -
pagefile_0x0000000000aa0000 0x00aa0000 0x01e9ffff Pagefile Backed Memory r True False False -
private_0x0000000001ea0000 0x01ea0000 0x01f9ffff Private Memory rw True False False -
private_0x0000000002020000 0x02020000 0x0205ffff Private Memory rw True False False -
private_0x0000000002090000 0x02090000 0x020cffff Private Memory rw True False False -
sortdefault.nls 0x020d0000 0x0239efff Memory Mapped File r False False False -
private_0x0000000002440000 0x02440000 0x0247ffff Private Memory rw True False False -
ntdsapi.dll 0x74b50000 0x74b67fff Memory Mapped File rwx False False False -
fastprox.dll 0x74b70000 0x74c05fff Memory Mapped File rwx False False False -
wbemsvc.dll 0x74c10000 0x74c1efff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x74c20000 0x74c2dfff Memory Mapped File rwx False False False -
rsaenh.dll 0x74c30000 0x74c6afff Memory Mapped File rwx False False False -
cryptsp.dll 0x74c70000 0x74c85fff Memory Mapped File rwx False False False -
winsta.dll 0x74c90000 0x74cb8fff Memory Mapped File rwx False False False -
wbemcomn.dll 0x74cd0000 0x74d2bfff Memory Mapped File rwx False False False -
dbghelp.dll 0x74d80000 0x74e6afff Memory Mapped File rwx False False False -
wkscli.dll 0x74e70000 0x74e7efff Memory Mapped File rwx False False False -
srvcli.dll 0x74ec0000 0x74ed8fff Memory Mapped File rwx False False False -
wbemprox.dll 0x74ee0000 0x74ee9fff Memory Mapped File rwx False False False -
netutils.dll 0x74ef0000 0x74ef8fff Memory Mapped File rwx False False False -
framedynos.dll 0x74f00000 0x74f34fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
netapi32.dll 0x750a0000 0x750b0fff Memory Mapped File rwx False False False -
wtsapi32.dll 0x750c0000 0x750ccfff Memory Mapped File rwx False False False -
secur32.dll 0x75160000 0x75167fff Memory Mapped File rwx False False False -
mpr.dll 0x75170000 0x75181fff Memory Mapped File rwx False False False -
version.dll 0x751c0000 0x751c8fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #11: cmd.exe
56 0
»
Information Value
ID #11
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c taskkill /F /IM httpd.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:37, Reason: Child Process
Unmonitor End Time: 00:00:38, Reason: Self Terminated
Monitor Duration 00:00:01
OS Process Information
»
Information Value
PID 0x328
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 34C
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000070000 0x00070000 0x00071fff Pagefile Backed Memory rw True False False -
private_0x0000000000080000 0x00080000 0x00080fff Private Memory rw True False False -
private_0x0000000000090000 0x00090000 0x00090fff Private Memory rw True False False -
private_0x00000000000a0000 0x000a0000 0x000affff Private Memory rw True False False -
private_0x00000000000d0000 0x000d0000 0x001cffff Private Memory rw True False False -
private_0x0000000000230000 0x00230000 0x0026ffff Private Memory rw True False False -
private_0x00000000002a0000 0x002a0000 0x0031ffff Private Memory rw True False False -
private_0x0000000000350000 0x00350000 0x0044ffff Private Memory rw True False False -
locale.nls 0x00450000 0x004b6fff Memory Mapped File r False False False -
pagefile_0x00000000004c0000 0x004c0000 0x00647fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000650000 0x00650000 0x007d0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000007e0000 0x007e0000 0x01bdffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001be0000 0x01be0000 0x01f22fff Pagefile Backed Memory r True False False -
cmd.exe 0x4a610000 0x4a65bfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751b0000 0x751b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x34c
56 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:16 (UTC) True 1
Fn
System Get Time type = Ticks, time = 98062 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4a610000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000080 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #12: taskkill.exe
0 0
»
Information Value
ID #12
File Name c:\windows\syswow64\taskkill.exe
Command Line taskkill /F /IM httpd.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:37, Reason: Child Process
Unmonitor End Time: 00:00:38, Reason: Self Terminated
Monitor Duration 00:00:01
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x75c
Parent PID 0x328 (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 830
0x 834
0x 87C
0x 880
0x 7EC
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000070000 0x00070000 0x00071fff Pagefile Backed Memory rw True False False -
taskkill.exe.mui 0x00080000 0x00083fff Memory Mapped File rw False False False -
private_0x0000000000090000 0x00090000 0x00090fff Private Memory rw True False False -
private_0x00000000000a0000 0x000a0000 0x000a0fff Private Memory rw True False False -
private_0x00000000000b0000 0x000b0000 0x000effff Private Memory rw True False False -
private_0x00000000000f0000 0x000f0000 0x0012ffff Private Memory rw True False False -
private_0x0000000000130000 0x00130000 0x001affff Private Memory rw True False False -
locale.nls 0x001b0000 0x00216fff Memory Mapped File r False False False -
pagefile_0x0000000000220000 0x00220000 0x00220fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000230000 0x00230000 0x00230fff Pagefile Backed Memory r True False False -
private_0x0000000000240000 0x00240000 0x0027ffff Private Memory rw True False False -
private_0x00000000002c0000 0x002c0000 0x003bffff Private Memory rw True False False -
private_0x00000000003d0000 0x003d0000 0x0040ffff Private Memory rw True False False -
private_0x0000000000410000 0x00410000 0x0041ffff Private Memory rw True False False -
pagefile_0x0000000000420000 0x00420000 0x005a7fff Pagefile Backed Memory r True False False -
pagefile_0x00000000005b0000 0x005b0000 0x00730fff Pagefile Backed Memory r True False False -
kernelbase.dll.mui 0x00740000 0x007fffff Memory Mapped File rw False False False -
private_0x00000000008a0000 0x008a0000 0x008dffff Private Memory rw True False False -
private_0x0000000000920000 0x00920000 0x0095ffff Private Memory rw True False False -
private_0x0000000000960000 0x00960000 0x00a5ffff Private Memory rw True False False -
taskkill.exe 0x00a90000 0x00aa5fff Memory Mapped File rwx False False False -
pagefile_0x0000000000ab0000 0x00ab0000 0x01eaffff Pagefile Backed Memory r True False False -
private_0x0000000001ee0000 0x01ee0000 0x01f1ffff Private Memory rw True False False -
private_0x0000000001f50000 0x01f50000 0x01f8ffff Private Memory rw True False False -
sortdefault.nls 0x01f90000 0x0225efff Memory Mapped File r False False False -
private_0x0000000002290000 0x02290000 0x022cffff Private Memory rw True False False -
private_0x0000000002340000 0x02340000 0x0237ffff Private Memory rw True False False -
private_0x0000000002380000 0x02380000 0x023bffff Private Memory rw True False False -
private_0x00000000023e0000 0x023e0000 0x0241ffff Private Memory rw True False False -
ntdsapi.dll 0x74b40000 0x74b57fff Memory Mapped File rwx False False False -
fastprox.dll 0x74b60000 0x74bf5fff Memory Mapped File rwx False False False -
wbemsvc.dll 0x74c00000 0x74c0efff Memory Mapped File rwx False False False -
rsaenh.dll 0x74c20000 0x74c5afff Memory Mapped File rwx False False False -
wbemcomn.dll 0x74c60000 0x74cbbfff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x74cd0000 0x74cddfff Memory Mapped File rwx False False False -
cryptsp.dll 0x74ce0000 0x74cf5fff Memory Mapped File rwx False False False -
winsta.dll 0x74d00000 0x74d28fff Memory Mapped File rwx False False False -
wbemprox.dll 0x74d80000 0x74d89fff Memory Mapped File rwx False False False -
dbghelp.dll 0x74d90000 0x74e7afff Memory Mapped File rwx False False False -
framedynos.dll 0x74ec0000 0x74ef4fff Memory Mapped File rwx False False False -
srvcli.dll 0x74f00000 0x74f18fff Memory Mapped File rwx False False False -
netapi32.dll 0x74f20000 0x74f30fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
wkscli.dll 0x750a0000 0x750aefff Memory Mapped File rwx False False False -
wtsapi32.dll 0x750b0000 0x750bcfff Memory Mapped File rwx False False False -
netutils.dll 0x750c0000 0x750c8fff Memory Mapped File rwx False False False -
mpr.dll 0x75160000 0x75171fff Memory Mapped File rwx False False False -
version.dll 0x75180000 0x75188fff Memory Mapped File rwx False False False -
secur32.dll 0x751c0000 0x751c7fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #13: cmd.exe
56 0
»
Information Value
ID #13
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c taskkill /F /IM sqlservr.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:37, Reason: Child Process
Unmonitor End Time: 00:00:37, Reason: Self Terminated
Monitor Duration 00:00:00
OS Process Information
»
Information Value
PID 0x7f8
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 89C
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000070000 0x00070000 0x00071fff Pagefile Backed Memory rw True False False -
private_0x0000000000080000 0x00080000 0x00080fff Private Memory rw True False False -
private_0x0000000000090000 0x00090000 0x00090fff Private Memory rw True False False -
private_0x00000000000b0000 0x000b0000 0x001affff Private Memory rw True False False -
locale.nls 0x001b0000 0x00216fff Memory Mapped File r False False False -
private_0x0000000000230000 0x00230000 0x0026ffff Private Memory rw True False False -
private_0x0000000000300000 0x00300000 0x0030ffff Private Memory rw True False False -
private_0x0000000000350000 0x00350000 0x003cffff Private Memory rw True False False -
private_0x00000000004b0000 0x004b0000 0x005affff Private Memory rw True False False -
pagefile_0x00000000005b0000 0x005b0000 0x00737fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000740000 0x00740000 0x008c0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000008d0000 0x008d0000 0x01ccffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001cd0000 0x01cd0000 0x02012fff Pagefile Backed Memory r True False False -
cmd.exe 0x4a220000 0x4a26bfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751b0000 0x751b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x89c
56 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:16 (UTC) True 1
Fn
System Get Time type = Ticks, time = 98343 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4a220000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000080 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #14: taskkill.exe
0 0
»
Information Value
ID #14
File Name c:\windows\syswow64\taskkill.exe
Command Line taskkill /F /IM sqlservr.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:37, Reason: Child Process
Unmonitor End Time: 00:00:38, Reason: Self Terminated
Monitor Duration 00:00:01
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x868
Parent PID 0x7f8 (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 8BC
0x 8C0
0x 85C
0x 848
0x 864
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000070000 0x00070000 0x00071fff Pagefile Backed Memory rw True False False -
taskkill.exe.mui 0x00080000 0x00083fff Memory Mapped File rw False False False -
private_0x0000000000090000 0x00090000 0x00090fff Private Memory rw True False False -
private_0x00000000000a0000 0x000a0000 0x000a0fff Private Memory rw True False False -
pagefile_0x00000000000b0000 0x000b0000 0x000b0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000000c0000 0x000c0000 0x000c0fff Pagefile Backed Memory r True False False -
private_0x00000000000d0000 0x000d0000 0x0010ffff Private Memory rw True False False -
private_0x0000000000150000 0x00150000 0x0018ffff Private Memory rw True False False -
locale.nls 0x00190000 0x001f6fff Memory Mapped File r False False False -
private_0x0000000000270000 0x00270000 0x0027ffff Private Memory rw True False False -
private_0x0000000000290000 0x00290000 0x002cffff Private Memory rw True False False -
taskkill.exe 0x00300000 0x00315fff Memory Mapped File rwx False False False -
kernelbase.dll.mui 0x00320000 0x003dffff Memory Mapped File rw False False False -
private_0x0000000000410000 0x00410000 0x0044ffff Private Memory rw True False False -
private_0x0000000000490000 0x00490000 0x0050ffff Private Memory rw True False False -
private_0x0000000000510000 0x00510000 0x0060ffff Private Memory rw True False False -
private_0x0000000000630000 0x00630000 0x0066ffff Private Memory rw True False False -
private_0x0000000000680000 0x00680000 0x0077ffff Private Memory rw True False False -
pagefile_0x0000000000780000 0x00780000 0x00907fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000910000 0x00910000 0x00a90fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000aa0000 0x00aa0000 0x01e9ffff Pagefile Backed Memory r True False False -
private_0x0000000001ee0000 0x01ee0000 0x01f1ffff Private Memory rw True False False -
private_0x0000000001f60000 0x01f60000 0x01f9ffff Private Memory rw True False False -
private_0x0000000001fc0000 0x01fc0000 0x01ffffff Private Memory rw True False False -
sortdefault.nls 0x02000000 0x022cefff Memory Mapped File r False False False -
private_0x00000000022d0000 0x022d0000 0x0230ffff Private Memory rw True False False -
private_0x0000000002330000 0x02330000 0x0236ffff Private Memory rw True False False -
private_0x00000000023b0000 0x023b0000 0x023effff Private Memory rw True False False -
private_0x00000000023f0000 0x023f0000 0x0242ffff Private Memory rw True False False -
fastprox.dll 0x74b30000 0x74bc5fff Memory Mapped File rwx False False False -
dbghelp.dll 0x74bd0000 0x74cbafff Memory Mapped File rwx False False False -
ntdsapi.dll 0x74cf0000 0x74d07fff Memory Mapped File rwx False False False -
wbemsvc.dll 0x74d10000 0x74d1efff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x74d20000 0x74d2dfff Memory Mapped File rwx False False False -
rsaenh.dll 0x74d80000 0x74dbafff Memory Mapped File rwx False False False -
cryptsp.dll 0x74dc0000 0x74dd5fff Memory Mapped File rwx False False False -
winsta.dll 0x74de0000 0x74e08fff Memory Mapped File rwx False False False -
wbemcomn.dll 0x74e10000 0x74e6bfff Memory Mapped File rwx False False False -
wbemprox.dll 0x74e70000 0x74e79fff Memory Mapped File rwx False False False -
wkscli.dll 0x74ec0000 0x74ecefff Memory Mapped File rwx False False False -
srvcli.dll 0x74ed0000 0x74ee8fff Memory Mapped File rwx False False False -
netutils.dll 0x74ef0000 0x74ef8fff Memory Mapped File rwx False False False -
