6.6
高危
53 个模型检测该样本为恶意!
重新分析
更多

090c4ff20568f647c80d5ae386bf5aedd9d8b066066a465b5300f8bd42ff1282

2e8bb560fac1a5db7b525d83d5a2c95b.exe

分析耗时

95s

最近分析

文件大小

624.3KB
静态报毒 动态报毒 AI SCORE=88 AIDETECTVM ATTRIBUTE BSCOPE CLASSIC CONFIDENCE DELPHI DOWNLOADER34 DPIE FAREIT FXLV GDSDA GENCIRC GENKRYPTIK GRAFTOR HFFL HIGH CONFIDENCE HIGHCONFIDENCE HPHCHZ KRYPTIK MALWARE2 MALWARE@#3957NDRVL9NWE MZYSF NKY@AO5FMDGI SCORE STATIC AI SUSPICIOUS PE TOYK UNSAFE WACATAC YMACCO ZELPHIF 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Fareit-FVP!2E8BB560FAC1 20201228 6.0.6.653
Alibaba TrojanDownloader:Win32/Ymacco.a052f50b 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast Win32:Malware-gen 20201228 21.1.5827.0
Tencent Malware.Win32.Gencirc.11ab59b2 20201228 1.0.0.1
Kingsoft 20201228 2017.9.26.565
CrowdStrike win/malicious_confidence_80% (W) 20190702 1.0
静态指标
This executable is signed
The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 个事件)
section .itext
The executable uses a known packer (1 个事件)
packer BobSoft Mini Delphi -> BoB / BobSoft
One or more processes crashed (1 个事件)
Time & API Arguments Status Return Repeated
1619359964.717249
__exception__
stacktrace: 
0x353091a
DriverCallback+0x4e waveOutOpen-0xa2e winmm+0x3af0 @ 0x74693af0
timeEndPeriod+0x54a timeKillEvent-0x57 winmm+0xa535 @ 0x7469a535
timeEndPeriod+0x449 timeKillEvent-0x158 winmm+0xa434 @ 0x7469a434
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 58784796
registers.edi: 58784840
registers.eax: 0
registers.ebp: 58785392
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 7798784
exception.instruction_r: 8b 40 3c 99 03 04 24 13 54 24 04 83 c4 08 89 44
exception.instruction: mov eax, dword ptr [eax + 0x3c]
exception.exception_code: 0xc0000005
exception.symbol:
exception.address: 0x351d364
success 0 0
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1619359897.811249
NtAllocateVirtualMemory
process_identifier: 1948
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x005c0000
success 0 0
Downloads a file or document from Google Drive (1 个事件)
domain drive.google.com
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1619359940.951249
GetAdaptersAddresses
flags: 0
family: 0
failed 111 0
网络通信
Disables proxy possibly for traffic interception (1 个事件)
Time & API Arguments Status Return Repeated
1619359940.686249
RegSetValueExA
key_handle: 0x000002e0
value: 0
regkey_r: ProxyEnable
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
success 0 0
Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)
Time & API Arguments Status Return Repeated
1619359943.514249
RegSetValueExA
key_handle: 0x000003d4
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1619359943.514249
RegSetValueExA
key_handle: 0x000003d4
value: €Eî Ï9×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1619359943.514249
RegSetValueExA
