4.0
中危
48 个模型检测该样本为恶意!
重新分析
更多

623991450eacff4f505bf3f5a3db65377fcd3727bc8fd2aafe7c113cb032bb03

264db3ef8471d20c99d2cf3467d25a26.exe

分析耗时

80s

最近分析

文件大小

661.4KB
静态报毒 动态报毒 AGENSLA AI SCORE=100 EIQK ELDORADO FCTC GDSDA GENKRYPTIK GUGBJDGHOMO HIGH CONFIDENCE HNAHWM JWSOR KRYPTIK MALWARE@#2QYUZX23I1W2T MULDROP11 OCCAMY PM1@ASJJVCFG PWSX R06EC0PI220 RAZY REMCOS SCORE TROJANPSW TSCOPE UNSAFE WACATAC ZEMSILF 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee PWS-FCTC!264DB3EF8471 20210107 6.0.6.653
Alibaba TrojanPSW:MSIL/Agensla.9454213a 20190527 0.3.0.5
Avast Win32:PWSX-gen [Trj] 20210107 21.1.5827.0
Baidu 20190318 1.0.0.2
Kingsoft 20210107 2017.9.26.565
CrowdStrike 20190702 1.0
静态指标
Checks if process is being debugged by a debugger (2 个事件)
Time & API Arguments Status Return Repeated
1619269224.030008
IsDebuggerPresent
failed 0 0
1619269224.030008
IsDebuggerPresent
failed 0 0
This executable is signed
Checks amount of memory in system, this can be used to detect virtual machines that have a low amount of memory available (1 个事件)
Time & API Arguments Status Return Repeated
1619269224.092008
GlobalMemoryStatusEx
success 1 0
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (50 out of 53 个事件)
Time & API Arguments Status Return Repeated
1619269223.155008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 1245184
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 8192 (MEM_RESERVE)
base_address: 0x004a0000
success 0 0
1619269223.155008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00590000
success 0 0
1619269223.530008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 1507328
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 8192 (MEM_RESERVE)
base_address: 0x021a0000
success 0 0
1619269223.530008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x022d0000
success 0 0
1619269223.702008
NtProtectVirtualMemory
process_identifier: 2268
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
base_address: 0x73e71000
success 0 0
1619269224.030008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 262144
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 8192 (MEM_RESERVE)
base_address: 0x004c0000
success 0 0
1619269224.030008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x004c0000
success 0 0
1619269224.030008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x003ea000
success 0 0
1619269224.045008
NtProtectVirtualMemory
process_identifier: 2268
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 8192
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
base_address: 0x73e72000
success 0 0
1619269224.045008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x003e2000
success 0 0
1619269224.483008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x003f2000
success 0 0
1619269224.717008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00415000
success 0 0
1619269224.733008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x0041b000
success 0 0
1619269224.733008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00417000
success 0 0
1619269224.983008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x003f3000
success 0 0
1619269225.045008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x003fc000
success 0 0
1619269225.124008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x006f0000
success 0 0
1619269225.139008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x003f4000
success 0 0
1619269225.170008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x006f1000
success 0 0
1619269225.499008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 8192
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x003f5000
success 0 0
1619269225.577008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x003f7000
success 0 0
1619269225.592008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x003ec000
success 0 0
1619269225.608008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x003f8000
success 0 0
1619269225.624008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x006f2000
success 0 0
1619269225.874008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x003f9000
success 0 0
1619269225.905008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x006f3000
success 0 0
1619269225.936008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00406000
success 0 0
1619269225.952008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x0040a000
success 0 0
1619269225.952008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00407000
success 0 0
1619269225.967008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00720000
success 0 0
1619269225.967008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00721000
success 0 0
1619269225.999008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x006f4000
success 0 0
1619269226.639008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x006f5000