framedynos.dll 0x74f00000 0x74f34fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
netapi32.dll 0x750a0000 0x750b0fff Memory Mapped File rwx False False False -
wtsapi32.dll 0x750c0000 0x750ccfff Memory Mapped File rwx False False False -
secur32.dll 0x75160000 0x75167fff Memory Mapped File rwx False False False -
mpr.dll 0x75170000 0x75181fff Memory Mapped File rwx False False False -
version.dll 0x751c0000 0x751c8fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #15: cmd.exe
56 0
»
Information Value
ID #15
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c taskkill /F /IM sqlwriter.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:37, Reason: Child Process
Unmonitor End Time: 00:00:38, Reason: Self Terminated
Monitor Duration 00:00:01
OS Process Information
»
Information Value
PID 0x84c
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 844
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
private_0x0000000000030000 0x00030000 0x0003ffff Private Memory rw True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
private_0x0000000000070000 0x00070000 0x000effff Private Memory rw True False False -
private_0x00000000000f0000 0x000f0000 0x001effff Private Memory rw True False False -
pagefile_0x00000000001f0000 0x001f0000 0x001f6fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000200000 0x00200000 0x00201fff Pagefile Backed Memory rw True False False -
private_0x0000000000210000 0x00210000 0x00210fff Private Memory rw True False False -
private_0x0000000000220000 0x00220000 0x00220fff Private Memory rw True False False -
private_0x0000000000230000 0x00230000 0x0026ffff Private Memory rw True False False -
locale.nls 0x00270000 0x002d6fff Memory Mapped File r False False False -
private_0x0000000000340000 0x00340000 0x0043ffff Private Memory rw True False False -
pagefile_0x0000000000440000 0x00440000 0x005c7fff Pagefile Backed Memory r True False False -
pagefile_0x00000000005d0000 0x005d0000 0x00750fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000760000 0x00760000 0x01b5ffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001b60000 0x01b60000 0x01ea2fff Pagefile Backed Memory r True False False -
cmd.exe 0x4a280000 0x4a2cbfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751b0000 0x751b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x844
56 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:16 (UTC) True 1
Fn
System Get Time type = Ticks, time = 98623 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4a280000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000080 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #16: taskkill.exe
0 0
»
Information Value
ID #16
File Name c:\windows\syswow64\taskkill.exe
Command Line taskkill /F /IM sqlwriter.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:37, Reason: Child Process
Unmonitor End Time: 00:00:38, Reason: Self Terminated
Monitor Duration 00:00:01
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x854
Parent PID 0x84c (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 860
0x 870
0x 898
0x 874
0x 840
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e1fff Pagefile Backed Memory rw True False False -
taskkill.exe.mui 0x000f0000 0x000f3fff Memory Mapped File rw False False False -
private_0x0000000000100000 0x00100000 0x00100fff Private Memory rw True False False -
private_0x0000000000110000 0x00110000 0x00110fff Private Memory rw True False False -
pagefile_0x0000000000120000 0x00120000 0x00120fff Pagefile Backed Memory r True False False -
private_0x0000000000130000 0x00130000 0x0016ffff Private Memory rw True False False -
kernelbase.dll.mui 0x00170000 0x0022ffff Memory Mapped File rw False False False -
pagefile_0x0000000000230000 0x00230000 0x00230fff Pagefile Backed Memory r True False False -
private_0x0000000000240000 0x00240000 0x0027ffff Private Memory rw True False False -
private_0x0000000000280000 0x00280000 0x002bffff Private Memory rw True False False -
private_0x00000000002c0000 0x002c0000 0x002fffff Private Memory rw True False False -
private_0x0000000000310000 0x00310000 0x0034ffff Private Memory rw True False False -
private_0x00000000003c0000 0x003c0000 0x003cffff Private Memory rw True False False -
private_0x00000000003f0000 0x003f0000 0x0046ffff Private Memory rw True False False -
private_0x0000000000470000 0x00470000 0x0056ffff Private Memory rw True False False -
private_0x0000000000570000 0x00570000 0x005affff Private Memory rw True False False -
private_0x00000000005e0000 0x005e0000 0x006dffff Private Memory rw True False False -
pagefile_0x00000000006e0000 0x006e0000 0x00867fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000870000 0x00870000 0x009f0fff Pagefile Backed Memory r True False False -
private_0x0000000000a00000 0x00a00000 0x00a3ffff Private Memory rw True False False -
private_0x0000000000ac0000 0x00ac0000 0x00afffff Private Memory rw True False False -
taskkill.exe 0x00b10000 0x00b25fff Memory Mapped File rwx False False False -
pagefile_0x0000000000b30000 0x00b30000 0x01f2ffff Pagefile Backed Memory r True False False -
private_0x0000000002000000 0x02000000 0x0203ffff Private Memory rw True False False -
private_0x0000000002050000 0x02050000 0x0208ffff Private Memory rw True False False -
private_0x00000000020d0000 0x020d0000 0x0210ffff Private Memory rw True False False -
sortdefault.nls 0x02110000 0x023defff Memory Mapped File r False False False -
private_0x0000000002460000 0x02460000 0x0249ffff Private Memory rw True False False -
ntdsapi.dll 0x74b50000 0x74b67fff Memory Mapped File rwx False False False -
fastprox.dll 0x74b70000 0x74c05fff Memory Mapped File rwx False False False -
wbemsvc.dll 0x74c10000 0x74c1efff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x74c20000 0x74c2dfff Memory Mapped File rwx False False False -
rsaenh.dll 0x74c30000 0x74c6afff Memory Mapped File rwx False False False -
cryptsp.dll 0x74c70000 0x74c85fff Memory Mapped File rwx False False False -
winsta.dll 0x74c90000 0x74cb8fff Memory Mapped File rwx False False False -
wbemcomn.dll 0x74cd0000 0x74d2bfff Memory Mapped File rwx False False False -
wbemprox.dll 0x74d80000 0x74d89fff Memory Mapped File rwx False False False -
dbghelp.dll 0x74d90000 0x74e7afff Memory Mapped File rwx False False False -
framedynos.dll 0x74ec0000 0x74ef4fff Memory Mapped File rwx False False False -
srvcli.dll 0x74f00000 0x74f18fff Memory Mapped File rwx False False False -
netapi32.dll 0x74f20000 0x74f30fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
wkscli.dll 0x750a0000 0x750aefff Memory Mapped File rwx False False False -
wtsapi32.dll 0x750b0000 0x750bcfff Memory Mapped File rwx False False False -
netutils.dll 0x750c0000 0x750c8fff Memory Mapped File rwx False False False -
mpr.dll 0x75160000 0x75171fff Memory Mapped File rwx False False False -
version.dll 0x75180000 0x75188fff Memory Mapped File rwx False False False -
secur32.dll 0x751c0000 0x751c7fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #17: cmd.exe
56 0
»
Information Value
ID #17
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c taskkill /F /IM w3wp.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:38, Reason: Child Process
Unmonitor End Time: 00:00:38, Reason: Self Terminated
Monitor Duration 00:00:00
OS Process Information
»
Information Value
PID 0x890
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 88C
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e1fff Pagefile Backed Memory rw True False False -
private_0x00000000000f0000 0x000f0000 0x000f0fff Private Memory rw True False False -
private_0x0000000000100000 0x00100000 0x0017ffff Private Memory rw True False False -
private_0x0000000000180000 0x00180000 0x00180fff Private Memory rw True False False -
private_0x00000000001f0000 0x001f0000 0x001fffff Private Memory rw True False False -
private_0x0000000000230000 0x00230000 0x0026ffff Private Memory rw True False False -
private_0x0000000000340000 0x00340000 0x0043ffff Private Memory rw True False False -
private_0x00000000004d0000 0x004d0000 0x005cffff Private Memory rw True False False -
pagefile_0x00000000005d0000 0x005d0000 0x00757fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000760000 0x00760000 0x008e0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000008f0000 0x008f0000 0x01ceffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001cf0000 0x01cf0000 0x02032fff Pagefile Backed Memory r True False False -
cmd.exe 0x4a150000 0x4a19bfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751b0000 0x751b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x88c
56 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:17 (UTC) True 1
Fn
System Get Time type = Ticks, time = 98904 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4a150000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000080 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #18: taskkill.exe
0 0
»
Information Value
ID #18
File Name c:\windows\syswow64\taskkill.exe
Command Line taskkill /F /IM w3wp.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:38, Reason: Child Process
Unmonitor End Time: 00:00:38, Reason: Self Terminated
Monitor Duration 00:00:00
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x884
Parent PID 0x890 (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 8E0
0x 820
0x 828
0x 8F0
0x 83C
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e1fff Pagefile Backed Memory rw True False False -
taskkill.exe.mui 0x000f0000 0x000f3fff Memory Mapped File rw False False False -
private_0x0000000000100000 0x00100000 0x00100fff Private Memory rw True False False -
private_0x0000000000110000 0x00110000 0x00110fff Private Memory rw True False False -
pagefile_0x0000000000120000 0x00120000 0x00120fff Pagefile Backed Memory r True False False -
private_0x0000000000130000 0x00130000 0x0016ffff Private Memory rw True False False -
pagefile_0x0000000000170000 0x00170000 0x00170fff Pagefile Backed Memory r True False False -
private_0x0000000000180000 0x00180000 0x001bffff Private Memory rw True False False -
private_0x0000000000210000 0x00210000 0x0024ffff Private Memory rw True False False -
kernelbase.dll.mui 0x00250000 0x0030ffff Memory Mapped File rw False False False -
private_0x0000000000320000 0x00320000 0x0035ffff Private Memory rw True False False -
private_0x0000000000360000 0x00360000 0x0039ffff Private Memory rw True False False -
private_0x00000000003c0000 0x003c0000 0x003cffff Private Memory rw True False False -
private_0x00000000003d0000 0x003d0000 0x0044ffff Private Memory rw True False False -
private_0x0000000000530000 0x00530000 0x0056ffff Private Memory rw True False False -
private_0x0000000000580000 0x00580000 0x005bffff Private Memory rw True False False -
private_0x00000000005d0000 0x005d0000 0x006cffff Private Memory rw True False False -
pagefile_0x00000000006d0000 0x006d0000 0x00857fff Pagefile Backed Memory r True False False -
private_0x0000000000880000 0x00880000 0x008bffff Private Memory rw True False False -
private_0x0000000000910000 0x00910000 0x0094ffff Private Memory rw True False False -
taskkill.exe 0x00960000 0x00975fff Memory Mapped File rwx False False False -
pagefile_0x0000000000980000 0x00980000 0x00b00fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000b10000 0x00b10000 0x01f0ffff Pagefile Backed Memory r True False False -
private_0x0000000001f10000 0x01f10000 0x0200ffff Private Memory rw True False False -
private_0x0000000002030000 0x02030000 0x0206ffff Private Memory rw True False False -
private_0x0000000002090000 0x02090000 0x020cffff Private Memory rw True False False -
private_0x00000000020e0000 0x020e0000 0x0211ffff Private Memory rw True False False -
sortdefault.nls 0x02120000 0x023eefff Memory Mapped File r False False False -
fastprox.dll 0x74b30000 0x74bc5fff Memory Mapped File rwx False False False -
dbghelp.dll 0x74bd0000 0x74cbafff Memory Mapped File rwx False False False -
ntdsapi.dll 0x74cf0000 0x74d07fff Memory Mapped File rwx False False False -
wbemsvc.dll 0x74d10000 0x74d1efff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x74d20000 0x74d2dfff Memory Mapped File rwx False False False -
rsaenh.dll 0x74d80000 0x74dbafff Memory Mapped File rwx False False False -
cryptsp.dll 0x74dc0000 0x74dd5fff Memory Mapped File rwx False False False -
winsta.dll 0x74de0000 0x74e08fff Memory Mapped File rwx False False False -
wbemcomn.dll 0x74e10000 0x74e6bfff Memory Mapped File rwx False False False -
wbemprox.dll 0x74e70000 0x74e79fff Memory Mapped File rwx False False False -
wkscli.dll 0x74ec0000 0x74ecefff Memory Mapped File rwx False False False -
srvcli.dll 0x74ed0000 0x74ee8fff Memory Mapped File rwx False False False -
netutils.dll 0x74ef0000 0x74ef8fff Memory Mapped File rwx False False False -
framedynos.dll 0x74f00000 0x74f34fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
netapi32.dll 0x750a0000 0x750b0fff Memory Mapped File rwx False False False -
wtsapi32.dll 0x750c0000 0x750ccfff Memory Mapped File rwx False False False -
secur32.dll 0x75160000 0x75167fff Memory Mapped File rwx False False False -
mpr.dll 0x75170000 0x75181fff Memory Mapped File rwx False False False -
version.dll 0x751c0000 0x751c8fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #19: cmd.exe
56 0
»
Information Value
ID #19
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c taskkill /F /IM sqlagent.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:38, Reason: Child Process
Unmonitor End Time: 00:00:38, Reason: Self Terminated
Monitor Duration 00:00:00
OS Process Information
»
Information Value
PID 0x3a0
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 8FC
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000070000 0x00070000 0x00071fff Pagefile Backed Memory rw True False False -
private_0x0000000000080000 0x00080000 0x00080fff Private Memory rw True False False -
private_0x0000000000090000 0x00090000 0x000cffff Private Memory rw True False False -
locale.nls 0x000d0000 0x00136fff Memory Mapped File r False False False -
private_0x0000000000140000 0x00140000 0x00140fff Private Memory rw True False False -
private_0x00000000001f0000 0x001f0000 0x002effff Private Memory rw True False False -
private_0x00000000003c0000 0x003c0000 0x0043ffff Private Memory rw True False False -
private_0x0000000000510000 0x00510000 0x0060ffff Private Memory rw True False False -