key_handle: 0x000003d4
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1619359943.514249
RegSetValueExW
key_handle: 0x000003d4
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1619359943.514249
RegSetValueExA
key_handle: 0x000003f0
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1619359943.514249
RegSetValueExA
key_handle: 0x000003f0
value: €Eî Ï9×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1619359943.514249
RegSetValueExA
key_handle: 0x000003f0
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
1619359943.561249
RegSetValueExW
key_handle: 0x000003d0
value: {40112ABE-63B3-43C3-BE93-1440EE3AF106}
regkey_r: WpadLastNetwork
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
success 0 0
Network activity contains more than one unique useragent (2 个事件)
process 2e8bb560fac1a5db7b525d83d5a2c95b.exe useragent Internal
process 2e8bb560fac1a5db7b525d83d5a2c95b.exe useragent m
File has been identified by 53 AntiVirus engines on VirusTotal as malicious (50 out of 53 个事件)
Bkav W32.AIDetectVM.malware2
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Graftor.806677
FireEye Gen:Variant.Graftor.806677
McAfee Fareit-FVP!2E8BB560FAC1
Cylance Unsafe
Sangfor Malware
K7AntiVirus Trojan ( 0056b6b21 )
Alibaba TrojanDownloader:Win32/Ymacco.a052f50b
K7GW Trojan ( 0056b6b21 )
Cybereason malicious.0fac1a
Arcabit Trojan.Graftor.DC4F15
Cyren W32/Trojan.TOYK-8068
Symantec ML.Attribute.HighConfidence
APEX Malicious
Avast Win32:Malware-gen
Kaspersky HEUR:Trojan-Downloader.Win32.Agent.gen
BitDefender Gen:Variant.Graftor.806677
NANO-Antivirus Trojan.Win32.Delphi.hphchz
Paloalto generic.ml
AegisLab Trojan.Win32.Agent.a!c
Tencent Malware.Win32.Gencirc.11ab59b2
Ad-Aware Gen:Variant.Graftor.806677
Sophos Mal/Generic-S
Comodo Malware@#3957ndrvl9nwe
F-Secure Trojan.TR/Dldr.Delphi.mzysf
DrWeb Trojan.DownLoader34.11621
VIPRE Trojan.Win32.Generic!BT
McAfee-GW-Edition Fareit-FVP!2E8BB560FAC1
Emsisoft Gen:Variant.Graftor.806677 (B)
SentinelOne Static AI - Suspicious PE
Jiangmin TrojanDownloader.Agent.fxlv
Avira TR/Dldr.Delphi.mzysf
Antiy-AVL Trojan[Downloader]/Win32.Agent
Gridinsoft Trojan.Win32.Agent.oa
Microsoft Trojan:Win32/Ymacco.AA09
ZoneAlarm HEUR:Trojan-Downloader.Win32.Agent.gen
GData Gen:Variant.Graftor.806677
Cynet Malicious (score: 100)
BitDefenderTheta Gen:NN.ZelphiF.34700.NKY@aO5fMdgi
ALYac Gen:Variant.Graftor.806677
MAX malware (ai score=88)
VBA32 BScope.Trojan.Wacatac
Malwarebytes Trojan.MalPack.SMY.Generic
ESET-NOD32 a variant of Win32/Kryptik.HFFL
Rising Trojan.Kryptik!1.C9BE (CLASSIC)
Ikarus Trojan.Inject
eGambit Unsafe.AI_Score_99%
Fortinet W32/GenKryptik.DPIE!tr
AVG Win32:Malware-gen
Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (3 个事件)
dead_host 172.217.24.14:443
dead_host 172.217.160.78:443
dead_host 202.160.128.203:443
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