success 0 0
1619269227.733008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00722000
success 0 0
1619269230.389008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 12288
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x006f6000
success 0 0
1619269230.420008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x004c1000
success 0 0
1619269230.420008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x004c2000
success 0 0
1619269230.420008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x004c3000
success 0 0
1619269230.420008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 8192
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x004c4000
success 0 0
1619269230.420008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 8192
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x004c6000
success 0 0
1619269230.436008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 12288
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x004c8000
success 0 0
1619269230.436008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x004cb000
success 0 0
1619269230.436008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x003e3000
success 0 0
1619269230.717008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x006f9000
success 0 0
1619269230.764008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x022d1000
success 0 0
1619269234.092008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 8192
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x006fa000
success 0 0
1619269242.124008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00723000
success 0 0
1619269242.139008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x006fc000
success 0 0
1619269242.139008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00724000
success 0 0
1619269242.186008
NtAllocateVirtualMemory
process_identifier: 2268
region_size: 16384
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x004cc000
success 0 0
Foreign language identified in PE resource (2 个事件)
name RT_VERSION language LANG_ARABIC offset 0x000a60a0 filetype data sublanguage SUBLANG_NEUTRAL size 0x00000584
name RT_MANIFEST language LANG_ARABIC offset 0x000a6624 filetype ASCII text, with very long lines, with no line terminators sublanguage SUBLANG_NEUTRAL size 0x000002b0
Drops an executable to the user AppData folder (1 个事件)
file C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\264db3ef8471d20c99d2cf3467d25a26.exe
Checks for the Locally Unique Identifier on the system for a suspicious privilege (1 个事件)
Time & API Arguments Status Return Repeated
1619269225.670008
LookupPrivilegeValueW
system_name:
privilege_name: SeDebugPrivilege
success 1 0
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
File has been identified by 48 AntiVirus engines on VirusTotal as malicious (48 个事件)
Elastic malicious (high confidence)
DrWeb Trojan.MulDrop11.62517
MicroWorld-eScan Gen:Variant.Razy.648156
FireEye Generic.mg.264db3ef8471d20c
McAfee PWS-FCTC!264DB3EF8471
Cylance Unsafe
Sangfor Malware
K7AntiVirus Trojan ( 00564cad1 )
Alibaba TrojanPSW:MSIL/Agensla.9454213a
K7GW Trojan ( 00564cad1 )
Cybereason malicious.f8471d
Arcabit Trojan.Razy.D9E3DC
BitDefenderTheta Gen:NN.ZemsilF.34742.Pm1@aSJJvCfG
Cyren W32/MSIL_Agent.BGY.gen!Eldorado
Symantec Trojan.Gen.2
ESET-NOD32 a variant of MSIL/Kryptik.VNJ
TrendMicro-HouseCall TROJ_GEN.R06EC0PI220
Paloalto generic.ml
Kaspersky HEUR:Trojan-PSW.MSIL.Agensla.gen
BitDefender Gen:Variant.Razy.648156
NANO-Antivirus Trojan.Win32.Agensla.hnahwm
AegisLab Trojan.Multi.Generic.4!c
Avast Win32:PWSX-gen [Trj]
Ad-Aware Gen:Variant.Razy.648156
Sophos Mal/Generic-S
Comodo Malware@#2qyuzx23i1w2t
F-Secure Trojan.TR/Kryptik.jwsor
VIPRE Trojan.Win32.Generic!BT
TrendMicro TROJ_GEN.R06EC0PI220
McAfee-GW-Edition PWS-FCTC!264DB3EF8471
Emsisoft Gen:Variant.Razy.648156 (B)
Avira TR/Kryptik.jwsor
MAX malware (ai score=100)
Antiy-AVL Trojan/Win32.Wacatac
Microsoft Trojan:Win32/Occamy.C62
ZoneAlarm HEUR:Trojan-PSW.MSIL.Agensla.gen
GData Gen:Variant.Razy.648156
Cynet Malicious (score: 100)
VBA32 TScope.Trojan.MSIL
ALYac Gen:Variant.Razy.648156
Malwarebytes Backdoor.Remcos
APEX Malicious
Yandex Trojan.GenKryptik!GUgbjdghOMo
Ikarus Trojan.Inject
Fortinet MSIL/GenKryptik.EIQK!tr
AVG Win32:PWSX-gen [Trj]
Panda Trj/GdSda.A
Qihoo-360 Generic/Trojan.PSW.374
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2019-07-15 07:05:21

Imports

Library mscoree.dll:
0x402000 _CorExeMain

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 49235 114.114.114.114 53
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 55368 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 50535 239.255.255.250 3702
192.168.56.101 50537 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58707 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.