private_0x0000000000790000 0x00790000 0x0079ffff Private Memory rw True False False -
pagefile_0x00000000007a0000 0x007a0000 0x00927fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000930000 0x00930000 0x00ab0fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000ac0000 0x00ac0000 0x01ebffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001ec0000 0x01ec0000 0x02202fff Pagefile Backed Memory r True False False -
cmd.exe 0x4a100000 0x4a14bfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751b0000 0x751b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x8fc
56 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:17 (UTC) True 1
Fn
System Get Time type = Ticks, time = 99169 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4a100000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000080 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #20: taskkill.exe
0 0
»
Information Value
ID #20
File Name c:\windows\syswow64\taskkill.exe
Command Line taskkill /F /IM sqlagent.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:38, Reason: Child Process
Unmonitor End Time: 00:00:38, Reason: Self Terminated
Monitor Duration 00:00:00
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x900
Parent PID 0x3a0 (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 51C
0x 904
0x 518
0x 764
0x 73C
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e1fff Pagefile Backed Memory rw True False False -
taskkill.exe.mui 0x000f0000 0x000f3fff Memory Mapped File rw False False False -
private_0x0000000000100000 0x00100000 0x00100fff Private Memory rw True False False -
private_0x0000000000110000 0x00110000 0x0014ffff Private Memory rw True False False -
private_0x0000000000150000 0x00150000 0x00150fff Private Memory rw True False False -
pagefile_0x0000000000160000 0x00160000 0x00160fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000170000 0x00170000 0x00170fff Pagefile Backed Memory r True False False -
private_0x0000000000190000 0x00190000 0x0019ffff Private Memory rw True False False -
private_0x00000000001a0000 0x001a0000 0x001dffff Private Memory rw True False False -
kernelbase.dll.mui 0x001e0000 0x0029ffff Memory Mapped File rw False False False -
private_0x00000000002e0000 0x002e0000 0x0035ffff Private Memory rw True False False -
private_0x00000000003d0000 0x003d0000 0x0040ffff Private Memory rw True False False -
private_0x0000000000410000 0x00410000 0x0044ffff Private Memory rw True False False -
private_0x0000000000460000 0x00460000 0x0055ffff Private Memory rw True False False -
pagefile_0x0000000000560000 0x00560000 0x006e7fff Pagefile Backed Memory r True False False -
pagefile_0x00000000006f0000 0x006f0000 0x00870fff Pagefile Backed Memory r True False False -
private_0x00000000008c0000 0x008c0000 0x008fffff Private Memory rw True False False -
private_0x0000000000930000 0x00930000 0x0096ffff Private Memory rw True False False -
private_0x0000000000970000 0x00970000 0x00a6ffff Private Memory rw True False False -
private_0x0000000000a70000 0x00a70000 0x00aaffff Private Memory rw True False False -
sortdefault.nls 0x00ab0000 0x00d7efff Memory Mapped File r False False False -
private_0x0000000000d80000 0x00d80000 0x00dbffff Private Memory rw True False False -
taskkill.exe 0x00dc0000 0x00dd5fff Memory Mapped File rwx False False False -
pagefile_0x0000000000de0000 0x00de0000 0x021dffff Pagefile Backed Memory r True False False -
private_0x00000000021f0000 0x021f0000 0x0222ffff Private Memory rw True False False -
private_0x00000000022d0000 0x022d0000 0x0230ffff Private Memory rw True False False -
private_0x0000000002370000 0x02370000 0x023affff Private Memory rw True False False -
private_0x00000000023c0000 0x023c0000 0x023fffff Private Memory rw True False False -
ntdsapi.dll 0x74b50000 0x74b67fff Memory Mapped File rwx False False False -
fastprox.dll 0x74b70000 0x74c05fff Memory Mapped File rwx False False False -
wbemsvc.dll 0x74c10000 0x74c1efff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x74c20000 0x74c2dfff Memory Mapped File rwx False False False -
rsaenh.dll 0x74c30000 0x74c6afff Memory Mapped File rwx False False False -
cryptsp.dll 0x74c70000 0x74c85fff Memory Mapped File rwx False False False -
winsta.dll 0x74c90000 0x74cb8fff Memory Mapped File rwx False False False -
wbemcomn.dll 0x74cd0000 0x74d2bfff Memory Mapped File rwx False False False -
wbemprox.dll 0x74d80000 0x74d89fff Memory Mapped File rwx False False False -
dbghelp.dll 0x74d90000 0x74e7afff Memory Mapped File rwx False False False -
framedynos.dll 0x74ec0000 0x74ef4fff Memory Mapped File rwx False False False -
srvcli.dll 0x74f00000 0x74f18fff Memory Mapped File rwx False False False -
netapi32.dll 0x74f20000 0x74f30fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
wkscli.dll 0x750a0000 0x750aefff Memory Mapped File rwx False False False -
wtsapi32.dll 0x750b0000 0x750bcfff Memory Mapped File rwx False False False -
netutils.dll 0x750c0000 0x750c8fff Memory Mapped File rwx False False False -
mpr.dll 0x75160000 0x75171fff Memory Mapped File rwx False False False -
version.dll 0x75180000 0x75188fff Memory Mapped File rwx False False False -
secur32.dll 0x751c0000 0x751c7fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #21: cmd.exe
56 0
»
Information Value
ID #21
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c taskkill /F /IM fdhost.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:38, Reason: Child Process
Unmonitor End Time: 00:00:39, Reason: Self Terminated
Monitor Duration 00:00:01
OS Process Information
»
Information Value
PID 0x700
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 6BC
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000070000 0x00070000 0x00071fff Pagefile Backed Memory rw True False False -
private_0x0000000000080000 0x00080000 0x00080fff Private Memory rw True False False -
private_0x0000000000090000 0x00090000 0x00090fff Private Memory rw True False False -
private_0x00000000000b0000 0x000b0000 0x000effff Private Memory rw True False False -
locale.nls 0x000f0000 0x00156fff Memory Mapped File r False False False -
private_0x0000000000190000 0x00190000 0x0028ffff Private Memory rw True False False -
private_0x0000000000390000 0x00390000 0x0040ffff Private Memory rw True False False -
private_0x0000000000510000 0x00510000 0x0060ffff Private Memory rw True False False -
private_0x0000000000750000 0x00750000 0x0075ffff Private Memory rw True False False -
pagefile_0x0000000000760000 0x00760000 0x008e7fff Pagefile Backed Memory r True False False -
pagefile_0x00000000008f0000 0x008f0000 0x00a70fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000a80000 0x00a80000 0x01e7ffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001e80000 0x01e80000 0x021c2fff Pagefile Backed Memory r True False False -
cmd.exe 0x4aa10000 0x4aa5bfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751b0000 0x751b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x6bc
56 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:17 (UTC) True 1
Fn
System Get Time type = Ticks, time = 99450 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4aa10000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000080 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #22: taskkill.exe
0 0
»
Information Value
ID #22
File Name c:\windows\syswow64\taskkill.exe
Command Line taskkill /F /IM fdhost.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:38, Reason: Child Process
Unmonitor End Time: 00:00:39, Reason: Self Terminated
Monitor Duration 00:00:01
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x5f8
Parent PID 0x700 (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 8B8
0x 918
0x 8B4
0x 8DC
0x 8A8
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
private_0x0000000000070000 0x00070000 0x000affff Private Memory rw True False False -
pagefile_0x00000000000b0000 0x000b0000 0x000b1fff Pagefile Backed Memory rw True False False -
taskkill.exe.mui 0x000c0000 0x000c3fff Memory Mapped File rw False False False -
private_0x00000000000d0000 0x000d0000 0x000d0fff Private Memory rw True False False -
private_0x00000000000e0000 0x000e0000 0x000e0fff Private Memory rw True False False -
pagefile_0x00000000000f0000 0x000f0000 0x000f0fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000100000 0x00100000 0x00100fff Pagefile Backed Memory r True False False -
private_0x0000000000110000 0x00110000 0x0014ffff Private Memory rw True False False -
private_0x0000000000160000 0x00160000 0x001dffff Private Memory rw True False False -
private_0x00000000001f0000 0x001f0000 0x002effff Private Memory rw True False False -
locale.nls 0x002f0000 0x00356fff Memory Mapped File r False False False -
kernelbase.dll.mui 0x00360000 0x0041ffff Memory Mapped File rw False False False -
private_0x0000000000450000 0x00450000 0x0048ffff Private Memory rw True False False -
private_0x00000000004d0000 0x004d0000 0x004dffff Private Memory rw True False False -
private_0x00000000004f0000 0x004f0000 0x0052ffff Private Memory rw True False False -
private_0x0000000000530000 0x00530000 0x0056ffff Private Memory rw True False False -
private_0x00000000005c0000 0x005c0000 0x005fffff Private Memory rw True False False -
taskkill.exe 0x00650000 0x00665fff Memory Mapped File rwx False False False -
pagefile_0x0000000000670000 0x00670000 0x007f7fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000800000 0x00800000 0x00980fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000990000 0x00990000 0x01d8ffff Pagefile Backed Memory r True False False -
private_0x0000000001d90000 0x01d90000 0x01e8ffff Private Memory rw True False False -
private_0x0000000001ef0000 0x01ef0000 0x01f2ffff Private Memory rw True False False -
private_0x0000000001f80000 0x01f80000 0x01fbffff Private Memory rw True False False -
sortdefault.nls 0x01fc0000 0x0228efff Memory Mapped File r False False False -
private_0x00000000022d0000 0x022d0000 0x0230ffff Private Memory rw True False False -
private_0x0000000002310000 0x02310000 0x0234ffff Private Memory rw True False False -
private_0x00000000023c0000 0x023c0000 0x023fffff Private Memory rw True False False -
private_0x0000000002420000 0x02420000 0x0245ffff Private Memory rw True False False -
fastprox.dll 0x74b30000 0x74bc5fff Memory Mapped File rwx False False False -
dbghelp.dll 0x74bd0000 0x74cbafff Memory Mapped File rwx False False False -
ntdsapi.dll 0x74cf0000 0x74d07fff Memory Mapped File rwx False False False -
wbemsvc.dll 0x74d10000 0x74d1efff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x74d20000 0x74d2dfff Memory Mapped File rwx False False False -
rsaenh.dll 0x74d80000 0x74dbafff Memory Mapped File rwx False False False -
cryptsp.dll 0x74dc0000 0x74dd5fff Memory Mapped File rwx False False False -
winsta.dll 0x74de0000 0x74e08fff Memory Mapped File rwx False False False -
wbemcomn.dll 0x74e10000 0x74e6bfff Memory Mapped File rwx False False False -
wbemprox.dll 0x74e70000 0x74e79fff Memory Mapped File rwx False False False -
wkscli.dll 0x74ec0000 0x74ecefff Memory Mapped File rwx False False False -
srvcli.dll 0x74ed0000 0x74ee8fff Memory Mapped File rwx False False False -
netutils.dll 0x74ef0000 0x74ef8fff Memory Mapped File rwx False False False -
framedynos.dll 0x74f00000 0x74f34fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
netapi32.dll 0x750a0000 0x750b0fff Memory Mapped File rwx False False False -
wtsapi32.dll 0x750c0000 0x750ccfff Memory Mapped File rwx False False False -
secur32.dll 0x75160000 0x75167fff Memory Mapped File rwx False False False -
mpr.dll 0x75170000 0x75181fff Memory Mapped File rwx False False False -
version.dll 0x751c0000 0x751c8fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #23: cmd.exe
56 0
»
Information Value
ID #23
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c taskkill /F /IM fdlauncher.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:39, Reason: Child Process
Unmonitor End Time: 00:00:39, Reason: Self Terminated
Monitor Duration 00:00:00
OS Process Information
»
Information Value
PID 0x8b0
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 8A4
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000070000 0x00070000 0x00071fff Pagefile Backed Memory rw True False False -
private_0x0000000000080000 0x00080000 0x00080fff Private Memory rw True False False -
private_0x0000000000090000 0x00090000 0x00090fff Private Memory rw True False False -
private_0x00000000000d0000 0x000d0000 0x0010ffff Private Memory rw True False False -
private_0x0000000000120000 0x00120000 0x0019ffff Private Memory rw True False False -
private_0x00000000001b0000 0x001b0000 0x002affff Private Memory rw True False False -
private_0x00000000002b0000 0x002b0000 0x003affff Private Memory rw True False False -
locale.nls 0x003b0000 0x00416fff Memory Mapped File r False False False -
private_0x0000000000570000 0x00570000 0x0057ffff Private Memory rw True False False -
pagefile_0x0000000000580000 0x00580000 0x00707fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000710000 0x00710000 0x00890fff Pagefile Backed Memory r True False False -
pagefile_0x00000000008a0000 0x008a0000 0x01c9ffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001ca0000 0x01ca0000 0x01fe2fff Pagefile Backed Memory r True False False -
cmd.exe 0x4ac80000 0x4accbfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751b0000 0x751b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x8a4
56 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:18 (UTC) True 1
Fn
System Get Time type = Ticks, time = 99731 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4ac80000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000080 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #24: taskkill.exe
0 0
»
Information Value
ID #24
File Name c:\windows\syswow64\taskkill.exe
Command Line taskkill /F /IM fdlauncher.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:39, Reason: Child Process
Unmonitor End Time: 00:00:39, Reason: Self Terminated
Monitor Duration 00:00:00
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x91c
Parent PID 0x8b0 (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 8D8
0x 8CC
0x 8D0
0x 8D4
0x 8C8
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e1fff Pagefile Backed Memory rw True False False -
private_0x00000000000f0000 0x000f0000 0x0012ffff Private Memory rw True False False -
taskkill.exe.mui 0x00130000 0x00133fff Memory Mapped File rw False False False -
private_0x0000000000140000 0x00140000 0x00140fff Private Memory rw True False False -
private_0x0000000000150000 0x00150000 0x0018ffff Private Memory rw True False False -
private_0x0000000000190000 0x00190000 0x00190fff Private Memory rw True False False -
pagefile_0x00000000001a0000 0x001a0000 0x001a0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000001b0000 0x001b0000 0x001b0fff Pagefile Backed Memory r True False False -
private_0x00000000001e0000 0x001e0000 0x0021ffff Private Memory rw True False False -
private_0x0000000000240000 0x00240000 0x0024ffff Private Memory rw True False False -
private_0x0000000000270000 0x00270000 0x002affff Private Memory rw True False False -
private_0x0000000000300000 0x00300000 0x0037ffff Private Memory rw True False False -
private_0x00000000003a0000 0x003a0000 0x003dffff Private Memory rw True False False -
private_0x0000000000400000 0x00400000 0x0043ffff Private Memory rw True False False -
private_0x0000000000440000 0x00440000 0x0047ffff Private Memory rw True False False -
private_0x0000000000480000 0x00480000 0x004bffff Private Memory rw True False False -
private_0x00000000004f0000 0x004f0000 0x005effff Private Memory rw True False False -
pagefile_0x00000000005f0000 0x005f0000 0x00777fff Pagefile Backed Memory r True False False -
kernelbase.dll.mui 0x00780000 0x0083ffff Memory Mapped File rw False False False -
private_0x00000000008a0000 0x008a0000 0x008dffff Private Memory rw True False False -
taskkill.exe 0x008f0000 0x00905fff Memory Mapped File rwx False False False -
pagefile_0x0000000000910000 0x00910000 0x00a90fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000aa0000 0x00aa0000 0x01e9ffff Pagefile Backed Memory r True False False -
private_0x0000000001ea0000 0x01ea0000 0x01f9ffff Private Memory rw True False False -
private_0x0000000001fa0000 0x01fa0000 0x01fdffff Private Memory rw True False False -
sortdefault.nls 0x01fe0000 0x022aefff Memory Mapped File r False False False -
private_0x00000000022d0000 0x022d0000 0x0230ffff Private Memory rw True False False -
private_0x0000000002400000 0x02400000 0x0243ffff Private Memory rw True False False -
ntdsapi.dll 0x74b50000 0x74b67fff Memory Mapped File rwx False False False -
fastprox.dll 0x74b70000 0x74c05fff Memory Mapped File rwx False False False -
wbemsvc.dll 0x74c10000 0x74c1efff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x74c20000 0x74c2dfff Memory Mapped File rwx False False False -
rsaenh.dll 0x74c30000 0x74c6afff Memory Mapped File rwx False False False -
cryptsp.dll 0x74c70000 0x74c85fff Memory Mapped File rwx False False False -
winsta.dll 0x74c90000 0x74cb8fff Memory Mapped File rwx False False False -
wbemcomn.dll 0x74cd0000 0x74d2bfff Memory Mapped File rwx False False False -
wbemprox.dll 0x74d80000 0x74d89fff Memory Mapped File rwx False False False -
dbghelp.dll 0x74d90000 0x74e7afff Memory Mapped File rwx False False False -
framedynos.dll 0x74ec0000 0x74ef4fff Memory Mapped File rwx False False False -
srvcli.dll 0x74f00000 0x74f18fff Memory Mapped File rwx False False False -
netapi32.dll 0x74f20000 0x74f30fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
wkscli.dll 0x750a0000 0x750aefff Memory Mapped File rwx False False False -
wtsapi32.dll 0x750b0000 0x750bcfff Memory Mapped File rwx False False False -
netutils.dll 0x750c0000 0x750c8fff Memory Mapped File rwx False False False -
mpr.dll 0x75160000 0x75171fff Memory Mapped File rwx False False False -
version.dll 0x75180000 0x75188fff Memory Mapped File rwx False False False -
secur32.dll 0x751c0000 0x751c7fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #25: cmd.exe
56 0
»
Information Value
ID #25
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c taskkill /F /IM reportingservicesservice.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:39, Reason: Child Process
Unmonitor End Time: 00:00:39, Reason: Self Terminated
Monitor Duration 00:00:00
OS Process Information
»
Information Value
PID 0x8c4
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 92C
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000070000 0x00070000 0x00071fff Pagefile Backed Memory rw True False False -
private_0x0000000000080000 0x00080000 0x00080fff Private Memory rw True False False -
private_0x0000000000090000 0x00090000 0x000cffff Private Memory rw True False False -
locale.nls 0x000d0000 0x00136fff Memory Mapped File r False False False -
private_0x0000000000140000 0x00140000 0x00140fff Private Memory rw True False False -
private_0x0000000000150000 0x00150000 0x0024ffff Private Memory rw True False False -
private_0x0000000000330000 0x00330000 0x0033ffff Private Memory rw True False False -
private_0x0000000000430000 0x00430000 0x004affff Private Memory rw True False False -
pagefile_0x00000000004b0000 0x004b0000 0x00637fff Pagefile Backed Memory r True False False -
private_0x0000000000690000 0x00690000 0x0078ffff Private Memory rw True False False -
pagefile_0x0000000000790000 0x00790000 0x00910fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000920000 0x00920000 0x01d1ffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001d20000 0x01d20000 0x02062fff Pagefile Backed Memory r True False False -
cmd.exe 0x4a630000 0x4a67bfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751b0000 0x751b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x92c
56 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:18 (UTC) True 1
Fn
System Get Time type = Ticks, time = 99996 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4a630000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000080 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #26: taskkill.exe
0 0
»
Information Value
ID #26
File Name c:\windows\syswow64\taskkill.exe
Command Line taskkill /F /IM reportingservicesservice.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:39, Reason: Child Process
Unmonitor End Time: 00:00:39, Reason: Self Terminated
Monitor Duration 00:00:00
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x928
Parent PID 0x8c4 (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 924
0x 920
0x 914
0x 90C
0x 910
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000070000 0x00070000 0x00071fff Pagefile Backed Memory rw True False False -
taskkill.exe.mui 0x00080000 0x00083fff Memory Mapped File rw False False False -
private_0x0000000000090000 0x00090000 0x00090fff Private Memory rw True False False -
private_0x00000000000a0000 0x000a0000 0x000a0fff Private Memory rw True False False -
pagefile_0x00000000000b0000 0x000b0000 0x000b0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000000c0000 0x000c0000 0x000c0fff Pagefile Backed Memory r True False False -
private_0x00000000000d0000 0x000d0000 0x0010ffff Private Memory rw True False False -
locale.nls 0x00110000 0x00176fff Memory Mapped File r False False False -
private_0x00000000001a0000 0x001a0000 0x001dffff Private Memory rw True False False -
private_0x0000000000200000 0x00200000 0x0023ffff Private Memory rw True False False -
private_0x0000000000280000 0x00280000 0x002bffff Private Memory rw True False False -
private_0x00000000002d0000 0x002d0000 0x002dffff Private Memory rw True False False -
private_0x0000000000300000 0x00300000 0x0033ffff Private Memory rw True False False -
taskkill.exe 0x00360000 0x00375fff Memory Mapped File rwx False False False -
pagefile_0x0000000000380000 0x00380000 0x00507fff Pagefile Backed Memory r True False False -
private_0x0000000000520000 0x00520000 0x0059ffff Private Memory rw True False False -
pagefile_0x00000000005a0000 0x005a0000 0x00720fff Pagefile Backed Memory r True False False -
private_0x0000000000740000 0x00740000 0x0083ffff Private Memory rw True False False -
pagefile_0x0000000000840000 0x00840000 0x01c3ffff Pagefile Backed Memory r True False False -
private_0x0000000001c80000 0x01c80000 0x01cbffff Private Memory rw True False False -
private_0x0000000001cf0000 0x01cf0000 0x01d2ffff Private Memory rw True False False -
kernelbase.dll.mui 0x01d30000 0x01deffff Memory Mapped File rw False False False -
private_0x0000000001e60000 0x01e60000 0x01e9ffff Private Memory rw True False False -
private_0x0000000001ea0000 0x01ea0000 0x01edffff Private Memory rw True False False -
private_0x0000000001ee0000 0x01ee0000 0x01fdffff Private Memory rw True False False -
sortdefault.nls 0x01fe0000 0x022aefff Memory Mapped File r False False False -
private_0x00000000022c0000 0x022c0000 0x022fffff Private Memory rw True False False -
private_0x0000000002300000 0x02300000 0x0233ffff Private Memory rw True False False -
private_0x0000000002380000 0x02380000 0x023bffff Private Memory rw True False False -
fastprox.dll 0x74b30000 0x74bc5fff Memory Mapped File rwx False False False -
dbghelp.dll 0x74bd0000 0x74cbafff Memory Mapped File rwx False False False -
ntdsapi.dll 0x74cf0000 0x74d07fff Memory Mapped File rwx False False False -
wbemsvc.dll 0x74d10000 0x74d1efff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x74d20000 0x74d2dfff Memory Mapped File rwx False False False -
rsaenh.dll 0x74d80000 0x74dbafff Memory Mapped File rwx False False False -
cryptsp.dll 0x74dc0000 0x74dd5fff Memory Mapped File rwx False False False -
winsta.dll 0x74de0000 0x74e08fff Memory Mapped File rwx False False False -
wbemcomn.dll 0x74e10000 0x74e6bfff Memory Mapped File rwx False False False -
wbemprox.dll 0x74e70000 0x74e79fff Memory Mapped File rwx False False False -
wkscli.dll 0x74ec0000 0x74ecefff Memory Mapped File rwx False False False -
srvcli.dll 0x74ed0000 0x74ee8fff Memory Mapped File rwx False False False -
netutils.dll 0x74ef0000 0x74ef8fff Memory Mapped File rwx False False False -
framedynos.dll 0x74f00000 0x74f34fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
netapi32.dll 0x750a0000 0x750b0fff Memory Mapped File rwx False False False -
wtsapi32.dll 0x750c0000 0x750ccfff Memory Mapped File rwx False False False -
secur32.dll 0x75160000 0x75167fff Memory Mapped File rwx False False False -
mpr.dll 0x75170000 0x75181fff Memory Mapped File rwx False False False -
version.dll 0x751c0000 0x751c8fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #27: cmd.exe
56 0
»
Information Value
ID #27
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c taskkill /F /IM omtsreco.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:39, Reason: Child Process
Unmonitor End Time: 00:00:40, Reason: Self Terminated
Monitor Duration 00:00:01
OS Process Information
»
Information Value
PID 0x93c
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 940
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
private_0x0000000000070000 0x00070000 0x0016ffff Private Memory rw True False False -
pagefile_0x0000000000170000 0x00170000 0x00171fff Pagefile Backed Memory rw True False False -
private_0x0000000000180000 0x00180000 0x00180fff Private Memory rw True False False -
private_0x0000000000190000 0x00190000 0x00190fff Private Memory rw True False False -
private_0x00000000001d0000 0x001d0000 0x0020ffff Private Memory rw True False False -
locale.nls 0x00210000 0x00276fff Memory Mapped File r False False False -
private_0x00000000003c0000 0x003c0000 0x0043ffff Private Memory rw True False False -
private_0x00000000005c0000 0x005c0000 0x005cffff Private Memory rw True False False -
private_0x00000000005f0000 0x005f0000 0x006effff Private Memory rw True False False -
pagefile_0x00000000006f0000 0x006f0000 0x00877fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000880000 0x00880000 0x00a00fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000a10000 0x00a10000 0x01e0ffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001e10000 0x01e10000 0x02152fff Pagefile Backed Memory r True False False -
cmd.exe 0x4a370000 0x4a3bbfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751b0000 0x751b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x940
56 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:18 (UTC) True 1
Fn
System Get Time type = Ticks, time = 100371 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4a370000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000080 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #28: taskkill.exe
0 0
»
Information Value
ID #28
File Name c:\windows\syswow64\taskkill.exe
Command Line taskkill /F /IM omtsreco.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:39, Reason: Child Process
Unmonitor End Time: 00:00:39, Reason: Self Terminated
Monitor Duration 00:00:00
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x934
Parent PID 0x93c (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 938
0x 930
0x 958
0x 320
0x 244
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
private_0x0000000000030000 0x00030000 0x0003ffff Private Memory rw True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
private_0x0000000000050000 0x00050000 0x0008ffff Private Memory rw True False False -
pagefile_0x0000000000090000 0x00090000 0x00093fff Pagefile Backed Memory r True False False -
pagefile_0x00000000000a0000 0x000a0000 0x000a0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000000b0000 0x000b0000 0x000b6fff Pagefile Backed Memory r True False False -
pagefile_0x00000000000c0000 0x000c0000 0x000c1fff Pagefile Backed Memory rw True False False -
private_0x00000000000d0000 0x000d0000 0x0010ffff Private Memory rw True False False -
locale.nls 0x00110000 0x00176fff Memory Mapped File r False False False -
taskkill.exe.mui 0x00180000 0x00183fff Memory Mapped File rw False False False -
private_0x0000000000190000 0x00190000 0x0020ffff Private Memory rw True False False -
private_0x0000000000210000 0x00210000 0x00210fff Private Memory rw True False False -
private_0x0000000000220000 0x00220000 0x00220fff Private Memory rw True False False -
pagefile_0x0000000000230000 0x00230000 0x00230fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000240000 0x00240000 0x00240fff Pagefile Backed Memory r True False False -
private_0x0000000000250000 0x00250000 0x0028ffff Private Memory rw True False False -
private_0x0000000000290000 0x00290000 0x0038ffff Private Memory rw True False False -
pagefile_0x0000000000390000 0x00390000 0x00517fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000520000 0x00520000 0x006a0fff Pagefile Backed Memory r True False False -
kernelbase.dll.mui 0x006b0000 0x0076ffff Memory Mapped File rw False False False -
private_0x0000000000790000 0x00790000 0x007cffff Private Memory rw True False False -
private_0x0000000000800000 0x00800000 0x0083ffff Private Memory rw True False False -
private_0x00000000008a0000 0x008a0000 0x008dffff Private Memory rw True False False -
private_0x00000000008e0000 0x008e0000 0x009dffff Private Memory rw True False False -
private_0x00000000009e0000 0x009e0000 0x00a1ffff Private Memory rw True False False -
sortdefault.nls 0x00a20000 0x00ceefff Memory Mapped File r False False False -
private_0x0000000000cf0000 0x00cf0000 0x00d2ffff Private Memory rw True False False -
taskkill.exe 0x00d40000 0x00d55fff Memory Mapped File rwx False False False -
pagefile_0x0000000000d60000 0x00d60000 0x0215ffff Pagefile Backed Memory r True False False -
private_0x0000000002160000 0x02160000 0x0219ffff Private Memory rw True False False -
private_0x0000000002240000 0x02240000 0x0227ffff Private Memory rw True False False -
private_0x0000000002290000 0x02290000 0x022cffff Private Memory rw True False False -
private_0x00000000023e0000 0x023e0000 0x0241ffff Private Memory rw True False False -
ntdsapi.dll 0x74b50000 0x74b67fff Memory Mapped File rwx False False False -
fastprox.dll 0x74b70000 0x74c05fff Memory Mapped File rwx False False False -
wbemsvc.dll 0x74c10000 0x74c1efff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x74c20000 0x74c2dfff Memory Mapped File rwx False False False -
rsaenh.dll 0x74c30000 0x74c6afff Memory Mapped File rwx False False False -
cryptsp.dll 0x74c70000 0x74c85fff Memory Mapped File rwx False False False -
winsta.dll 0x74c90000 0x74cb8fff Memory Mapped File rwx False False False -
wbemcomn.dll 0x74cd0000 0x74d2bfff Memory Mapped File rwx False False False -
wbemprox.dll 0x74d80000 0x74d89fff Memory Mapped File rwx False False False -
dbghelp.dll 0x74d90000 0x74e7afff Memory Mapped File rwx False False False -
framedynos.dll 0x74ec0000 0x74ef4fff Memory Mapped File rwx False False False -
srvcli.dll 0x74f00000 0x74f18fff Memory Mapped File rwx False False False -
netapi32.dll 0x74f20000 0x74f30fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
wkscli.dll 0x750a0000 0x750aefff Memory Mapped File rwx False False False -
wtsapi32.dll 0x750b0000 0x750bcfff Memory Mapped File rwx False False False -
netutils.dll 0x750c0000 0x750c8fff Memory Mapped File rwx False False False -
mpr.dll 0x75160000 0x75171fff Memory Mapped File rwx False False False -
version.dll 0x75180000 0x75188fff Memory Mapped File rwx False False False -
secur32.dll 0x751c0000 0x751c7fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #29: cmd.exe
56 0
»
Information Value
ID #29
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c taskkill /F /IM tnslsnr.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:39, Reason: Child Process
Unmonitor End Time: 00:00:40, Reason: Self Terminated
Monitor Duration 00:00:01
OS Process Information
»
Information Value
PID 0x978
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 7E8
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e1fff Pagefile Backed Memory rw True False False -
private_0x00000000000f0000 0x000f0000 0x000f0fff Private Memory rw True False False -
private_0x0000000000100000 0x00100000 0x00100fff Private Memory rw True False False -
private_0x0000000000130000 0x00130000 0x0022ffff Private Memory rw True False False -
private_0x0000000000230000 0x00230000 0x0026ffff Private Memory rw True False False -
private_0x0000000000380000 0x00380000 0x003fffff Private Memory rw True False False -
private_0x0000000000510000 0x00510000 0x0060ffff Private Memory rw True False False -
private_0x0000000000720000 0x00720000 0x0072ffff Private Memory rw True False False -
pagefile_0x0000000000730000 0x00730000 0x008b7fff Pagefile Backed Memory r True False False -
pagefile_0x00000000008c0000 0x008c0000 0x00a40fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000a50000 0x00a50000 0x01e4ffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001e50000 0x01e50000 0x02192fff Pagefile Backed Memory r True False False -
cmd.exe 0x4ab20000 0x4ab6bfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751b0000 0x751b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x7e8
56 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:19 (UTC) True 1
Fn
System Get Time type = Ticks, time = 100683 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4ab20000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000080 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #30: taskkill.exe
0 0
»
Information Value
ID #30
File Name c:\windows\syswow64\taskkill.exe
Command Line taskkill /F /IM tnslsnr.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:40, Reason: Child Process
Unmonitor End Time: 00:00:40, Reason: Self Terminated
Monitor Duration 00:00:00
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x974
Parent PID 0x978 (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 968
0x 418
0x 7F0
0x 880
0x 7EC
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
private_0x0000000000050000 0x00050000 0x0008ffff Private Memory rw True False False -
pagefile_0x0000000000090000 0x00090000 0x00093fff Pagefile Backed Memory r True False False -
pagefile_0x00000000000a0000 0x000a0000 0x000a0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000000b0000 0x000b0000 0x000b1fff Pagefile Backed Memory rw True False False -
taskkill.exe.mui 0x000c0000 0x000c3fff Memory Mapped File rw False False False -
private_0x00000000000d0000 0x000d0000 0x000d0fff Private Memory rw True False False -
private_0x00000000000e0000 0x000e0000 0x000e0fff Private Memory rw True False False -
private_0x00000000000f0000 0x000f0000 0x0012ffff Private Memory rw True False False -
pagefile_0x0000000000130000 0x00130000 0x00130fff Pagefile Backed Memory r True False False -
private_0x0000000000140000 0x00140000 0x001bffff Private Memory rw True False False -
pagefile_0x00000000001c0000 0x001c0000 0x001c0fff Pagefile Backed Memory r True False False -
private_0x00000000001d0000 0x001d0000 0x002cffff Private Memory rw True False False -
locale.nls 0x002d0000 0x00336fff Memory Mapped File r False False False -
pagefile_0x0000000000340000 0x00340000 0x004c7fff Pagefile Backed Memory r True False False -
private_0x00000000004d0000 0x004d0000 0x0050ffff Private Memory rw True False False -
private_0x0000000000530000 0x00530000 0x0053ffff Private Memory rw True False False -
pagefile_0x0000000000540000 0x00540000 0x006c0fff Pagefile Backed Memory r True False False -
kernelbase.dll.mui 0x006d0000 0x0078ffff Memory Mapped File rw False False False -
private_0x0000000000790000 0x00790000 0x007cffff Private Memory rw True False False -
private_0x0000000000800000 0x00800000 0x0083ffff Private Memory rw True False False -
private_0x0000000000840000 0x00840000 0x0093ffff Private Memory rw True False False -
private_0x0000000000960000 0x00960000 0x0099ffff Private Memory rw True False False -
private_0x00000000009d0000 0x009d0000 0x00a0ffff Private Memory rw True False False -
private_0x0000000000a70000 0x00a70000 0x00aaffff Private Memory rw True False False -
private_0x0000000000ac0000 0x00ac0000 0x00afffff Private Memory rw True False False -
private_0x0000000000bd0000 0x00bd0000 0x00c0ffff Private Memory rw True False False -
private_0x0000000000c30000 0x00c30000 0x00c6ffff Private Memory rw True False False -
private_0x0000000000c90000 0x00c90000 0x00ccffff Private Memory rw True False False -
taskkill.exe 0x00dc0000 0x00dd5fff Memory Mapped File rwx False False False -
pagefile_0x0000000000de0000 0x00de0000 0x021dffff Pagefile Backed Memory r True False False -
sortdefault.nls 0x021e0000 0x024aefff Memory Mapped File r False False False -
fastprox.dll 0x74b30000 0x74bc5fff Memory Mapped File rwx False False False -
dbghelp.dll 0x74bd0000 0x74cbafff Memory Mapped File rwx False False False -
ntdsapi.dll 0x74cf0000 0x74d07fff Memory Mapped File rwx False False False -
wbemsvc.dll 0x74d10000 0x74d1efff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x74d20000 0x74d2dfff Memory Mapped File rwx False False False -
rsaenh.dll 0x74d80000 0x74dbafff Memory Mapped File rwx False False False -
cryptsp.dll 0x74dc0000 0x74dd5fff Memory Mapped File rwx False False False -
winsta.dll 0x74de0000 0x74e08fff Memory Mapped File rwx False False False -
wbemcomn.dll 0x74e10000 0x74e6bfff Memory Mapped File rwx False False False -
wbemprox.dll 0x74e70000 0x74e79fff Memory Mapped File rwx False False False -
wkscli.dll 0x74ec0000 0x74ecefff Memory Mapped File rwx False False False -
srvcli.dll 0x74ed0000 0x74ee8fff Memory Mapped File rwx False False False -
netutils.dll 0x74ef0000 0x74ef8fff Memory Mapped File rwx False False False -
framedynos.dll 0x74f00000 0x74f34fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
netapi32.dll 0x750a0000 0x750b0fff Memory Mapped File rwx False False False -
wtsapi32.dll 0x750c0000 0x750ccfff Memory Mapped File rwx False False False -
secur32.dll 0x75160000 0x75167fff Memory Mapped File rwx False False False -
mpr.dll 0x75170000 0x75181fff Memory Mapped File rwx False False False -
version.dll 0x751c0000 0x751c8fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #31: cmd.exe
56 0
»
Information Value
ID #31
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c taskkill /F /IM oracle.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:40, Reason: Child Process
Unmonitor End Time: 00:00:40, Reason: Self Terminated
Monitor Duration 00:00:00
OS Process Information
»
Information Value
PID 0x87c
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 830
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e1fff Pagefile Backed Memory rw True False False -
private_0x00000000000f0000 0x000f0000 0x000f0fff Private Memory rw True False False -
private_0x0000000000100000 0x00100000 0x00100fff Private Memory rw True False False -
private_0x0000000000130000 0x00130000 0x0016ffff Private Memory rw True False False -
private_0x0000000000270000 0x00270000 0x0036ffff Private Memory rw True False False -
private_0x00000000004d0000 0x004d0000 0x0054ffff Private Memory rw True False False -
private_0x00000000006b0000 0x006b0000 0x007affff Private Memory rw True False False -
pagefile_0x00000000007b0000 0x007b0000 0x00937fff Pagefile Backed Memory r True False False -
private_0x0000000000940000 0x00940000 0x0094ffff Private Memory rw True False False -
pagefile_0x0000000000950000 0x00950000 0x00ad0fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000ae0000 0x00ae0000 0x01edffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001ee0000 0x01ee0000 0x02222fff Pagefile Backed Memory r True False False -
cmd.exe 0x4a9f0000 0x4aa3bfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751b0000 0x751b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x830
56 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:19 (UTC) True 1
Fn
System Get Time type = Ticks, time = 100948 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4a9f0000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000080 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #32: taskkill.exe
0 0
»
Information Value
ID #32
File Name c:\windows\syswow64\taskkill.exe
Command Line taskkill /F /IM oracle.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:40, Reason: Child Process
Unmonitor End Time: 00:00:40, Reason: Self Terminated
Monitor Duration 00:00:00
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x34c
Parent PID 0x87c (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 850
0x 848
0x 864
0x 8C0
0x 85C
0x 8BC
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
private_0x0000000000050000 0x00050000 0x0008ffff Private Memory rw True False False -
pagefile_0x0000000000090000 0x00090000 0x00093fff Pagefile Backed Memory r True False False -
pagefile_0x00000000000a0000 0x000a0000 0x000a0fff Pagefile Backed Memory r True False False -
locale.nls 0x000b0000 0x00116fff Memory Mapped File r False False False -
pagefile_0x0000000000120000 0x00120000 0x00121fff Pagefile Backed Memory rw True False False -
taskkill.exe.mui 0x00130000 0x00133fff Memory Mapped File rw False False False -
private_0x0000000000140000 0x00140000 0x00140fff Private Memory rw True False False -
private_0x0000000000150000 0x00150000 0x00150fff Private Memory rw True False False -
pagefile_0x0000000000160000 0x00160000 0x00160fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000170000 0x00170000 0x00170fff Pagefile Backed Memory r True False False -
private_0x0000000000190000 0x00190000 0x0019ffff Private Memory rw True False False -
private_0x00000000001d0000 0x001d0000 0x0020ffff Private Memory rw True False False -
private_0x0000000000210000 0x00210000 0x0024ffff Private Memory rw True False False -
private_0x0000000000250000 0x00250000 0x0028ffff Private Memory rw True False False -
kernelbase.dll.mui 0x00290000 0x0034ffff Memory Mapped File rw False False False -
private_0x0000000000410000 0x00410000 0x0048ffff Private Memory rw True False False -
private_0x0000000000490000 0x00490000 0x004cffff Private Memory rw True False False -
private_0x00000000004f0000 0x004f0000 0x0052ffff Private Memory rw True False False -
private_0x0000000000560000 0x00560000 0x0059ffff Private Memory rw True False False -
private_0x00000000005d0000 0x005d0000 0x0060ffff Private Memory rw True False False -
private_0x0000000000610000 0x00610000 0x0070ffff Private Memory rw True False False -
private_0x0000000000750000 0x00750000 0x0078ffff Private Memory rw True False False -
taskkill.exe 0x007a0000 0x007b5fff Memory Mapped File rwx False False False -
pagefile_0x00000000007c0000 0x007c0000 0x00947fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000950000 0x00950000 0x00ad0fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000ae0000 0x00ae0000 0x01edffff Pagefile Backed Memory r True False False -
private_0x0000000001ee0000 0x01ee0000 0x01fdffff Private Memory rw True False False -
private_0x0000000002040000 0x02040000 0x0207ffff Private Memory rw True False False -
private_0x00000000020a0000 0x020a0000 0x020dffff Private Memory rw True False False -
private_0x00000000021c0000 0x021c0000 0x021fffff Private Memory rw True False False -
sortdefault.nls 0x02200000 0x024cefff Memory Mapped File r False False False -
ntdsapi.dll 0x74b50000 0x74b67fff Memory Mapped File rwx False False False -
fastprox.dll 0x74b70000 0x74c05fff Memory Mapped File rwx False False False -
wbemsvc.dll 0x74c10000 0x74c1efff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x74c20000 0x74c2dfff Memory Mapped File rwx False False False -
rsaenh.dll 0x74c30000 0x74c6afff Memory Mapped File rwx False False False -
cryptsp.dll 0x74c70000 0x74c85fff Memory Mapped File rwx False False False -
winsta.dll 0x74c90000 0x74cb8fff Memory Mapped File rwx False False False -
wbemcomn.dll 0x74cd0000 0x74d2bfff Memory Mapped File rwx False False False -
wbemprox.dll 0x74d80000 0x74d89fff Memory Mapped File rwx False False False -
dbghelp.dll 0x74d90000 0x74e7afff Memory Mapped File rwx False False False -
framedynos.dll 0x74ec0000 0x74ef4fff Memory Mapped File rwx False False False -
srvcli.dll 0x74f00000 0x74f18fff Memory Mapped File rwx False False False -
netapi32.dll 0x74f20000 0x74f30fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
wkscli.dll 0x750a0000 0x750aefff Memory Mapped File rwx False False False -
wtsapi32.dll 0x750b0000 0x750bcfff Memory Mapped File rwx False False False -
netutils.dll 0x750c0000 0x750c8fff Memory Mapped File rwx False False False -
mpr.dll 0x75160000 0x75171fff Memory Mapped File rwx False False False -
version.dll 0x75180000 0x75188fff Memory Mapped File rwx False False False -
secur32.dll 0x751c0000 0x751c7fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #33: cmd.exe
56 0
»
Information Value
ID #33
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c taskkill /F /IM emagent.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:40, Reason: Child Process
Unmonitor End Time: 00:00:41, Reason: Self Terminated
Monitor Duration 00:00:01
OS Process Information
»
Information Value
PID 0x918
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 8B4
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
private_0x0000000000030000 0x00030000 0x0003ffff Private Memory rw True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e6fff Pagefile Backed Memory r True False False -
pagefile_0x00000000000f0000 0x000f0000 0x000f1fff Pagefile Backed Memory rw True False False -
private_0x0000000000100000 0x00100000 0x00100fff Private Memory rw True False False -
private_0x0000000000110000 0x00110000 0x00110fff Private Memory rw True False False -
private_0x0000000000170000 0x00170000 0x001affff Private Memory rw True False False -
private_0x00000000002a0000 0x002a0000 0x0039ffff Private Memory rw True False False -
pagefile_0x00000000003a0000 0x003a0000 0x00527fff Pagefile Backed Memory r True False False -
private_0x0000000000570000 0x00570000 0x005effff Private Memory rw True False False -
pagefile_0x00000000005f0000 0x005f0000 0x00770fff Pagefile Backed Memory r True False False -
private_0x00000000007c0000 0x007c0000 0x008bffff Private Memory rw True False False -
pagefile_0x00000000008c0000 0x008c0000 0x01cbffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001cc0000 0x01cc0000 0x02002fff Pagefile Backed Memory r True False False -
cmd.exe 0x4a020000 0x4a06bfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751b0000 0x751b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x8b4
56 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:19 (UTC) True 1
Fn
System Get Time type = Ticks, time = 101400 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4a020000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000080 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #34: taskkill.exe
0 0
»
Information Value
ID #34
File Name c:\windows\syswow64\taskkill.exe
Command Line taskkill /F /IM emagent.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:40, Reason: Child Process
Unmonitor End Time: 00:00:40, Reason: Self Terminated
Monitor Duration 00:00:00
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x8b8
Parent PID 0x918 (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 5F8
0x 6BC
0x 700
0x 8A0
0x 8D4
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
private_0x0000000000050000 0x00050000 0x0008ffff Private Memory rw True False False -
pagefile_0x0000000000090000 0x00090000 0x00093fff Pagefile Backed Memory r True False False -
pagefile_0x00000000000a0000 0x000a0000 0x000a0fff Pagefile Backed Memory r True False False -
locale.nls 0x000b0000 0x00116fff Memory Mapped File r False False False -
pagefile_0x0000000000120000 0x00120000 0x00121fff Pagefile Backed Memory rw True False False -
taskkill.exe.mui 0x00130000 0x00133fff Memory Mapped File rw False False False -
private_0x0000000000140000 0x00140000 0x00140fff Private Memory rw True False False -
private_0x0000000000150000 0x00150000 0x00150fff Private Memory rw True False False -
pagefile_0x0000000000160000 0x00160000 0x00160fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000170000 0x00170000 0x00170fff Pagefile Backed Memory r True False False -
private_0x00000000001a0000 0x001a0000 0x001dffff Private Memory rw True False False -
private_0x0000000000250000 0x00250000 0x0028ffff Private Memory rw True False False -
kernelbase.dll.mui 0x00290000 0x0034ffff Memory Mapped File rw False False False -
private_0x0000000000390000 0x00390000 0x003cffff Private Memory rw True False False -
private_0x00000000003d0000 0x003d0000 0x0044ffff Private Memory rw True False False -
private_0x0000000000480000 0x00480000 0x004bffff Private Memory rw True False False -
private_0x00000000004f0000 0x004f0000 0x0052ffff Private Memory rw True False False -
private_0x0000000000540000 0x00540000 0x0057ffff Private Memory rw True False False -
private_0x0000000000590000 0x00590000 0x0068ffff Private Memory rw True False False -
private_0x00000000006c0000 0x006c0000 0x006fffff Private Memory rw True False False -
private_0x0000000000740000 0x00740000 0x0077ffff Private Memory rw True False False -
private_0x00000000007e0000 0x007e0000 0x007effff Private Memory rw True False False -
pagefile_0x00000000007f0000 0x007f0000 0x00977fff Pagefile Backed Memory r True False False -
taskkill.exe 0x009a0000 0x009b5fff Memory Mapped File rwx False False False -
pagefile_0x00000000009c0000 0x009c0000 0x00b40fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000b50000 0x00b50000 0x01f4ffff Pagefile Backed Memory r True False False -
private_0x0000000001f50000 0x01f50000 0x0204ffff Private Memory rw True False False -
private_0x0000000002100000 0x02100000 0x0213ffff Private Memory rw True False False -
private_0x0000000002140000 0x02140000 0x0217ffff Private Memory rw True False False -
sortdefault.nls 0x02180000 0x0244efff Memory Mapped File r False False False -
private_0x0000000002450000 0x02450000 0x0248ffff Private Memory rw True False False -
fastprox.dll 0x74b30000 0x74bc5fff Memory Mapped File rwx False False False -
dbghelp.dll 0x74bd0000 0x74cbafff Memory Mapped File rwx False False False -
ntdsapi.dll 0x74cf0000 0x74d07fff Memory Mapped File rwx False False False -
wbemsvc.dll 0x74d10000 0x74d1efff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x74d20000 0x74d2dfff Memory Mapped File rwx False False False -
rsaenh.dll 0x74d80000 0x74dbafff Memory Mapped File rwx False False False -
cryptsp.dll 0x74dc0000 0x74dd5fff Memory Mapped File rwx False False False -
winsta.dll 0x74de0000 0x74e08fff Memory Mapped File rwx False False False -
wbemcomn.dll 0x74e10000 0x74e6bfff Memory Mapped File rwx False False False -
wbemprox.dll 0x74e70000 0x74e79fff Memory Mapped File rwx False False False -
wkscli.dll 0x74ec0000 0x74ecefff Memory Mapped File rwx False False False -
srvcli.dll 0x74ed0000 0x74ee8fff Memory Mapped File rwx False False False -
netutils.dll 0x74ef0000 0x74ef8fff Memory Mapped File rwx False False False -
framedynos.dll 0x74f00000 0x74f34fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
netapi32.dll 0x750a0000 0x750b0fff Memory Mapped File rwx False False False -
wtsapi32.dll 0x750c0000 0x750ccfff Memory Mapped File rwx False False False -
secur32.dll 0x75160000 0x75167fff Memory Mapped File rwx False False False -
mpr.dll 0x75170000 0x75181fff Memory Mapped File rwx False False False -
version.dll 0x751c0000 0x751c8fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #35: cmd.exe
56 0
»
Information Value
ID #35
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c taskkill /F /IM mysqld-nt.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:40, Reason: Child Process
Unmonitor End Time: 00:00:41, Reason: Self Terminated
Monitor Duration 00:00:01
OS Process Information
»
Information Value
PID 0x8cc
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 8D0
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e1fff Pagefile Backed Memory rw True False False -
private_0x00000000000f0000 0x000f0000 0x000f0fff Private Memory rw True False False -
private_0x0000000000100000 0x00100000 0x00100fff Private Memory rw True False False -
private_0x0000000000170000 0x00170000 0x001effff Private Memory rw True False False -
private_0x0000000000210000 0x00210000 0x0024ffff Private Memory rw True False False -
private_0x00000000002e0000 0x002e0000 0x003dffff Private Memory rw True False False -
private_0x00000000004e0000 0x004e0000 0x005dffff Private Memory rw True False False -
pagefile_0x00000000005e0000 0x005e0000 0x00767fff Pagefile Backed Memory r True False False -
private_0x00000000007c0000 0x007c0000 0x007cffff Private Memory rw True False False -
pagefile_0x00000000007d0000 0x007d0000 0x00950fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000960000 0x00960000 0x01d5ffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001d60000 0x01d60000 0x020a2fff Pagefile Backed Memory r True False False -
cmd.exe 0x4a960000 0x4a9abfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751b0000 0x751b6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x8d0
56 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:20 (UTC) True 1
Fn
System Get Time type = Ticks, time = 101665 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4a960000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000080 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #36: taskkill.exe
0 0
»
Information Value
ID #36
File Name c:\windows\syswow64\taskkill.exe
Command Line taskkill /F /IM mysqld-nt.exe
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:41, Reason: Child Process
Unmonitor End Time: 00:00:41, Reason: Self Terminated
Monitor Duration 00:00:00
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x8d8
Parent PID 0x8cc (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 91C
0x 8A4
0x 8B0
0x 908
0x 90C
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e1fff Pagefile Backed Memory rw True False False -
taskkill.exe.mui 0x000f0000 0x000f3fff Memory Mapped File rw False False False -
private_0x0000000000100000 0x00100000 0x00100fff Private Memory rw True False False -
private_0x0000000000110000 0x00110000 0x00110fff Private Memory rw True False False -
pagefile_0x0000000000120000 0x00120000 0x00120fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000130000 0x00130000 0x00130fff Pagefile Backed Memory r True False False -
private_0x0000000000180000 0x00180000 0x0018ffff Private Memory rw True False False -
private_0x0000000000190000 0x00190000 0x001cffff Private Memory rw True False False -
private_0x00000000001d0000 0x001d0000 0x0020ffff Private Memory rw True False False -
kernelbase.dll.mui 0x00210000 0x002cffff Memory Mapped File rw False False False -
private_0x00000000002d0000 0x002d0000 0x0034ffff Private Memory rw True False False -
private_0x00000000003a0000 0x003a0000 0x003dffff Private Memory rw True False False -
private_0x0000000000410000 0x00410000 0x0050ffff Private Memory rw True False False -
pagefile_0x0000000000510000 0x00510000 0x00697fff Pagefile Backed Memory r True False False -
taskkill.exe 0x00710000 0x00725fff Memory Mapped File rwx False False False -
pagefile_0x0000000000730000 0x00730000 0x008b0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000008c0000 0x008c0000 0x01cbffff Pagefile Backed Memory r True False False -
private_0x0000000001ce0000 0x01ce0000 0x01d1ffff Private Memory rw True False False -
private_0x0000000001d20000 0x01d20000 0x01d5ffff Private Memory rw True False False -
private_0x0000000001d60000 0x01d60000 0x01d9ffff Private Memory rw True False False -
private_0x0000000001dc0000 0x01dc0000 0x01dfffff Private Memory rw True False False -
private_0x0000000001e00000 0x01e00000 0x01e3ffff Private Memory rw True False False -
private_0x0000000001e40000 0x01e40000 0x01e7ffff Private Memory rw True False False -
private_0x0000000001e80000 0x01e80000 0x01f7ffff Private Memory rw True False False -
sortdefault.nls 0x01f80000 0x0224efff Memory Mapped File r False False False -
private_0x0000000002250000 0x02250000 0x0228ffff Private Memory rw True False False -
private_0x0000000002290000 0x02290000 0x022cffff Private Memory rw True False False -
private_0x0000000002330000 0x02330000 0x0236ffff Private Memory rw True False False -
ntdsapi.dll 0x74b50000 0x74b67fff Memory Mapped File rwx False False False -
fastprox.dll 0x74b70000 0x74c05fff Memory Mapped File rwx False False False -
wbemsvc.dll 0x74c10000 0x74c1efff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x74c20000 0x74c2dfff Memory Mapped File rwx False False False -
rsaenh.dll 0x74c30000 0x74c6afff Memory Mapped File rwx False False False -
cryptsp.dll 0x74c70000 0x74c85fff Memory Mapped File rwx False False False -
winsta.dll 0x74c90000 0x74cb8fff Memory Mapped File rwx False False False -
wbemcomn.dll 0x74cd0000 0x74d2bfff Memory Mapped File rwx False False False -
wbemprox.dll 0x74d80000 0x74d89fff Memory Mapped File rwx False False False -
dbghelp.dll 0x74d90000 0x74e7afff Memory Mapped File rwx False False False -
framedynos.dll 0x74ec0000 0x74ef4fff Memory Mapped File rwx False False False -
srvcli.dll 0x74f00000 0x74f18fff Memory Mapped File rwx False False False -
netapi32.dll 0x74f20000 0x74f30fff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
wkscli.dll 0x750a0000 0x750aefff Memory Mapped File rwx False False False -
wtsapi32.dll 0x750b0000 0x750bcfff Memory Mapped File rwx False False False -
netutils.dll 0x750c0000 0x750c8fff Memory Mapped File rwx False False False -
mpr.dll 0x75160000 0x75171fff Memory Mapped File rwx False False False -
version.dll 0x75180000 0x75188fff Memory Mapped File rwx False False False -
secur32.dll 0x751c0000 0x751c7fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
nsi.dll 0x75970000 0x75975fff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
shlwapi.dll 0x761d0000 0x76226fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
ws2_32.dll 0x768c0000 0x768f4fff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
private_0x000000007efaa000 0x7efaa000 0x7efacfff Private Memory rw True False False -
private_0x000000007efad000 0x7efad000 0x7efaffff Private Memory rw True False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #37: cmd.exe
62 0
»
Information Value
ID #37
File Name c:\windows\syswow64\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c vssadmin delete shadows /all /quiet&vssadmin delete shadows /all /quiet
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:41, Reason: Child Process
Unmonitor End Time: 00:00:42, Reason: Self Terminated
Monitor Duration 00:00:01
OS Process Information
»
Information Value
PID 0x914
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 924
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
locale.nls 0x00070000 0x000d6fff Memory Mapped File r False False False -
pagefile_0x00000000000e0000 0x000e0000 0x000e1fff Pagefile Backed Memory rw True False False -
private_0x00000000000f0000 0x000f0000 0x000f0fff Private Memory rw True False False -
private_0x0000000000100000 0x00100000 0x00100fff Private Memory rw True False False -
private_0x0000000000150000 0x00150000 0x0018ffff Private Memory rw True False False -
private_0x0000000000300000 0x00300000 0x003fffff Private Memory rw True False False -
pagefile_0x0000000000400000 0x00400000 0x00587fff Pagefile Backed Memory r True False False -
private_0x00000000005e0000 0x005e0000 0x0065ffff Private Memory rw True False False -
pagefile_0x0000000000660000 0x00660000 0x007e0fff Pagefile Backed Memory r True False False -
private_0x0000000000840000 0x00840000 0x0093ffff Private Memory rw True False False -
private_0x0000000000b30000 0x00b30000 0x00b3ffff Private Memory rw True False False -
pagefile_0x0000000000b40000 0x00b40000 0x01f3ffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001f40000 0x01f40000 0x02282fff Pagefile Backed Memory r True False False -
cmd.exe 0x4a700000 0x4a74bfff Memory Mapped File rwx True False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
winbrand.dll 0x751c0000 0x751c6fff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Threads
Thread 0x924
62 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:20 (UTC) True 1
Fn
System Get Time type = Ticks, time = 101977 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\cmd.exe, base_address = 0x4a700000 True 1
Fn
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetThreadUILanguage, address_out = 0x757ea84f True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 0, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\syswow64\kernel32.dll, base_address = 0x757c0000 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = CopyFileExW, address_out = 0x757f3b92 True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = IsDebuggerPresent, address_out = 0x757d4a5d True 1
Fn
Module Get Address module_name = c:\windows\syswow64\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x757ea79d True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000002 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000002 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #38: vssadmin.exe
0 0
»
Information Value
ID #38
File Name c:\windows\syswow64\vssadmin.exe
Command Line vssadmin delete shadows /all /quiet
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:41, Reason: Child Process
Unmonitor End Time: 00:00:42, Reason: Self Terminated
Monitor Duration 00:00:01
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x92c
Parent PID 0x914 (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 8C4
0x BD4
0x BD8
0x BDC
0x BE0
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000070000 0x00070000 0x00071fff Pagefile Backed Memory rw True False False -
vssadmin.exe.mui 0x00080000 0x0008cfff Memory Mapped File rw False False False -
private_0x0000000000090000 0x00090000 0x00090fff Private Memory rw True False False -
private_0x00000000000a0000 0x000a0000 0x000a0fff Private Memory rw True False False -
private_0x00000000000b0000 0x000b0000 0x000effff Private Memory rw True False False -
private_0x00000000000f0000 0x000f0000 0x0012ffff Private Memory rw True False False -
locale.nls 0x00130000 0x00196fff Memory Mapped File r False False False -
private_0x00000000001a0000 0x001a0000 0x001dffff Private Memory rw True False False -
pagefile_0x00000000001e0000 0x001e0000 0x001e0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000001f0000 0x001f0000 0x001f0fff Pagefile Backed Memory r True False False -
private_0x0000000000200000 0x00200000 0x0020ffff Private Memory rw True False False -
private_0x0000000000250000 0x00250000 0x0028ffff Private Memory rw True False False -
private_0x0000000000290000 0x00290000 0x0030ffff Private Memory rw True False False -
private_0x00000000003c0000 0x003c0000 0x003fffff Private Memory rw True False False -
private_0x0000000000470000 0x00470000 0x0056ffff Private Memory rw True False False -
pagefile_0x0000000000570000 0x00570000 0x006f7fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000700000 0x00700000 0x00880fff Pagefile Backed Memory r True False False -
private_0x00000000008b0000 0x008b0000 0x008effff Private Memory rw True False False -
vssadmin.exe 0x00af0000 0x00b0efff Memory Mapped File rwx False False False -
pagefile_0x0000000000b10000 0x00b10000 0x01f0ffff Pagefile Backed Memory r True False False -
sortdefault.nls 0x01f10000 0x021defff Memory Mapped File r False False False -
vssapi.dll 0x74ba0000 0x74cb5fff Memory Mapped File rwx False False False -
rsaenh.dll 0x74f00000 0x74f3afff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
cryptsp.dll 0x750b0000 0x750c5fff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x75160000 0x7516dfff Memory Mapped File rwx False False False -
atl.dll 0x75170000 0x75183fff Memory Mapped File rwx False False False -
vsstrace.dll 0x751b0000 0x751bffff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #40: vssadmin.exe
0 0
»
Information Value
ID #40
File Name c:\windows\syswow64\vssadmin.exe
Command Line vssadmin delete shadows /all /quiet
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:42, Reason: Child Process
Unmonitor End Time: 00:00:43, Reason: Self Terminated
Monitor Duration 00:00:01
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0xbfc
Parent PID 0x914 (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x BF8
0x BF4
0x BF0
0x BEC
0x 54C
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
private_0x0000000000030000 0x00030000 0x00031fff Private Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00036fff Pagefile Backed Memory r True False False -
apisetschema.dll 0x00040000 0x00040fff Memory Mapped File rwx False False False -
pagefile_0x0000000000050000 0x00050000 0x00053fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00060fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000070000 0x00070000 0x00071fff Pagefile Backed Memory rw True False False -
vssadmin.exe.mui 0x00080000 0x0008cfff Memory Mapped File rw False False False -
private_0x0000000000090000 0x00090000 0x000cffff Private Memory rw True False False -
locale.nls 0x000d0000 0x00136fff Memory Mapped File r False False False -
private_0x0000000000140000 0x00140000 0x00140fff Private Memory rw True False False -
private_0x0000000000150000 0x00150000 0x0018ffff Private Memory rw True False False -
private_0x0000000000190000 0x00190000 0x00190fff Private Memory rw True False False -
pagefile_0x00000000001a0000 0x001a0000 0x001a0fff Pagefile Backed Memory r True False False -
private_0x00000000001b0000 0x001b0000 0x001bffff Private Memory rw True False False -
pagefile_0x00000000001c0000 0x001c0000 0x001c0fff Pagefile Backed Memory r True False False -
private_0x0000000000260000 0x00260000 0x0029ffff Private Memory rw True False False -
private_0x00000000002a0000 0x002a0000 0x0031ffff Private Memory rw True False False -
private_0x0000000000430000 0x00430000 0x0052ffff Private Memory rw True False False -
pagefile_0x0000000000530000 0x00530000 0x006b7fff Pagefile Backed Memory r True False False -
pagefile_0x00000000006c0000 0x006c0000 0x00840fff Pagefile Backed Memory r True False False -
private_0x00000000008a0000 0x008a0000 0x008dffff Private Memory rw True False False -
private_0x0000000000960000 0x00960000 0x0099ffff Private Memory rw True False False -
private_0x00000000009d0000 0x009d0000 0x00a0ffff Private Memory rw True False False -
sortdefault.nls 0x00a10000 0x00cdefff Memory Mapped File r False False False -
vssadmin.exe 0x00e20000 0x00e3efff Memory Mapped File rwx False False False -
pagefile_0x0000000000e40000 0x00e40000 0x0223ffff Pagefile Backed Memory r True False False -
vssapi.dll 0x74a80000 0x74b95fff Memory Mapped File rwx False False False -
rsaenh.dll 0x74ec0000 0x74efafff Memory Mapped File rwx False False False -
wow64cpu.dll 0x74ff0000 0x74ff7fff Memory Mapped File rwx False False False -
wow64win.dll 0x75000000 0x7505bfff Memory Mapped File rwx False False False -
wow64.dll 0x75060000 0x7509efff Memory Mapped File rwx False False False -
atl.dll 0x750b0000 0x750c3fff Memory Mapped File rwx False False False -
cryptsp.dll 0x75160000 0x75175fff Memory Mapped File rwx False False False -
vsstrace.dll 0x75180000 0x7518ffff Memory Mapped File rwx False False False -
rpcrtremote.dll 0x751b0000 0x751bdfff Memory Mapped File rwx False False False -
cryptbase.dll 0x75600000 0x7560bfff Memory Mapped File rwx False False False -
sspicli.dll 0x75610000 0x7566ffff Memory Mapped File rwx False False False -
advapi32.dll 0x75720000 0x757bffff Memory Mapped File rwx False False False -
kernel32.dll 0x757c0000 0x758cffff Memory Mapped File rwx False False False -
usp10.dll 0x758d0000 0x7596cfff Memory Mapped File rwx False False False -
lpk.dll 0x75a70000 0x75a79fff Memory Mapped File rwx False False False -
msctf.dll 0x75ea0000 0x75f6bfff Memory Mapped File rwx False False False -
imm32.dll 0x75f80000 0x75fdffff Memory Mapped File rwx False False False -
msvcrt.dll 0x75fe0000 0x7608bfff Memory Mapped File rwx False False False -
rpcrt4.dll 0x76090000 0x7617ffff Memory Mapped File rwx False False False -
sechost.dll 0x761b0000 0x761c8fff Memory Mapped File rwx False False False -
kernelbase.dll 0x76260000 0x762a5fff Memory Mapped File rwx False False False -
oleaut32.dll 0x762b0000 0x7633efff Memory Mapped File rwx False False False -
ole32.dll 0x764e0000 0x7663bfff Memory Mapped File rwx False False False -
clbcatq.dll 0x76640000 0x766c2fff Memory Mapped File rwx False False False -
gdi32.dll 0x766d0000 0x7675ffff Memory Mapped File rwx False False False -
user32.dll 0x775b0000 0x776affff Memory Mapped File rwx False False False -
private_0x00000000776b0000 0x776b0000 0x777a9fff Private Memory rwx True False False -
private_0x00000000777b0000 0x777b0000 0x778cefff Private Memory rwx True False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
ntdll.dll 0x77ab0000 0x77c2ffff Memory Mapped File rwx False False False -
pagefile_0x000000007efb0000 0x7efb0000 0x7efd2fff Pagefile Backed Memory r True False False -
private_0x000000007efd5000 0x7efd5000 0x7efd7fff Private Memory rw True False False -
private_0x000000007efd8000 0x7efd8000 0x7efdafff Private Memory rw True False False -
private_0x000000007efdb000 0x7efdb000 0x7efddfff Private Memory rw True False False -
private_0x000000007efde000 0x7efde000 0x7efdefff Private Memory rw True False False -
private_0x000000007efdf000 0x7efdf000 0x7efdffff Private Memory rw True False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fff0000 0x7fff0000 0x7fffffeffff Private Memory r True False False -
Process #41: cmd.exe
67 0
»
Information Value
ID #41
File Name c:\windows\system32\cmd.exe
Command Line C:\Windows\system32\cmd.exe /c vssadmin delete shadows /all /quiet&vssadmin delete shadows /all /quiet
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:42, Reason: Child Process
Unmonitor End Time: 00:01:05, Reason: Self Terminated
Monitor Duration 00:00:23
OS Process Information
»
Information Value
PID 0x71c
Parent PID 0x94c (c:\windows\temp\ktsi.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x 6E8
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00033fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000040000 0x00040000 0x00040fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000050000 0x00050000 0x00056fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00061fff Pagefile Backed Memory rw True False False -
private_0x0000000000070000 0x00070000 0x00070fff Private Memory rw True False False -
private_0x0000000000080000 0x00080000 0x00080fff Private Memory rw True False False -
private_0x0000000000090000 0x00090000 0x0018ffff Private Memory rw True False False -
locale.nls 0x00190000 0x001f6fff Memory Mapped File r False False False -
private_0x0000000000200000 0x00200000 0x002fffff Private Memory rw True False False -
private_0x0000000000380000 0x00380000 0x0047ffff Private Memory rw True False False -
pagefile_0x0000000000480000 0x00480000 0x00607fff Pagefile Backed Memory r True False False -
private_0x0000000000630000 0x00630000 0x0063ffff Private Memory rw True False False -
pagefile_0x0000000000640000 0x00640000 0x007c0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000007d0000 0x007d0000 0x01bcffff Pagefile Backed Memory r True False False -
pagefile_0x0000000001bd0000 0x01bd0000 0x01f12fff Pagefile Backed Memory r True False False -
sortdefault.nls 0x01f20000 0x021eefff Memory Mapped File r False False False -
cmd.exe 0x4a720000 0x4a778fff Memory Mapped File rwx True False False -
user32.dll 0x776b0000 0x777a9fff Memory Mapped File rwx False False False -
kernel32.dll 0x777b0000 0x778cefff Memory Mapped File rwx False False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
private_0x000000007fffd000 0x7fffd000 0x7fffdfff Private Memory rw True False False -
winbrand.dll 0x7fef83d0000 0x7fef83d7fff Memory Mapped File rwx False False False -
kernelbase.dll 0x7fefd8d0000 0x7fefd93afff Memory Mapped File rwx False False False -
lpk.dll 0x7fefdec0000 0x7fefdecdfff Memory Mapped File rwx False False False -
imm32.dll 0x7fefdfb0000 0x7fefdfddfff Memory Mapped File rwx False False False -
gdi32.dll 0x7fefe100000 0x7fefe166fff Memory Mapped File rwx False False False -
msvcrt.dll 0x7fefe170000 0x7fefe20efff Memory Mapped File rwx False False False -
msctf.dll 0x7fefe210000 0x7fefe318fff Memory Mapped File rwx False False False -
usp10.dll 0x7fefe320000 0x7fefe3e8fff Memory Mapped File rwx False False False -
apisetschema.dll 0x7feffbf0000 0x7feffbf0fff Memory Mapped File rwx False False False -
pagefile_0x000007fffffb0000 0x7fffffb0000 0x7fffffd2fff Pagefile Backed Memory r True False False -
private_0x000007fffffdb000 0x7fffffdb000 0x7fffffdbfff Private Memory rw True False False -
private_0x000007fffffde000 0x7fffffde000 0x7fffffdffff Private Memory rw True False False -
Threads
Thread 0x6e8
67 0
»
Category Operation Information Success Count Logfile
System Get Time type = System Time, time = 2018-10-16 14:29:21 (UTC) True 1
Fn
System Get Time type = Ticks, time = 103225 True 1
Fn
Module Get Handle module_name = c:\windows\system32\cmd.exe, base_address = 0x4a720000 True 1
Fn
Module Get Handle module_name = c:\windows\system32\kernel32.dll, base_address = 0x777b0000 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x777c6d40 True 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System False 1
Fn
File Open filename = STD_OUTPUT_HANDLE True 3
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Environment Get Environment String - True 2
Fn
Data
Registry Open Key reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 24, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE False 1
Fn
Registry Open Key reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE False 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN True 1
Fn
Registry Read Value reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE False 1
Fn
Module Get Filename process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Environment Get Environment String name = PROMPT False 1
Fn
Environment Set Environment String name = PROMPT, value = $P$G True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = COMSPEC, result_out = C:\Windows\system32\cmd.exe True 1
Fn
Environment Get Environment String name = KEYS False 1
Fn
File Get Info filename = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop, type = file_attributes True 2
Fn
Environment Set Environment String name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Module Get Handle module_name = c:\windows\system32\kernel32.dll, base_address = 0x777b0000 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x777c23d0 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x777b8290 True 1
Fn
Module Get Address module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x777c17e0 True 1
Fn
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Process Create process_name = C:\Windows\system32\vssadmin.exe, os_pid = 0x81c, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000000 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Get Environment String name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ True 1
Fn
Environment Get Environment String name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC True 1
Fn
Process Create process_name = C:\Windows\system32\vssadmin.exe, os_pid = 0x6c8, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL True 1
Fn
Environment Set Environment String name = COPYCMD True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCode, value = 00000001 True 1
Fn
Environment Get Environment String - True 1
Fn
Data
Environment Set Environment String name = =ExitCodeAscii True 1
Fn
Environment Get Environment String - True 1
Fn
Data
File Open filename = STD_OUTPUT_HANDLE True 2
Fn
File Open filename = STD_INPUT_HANDLE True 1
Fn
Process #42: vssadmin.exe
0 0
»
Information Value
ID #42
File Name c:\windows\system32\vssadmin.exe
Command Line vssadmin delete shadows /all /quiet
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:00:42, Reason: Child Process
Unmonitor End Time: 00:01:05, Reason: Self Terminated
Monitor Duration 00:00:23
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x81c
Parent PID 0x71c (c:\windows\system32\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x C4
0x 660
0x 674
0x 6D0
0x 658
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00033fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000040000 0x00040000 0x00040fff Pagefile Backed Memory r True False False -
locale.nls 0x00050000 0x000b6fff Memory Mapped File r False False False -
pagefile_0x00000000000c0000 0x000c0000 0x000c6fff Pagefile Backed Memory r True False False -
pagefile_0x00000000000d0000 0x000d0000 0x000d1fff Pagefile Backed Memory rw True False False -
vssadmin.exe.mui 0x000e0000 0x000ecfff Memory Mapped File rw False False False -
private_0x00000000000f0000 0x000f0000 0x000f0fff Private Memory rw True False False -
private_0x0000000000100000 0x00100000 0x00100fff Private Memory rw True False False -
pagefile_0x0000000000110000 0x00110000 0x00110fff Pagefile Backed Memory r True False False -
private_0x0000000000120000 0x00120000 0x0012ffff Private Memory rw True False False -
pagefile_0x0000000000130000 0x00130000 0x00130fff Pagefile Backed Memory r True False False -
private_0x0000000000170000 0x00170000 0x001effff Private Memory rw True False False -
private_0x00000000001f0000 0x001f0000 0x002effff Private Memory rw True False False -
private_0x0000000000350000 0x00350000 0x0044ffff Private Memory rw True False False -
pagefile_0x0000000000450000 0x00450000 0x005d7fff Pagefile Backed Memory r True False False -
pagefile_0x00000000005e0000 0x005e0000 0x00760fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000770000 0x00770000 0x01b6ffff Pagefile Backed Memory r True False False -
private_0x0000000001bb0000 0x01bb0000 0x01c2ffff Private Memory rw True False False -
private_0x0000000001e10000 0x01e10000 0x01e8ffff Private Memory rw True False False -
sortdefault.nls 0x01e90000 0x0215efff Memory Mapped File r False False False -
user32.dll 0x776b0000 0x777a9fff Memory Mapped File rwx False False False -
kernel32.dll 0x777b0000 0x778cefff Memory Mapped File rwx False False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
vssadmin.exe 0xff570000 0xff59cfff Memory Mapped File rwx False False False -
vsstrace.dll 0x7fefa8d0000 0x7fefa8e6fff Memory Mapped File rwx False False False -
vssapi.dll 0x7fefa8f0000 0x7fefaa9ffff Memory Mapped File rwx False False False -
atl.dll 0x7fefb2d0000 0x7fefb2e8fff Memory Mapped File rwx False False False -
rsaenh.dll 0x7fefce10000 0x7fefce56fff Memory Mapped File rwx False False False -
cryptsp.dll 0x7fefd110000 0x7fefd126fff Memory Mapped File rwx False False False -
cryptbase.dll 0x7fefd710000 0x7fefd71efff Memory Mapped File rwx False False False -
kernelbase.dll 0x7fefd8d0000 0x7fefd93afff Memory Mapped File rwx False False False -
lpk.dll 0x7fefdec0000 0x7fefdecdfff Memory Mapped File rwx False False False -
oleaut32.dll 0x7fefded0000 0x7fefdfa6fff Memory Mapped File rwx False False False -
imm32.dll 0x7fefdfb0000 0x7fefdfddfff Memory Mapped File rwx False False False -
gdi32.dll 0x7fefe100000 0x7fefe166fff Memory Mapped File rwx False False False -
msvcrt.dll 0x7fefe170000 0x7fefe20efff Memory Mapped File rwx False False False -
msctf.dll 0x7fefe210000 0x7fefe318fff Memory Mapped File rwx False False False -
usp10.dll 0x7fefe320000 0x7fefe3e8fff Memory Mapped File rwx False False False -
advapi32.dll 0x7fefe3f0000 0x7fefe4cafff Memory Mapped File rwx False False False -
rpcrt4.dll 0x7fefe4d0000 0x7fefe5fcfff Memory Mapped File rwx False False False -
clbcatq.dll 0x7fefe600000 0x7fefe698fff Memory Mapped File rwx False False False -
sechost.dll 0x7fefea30000 0x7fefea4efff Memory Mapped File rwx False False False -
ole32.dll 0x7feff9d0000 0x7feffbd2fff Memory Mapped File rwx False False False -
apisetschema.dll 0x7feffbf0000 0x7feffbf0fff Memory Mapped File rwx False False False -
pagefile_0x000007fffffb0000 0x7fffffb0000 0x7fffffd2fff Pagefile Backed Memory r True False False -
private_0x000007fffffd8000 0x7fffffd8000 0x7fffffd9fff Private Memory rw True False False -
private_0x000007fffffda000 0x7fffffda000 0x7fffffdafff Private Memory rw True False False -
private_0x000007fffffdc000 0x7fffffdc000 0x7fffffddfff Private Memory rw True False False -
private_0x000007fffffde000 0x7fffffde000 0x7fffffdffff Private Memory rw True False False -
Process #44: vssadmin.exe
0 0
»
Information Value
ID #44
File Name c:\windows\system32\vssadmin.exe
Command Line vssadmin delete shadows /all /quiet
Initial Working Directory C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor Start Time: 00:01:04, Reason: Child Process
Unmonitor End Time: 00:01:05, Reason: Self Terminated
Monitor Duration 00:00:01
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x6c8
Parent PID 0x71c (c:\windows\system32\cmd.exe)
Is Created or Modified Executable False
Integrity Level High (Elevated)
Username XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs
0x BEC
0x 54C
0x BF4
0x BF0
0x 34C
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
private_0x0000000000010000 0x00010000 0x0002ffff Private Memory rw True False False -
pagefile_0x0000000000010000 0x00010000 0x0001ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000020000 0x00020000 0x0002ffff Pagefile Backed Memory rw True False False -
pagefile_0x0000000000030000 0x00030000 0x00033fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000040000 0x00040000 0x00040fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000050000 0x00050000 0x00056fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000060000 0x00060000 0x00061fff Pagefile Backed Memory rw True False False -
vssadmin.exe.mui 0x00070000 0x0007cfff Memory Mapped File rw False False False -
private_0x0000000000080000 0x00080000 0x00080fff Private Memory rw True False False -
private_0x0000000000090000 0x00090000 0x00090fff Private Memory rw True False False -
pagefile_0x00000000000a0000 0x000a0000 0x000a0fff Pagefile Backed Memory r True False False -
private_0x00000000000b0000 0x000b0000 0x0012ffff Private Memory rw True False False -
locale.nls 0x00130000 0x00196fff Memory Mapped File r False False False -
private_0x00000000001e0000 0x001e0000 0x002dffff Private Memory rw True False False -
private_0x00000000003c0000 0x003c0000 0x003cffff Private Memory rw True False False -
private_0x00000000003d0000 0x003d0000 0x004cffff Private Memory rw True False False -
pagefile_0x00000000004d0000 0x004d0000 0x00657fff Pagefile Backed Memory r True False False -
pagefile_0x0000000000660000 0x00660000 0x007e0fff Pagefile Backed Memory r True False False -
pagefile_0x00000000007f0000 0x007f0000 0x01beffff Pagefile Backed Memory r True False False -
private_0x0000000001c20000 0x01c20000 0x01c9ffff Private Memory rw True False False -
user32.dll 0x776b0000 0x777a9fff Memory Mapped File rwx False False False -
kernel32.dll 0x777b0000 0x778cefff Memory Mapped File rwx False False False -
ntdll.dll 0x778d0000 0x77a78fff Memory Mapped File rwx False False False -
private_0x000000007efe0000 0x7efe0000 0x7ffdffff Private Memory r True False False -
pagefile_0x000000007efe0000 0x7efe0000 0x7f0dffff Pagefile Backed Memory r True False False -
private_0x000000007f0e0000 0x7f0e0000 0x7ffdffff Private Memory r True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
vssadmin.exe 0xff450000 0xff47cfff Memory Mapped File rwx False False False -
vsstrace.dll 0x7fefa8d0000 0x7fefa8e6fff Memory Mapped File rwx False False False -
vssapi.dll 0x7fefa8f0000 0x7fefaa9ffff Memory Mapped File rwx False False False -
atl.dll 0x7fefb2d0000 0x7fefb2e8fff Memory Mapped File rwx False False False -
cryptbase.dll 0x7fefd710000 0x7fefd71efff Memory Mapped File rwx False False False -
kernelbase.dll 0x7fefd8d0000 0x7fefd93afff Memory Mapped File rwx False False False -
lpk.dll 0x7fefdec0000 0x7fefdecdfff Memory Mapped File rwx False False False -
oleaut32.dll 0x7fefded0000 0x7fefdfa6fff Memory Mapped File rwx False False False -
imm32.dll 0x7fefdfb0000 0x7fefdfddfff Memory Mapped File rwx False False False -
gdi32.dll 0x7fefe100000 0x7fefe166fff Memory Mapped File rwx False False False -
msvcrt.dll 0x7fefe170000 0x7fefe20efff Memory Mapped File rwx False False False -
msctf.dll 0x7fefe210000 0x7fefe318fff Memory Mapped File rwx False False False -
usp10.dll 0x7fefe320000 0x7fefe3e8fff Memory Mapped File rwx False False False -
advapi32.dll 0x7fefe3f0000 0x7fefe4cafff Memory Mapped File rwx False False False -
rpcrt4.dll 0x7fefe4d0000 0x7fefe5fcfff Memory Mapped File rwx False False False -
clbcatq.dll 0x7fefe600000 0x7fefe698fff Memory Mapped File rwx False False False -
sechost.dll 0x7fefea30000 0x7fefea4efff Memory Mapped File rwx False False False -
ole32.dll 0x7feff9d0000 0x7feffbd2fff Memory Mapped File rwx False False False -
apisetschema.dll 0x7feffbf0000 0x7feffbf0fff Memory Mapped File rwx False False False -
pagefile_0x000007fffffb0000 0x7fffffb0000 0x7fffffd2fff Pagefile Backed Memory r True False False -
private_0x000007fffffd5000 0x7fffffd5000 0x7fffffd5fff Private Memory rw True False False -
private_0x000007fffffdc000 0x7fffffdc000 0x7fffffddfff Private Memory rw True False False -
private_0x000007fffffde000 0x7fffffde000 0x7fffffdffff Private Memory rw True False False -
Process #46: System
0 0
»
Information Value
ID #46
File Name System
Command Line -
Initial Working Directory -
Monitor Start Time: 00:02:15, Reason: Kernel Analysis
Unmonitor End Time: 00:02:29, Reason: Terminated by Timeout
Monitor Duration 00:00:14
Remark No high level activity detected in monitored regions
OS Process Information
»
Information Value
PID 0x4
Parent PID 0xffffffffffffffff (Unknown)
Is Created or Modified Executable False
Integrity Level System (Elevated)
Username NT AUTHORITY\SYSTEM
Enabled Privileges SeLockMemoryPrivilege, SeTcbPrivilege, SeSystemProfilePrivilege, SeProfileSingleProcessPrivilege, SeIncreaseBasePriorityPrivilege, SeCreatePagefilePrivilege, SeCreatePermanentPrivilege, SeDebugPrivilege, SeAuditPrivilege, SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege, SeIncreaseWorkingSetPrivilege, SeTimeZonePrivilege, SeCreateSymbolicLinkPrivilege
Thread IDs
0x 8
0x 14
0x 2C
0x 50
0x 5C
0x 6C
0x 44
0x A0
0x A4
0x 40
0x 9C
0x 78
0x 64
0x 3C
0x B4
0x 28
0x B8
0x C8
0x C0
0x 24
0x 20
0x 30
0x CC
0x D0
Region
»
Name Start VA End VA Type Permissions Monitored Dumped YARA Actions
pagefile_0x0000000000010000 0x00010000 0x00032fff Pagefile Backed Memory rw True False False -
private_0x000000007ffe0000 0x7ffe0000 0x7ffeffff Private Memory r True False False -
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image