1992-06-20 06:22:17

Imports

Library oleaut32.dll:
0x48c708 SysFreeString
0x48c70c SysReAllocStringLen
0x48c710 SysAllocStringLen
Library advapi32.dll:
0x48c718 RegQueryValueExA
0x48c71c RegOpenKeyExA
0x48c720 RegCloseKey
Library user32.dll:
0x48c728 GetKeyboardType
0x48c72c DestroyWindow
0x48c730 LoadStringA
0x48c734 MessageBoxA
0x48c738 CharNextA
Library kernel32.dll:
0x48c740 GetACP
0x48c744 Sleep
0x48c748 VirtualFree
0x48c74c VirtualAlloc
0x48c750 GetTickCount
0x48c758 GetCurrentThreadId
0x48c764 VirtualQuery
0x48c768 WideCharToMultiByte
0x48c76c MultiByteToWideChar
0x48c770 lstrlenA
0x48c774 lstrcpynA
0x48c778 LoadLibraryExA
0x48c77c GetThreadLocale
0x48c780 GetStartupInfoA
0x48c784 GetProcAddress
0x48c788 GetModuleHandleA
0x48c78c GetModuleFileNameA
0x48c790 GetLocaleInfoA
0x48c794 GetCommandLineA
0x48c798 FreeLibrary
0x48c79c FindFirstFileA
0x48c7a0 FindClose
0x48c7a4 ExitProcess
0x48c7a8 CompareStringA
0x48c7ac WriteFile
0x48c7b4 RtlUnwind
0x48c7b8 RaiseException
0x48c7bc GetStdHandle
Library kernel32.dll:
0x48c7c4 TlsSetValue
0x48c7c8 TlsGetValue
0x48c7cc LocalAlloc
0x48c7d0 GetModuleHandleA
Library user32.dll:
0x48c7d8 CreateWindowExA
0x48c7dc WindowFromPoint
0x48c7e0 WaitMessage
0x48c7e4 UpdateWindow
0x48c7e8 UnregisterClassA
0x48c7ec UnhookWindowsHookEx
0x48c7f0 TranslateMessage
0x48c7f8 TrackPopupMenu
0x48c800 ShowWindow
0x48c804 ShowScrollBar
0x48c808 ShowOwnedPopups
0x48c80c SetWindowsHookExA
0x48c810 SetWindowTextA
0x48c814 SetWindowPos
0x48c818 SetWindowPlacement
0x48c81c SetWindowLongW
0x48c820 SetWindowLongA
0x48c824 SetTimer
0x48c828 SetScrollRange
0x48c82c SetScrollPos
0x48c830 SetScrollInfo
0x48c834 SetRect
0x48c838 SetPropA
0x48c83c SetParent
0x48c840 SetMenuItemInfoA
0x48c844 SetMenu
0x48c848 SetForegroundWindow
0x48c84c SetFocus
0x48c850 SetCursor
0x48c854 SetClassLongA
0x48c858 SetCapture
0x48c85c SetActiveWindow
0x48c860 SendMessageW
0x48c864 SendMessageA
0x48c868 ScrollWindow
0x48c86c ScreenToClient
0x48c870 RemovePropA
0x48c874 RemoveMenu
0x48c878 ReleaseDC
0x48c87c ReleaseCapture
0x48c888 RegisterClassA
0x48c88c RedrawWindow
0x48c890 PtInRect
0x48c894 PostQuitMessage
0x48c898 PostMessageA
0x48c89c PeekMessageW
0x48c8a0 PeekMessageA
0x48c8a4 OffsetRect
0x48c8a8 OemToCharA
0x48c8b0 MessageBoxA
0x48c8b4 MapWindowPoints
0x48c8b8 MapVirtualKeyA
0x48c8bc LoadStringA
0x48c8c0 LoadKeyboardLayoutA
0x48c8c4 LoadIconA
0x48c8c8 LoadCursorA
0x48c8cc LoadBitmapA
0x48c8d0 KillTimer
0x48c8d4 IsZoomed
0x48c8d8 IsWindowVisible
0x48c8dc IsWindowUnicode
0x48c8e0 IsWindowEnabled
0x48c8e4 IsWindow
0x48c8e8 IsRectEmpty
0x48c8ec IsIconic
0x48c8f0 IsDialogMessageW
0x48c8f4 IsDialogMessageA
0x48c8f8 IsChild
0x48c8fc InvalidateRect
0x48c900 IntersectRect
0x48c904 InsertMenuItemA
0x48c908 InsertMenuA
0x48c90c InflateRect
0x48c914 GetWindowTextA
0x48c918 GetWindowRect
0x48c91c GetWindowPlacement
0x48c920 GetWindowLongW
0x48c924 GetWindowLongA
0x48c928 GetWindowDC
0x48c92c GetTopWindow
0x48c930 GetSystemMetrics
0x48c934 GetSystemMenu
0x48c938 GetSysColorBrush
0x48c93c GetSysColor
0x48c940 GetSubMenu
0x48c944 GetScrollRange
0x48c948 GetScrollPos
0x48c94c GetScrollInfo
0x48c950 GetPropA
0x48c954 GetParent
0x48c958 GetWindow
0x48c95c GetMessagePos
0x48c960 GetMenuStringA
0x48c964 GetMenuState
0x48c968 GetMenuItemInfoA
0x48c96c GetMenuItemID
0x48c970 GetMenuItemCount
0x48c974 GetMenu
0x48c978 GetLastActivePopup
0x48c97c GetKeyboardState
0x48c988 GetKeyboardLayout
0x48c98c GetKeyState
0x48c990 GetKeyNameTextA
0x48c994 GetIconInfo
0x48c998 GetForegroundWindow
0x48c99c GetFocus
0x48c9a0 GetDesktopWindow
0x48c9a4 GetDCEx
0x48c9a8 GetDC
0x48c9ac GetCursorPos
0x48c9b0 GetCursor
0x48c9b4 GetClientRect
0x48c9b8 GetClassLongA
0x48c9bc GetClassInfoA
0x48c9c0 GetCapture
0x48c9c4 GetActiveWindow
0x48c9c8 FrameRect
0x48c9cc FindWindowA
0x48c9d0 FillRect
0x48c9d4 EqualRect
0x48c9d8 EnumWindows
0x48c9dc EnumThreadWindows
0x48c9e0 EnumChildWindows
0x48c9e4 EndPaint
0x48c9e8 EnableWindow
0x48c9ec EnableScrollBar
0x48c9f0 EnableMenuItem
0x48c9f4 DrawTextA
0x48c9f8 DrawMenuBar
0x48c9fc DrawIconEx
0x48ca00 DrawIcon
0x48ca04 DrawFrameControl
0x48ca08 DrawFocusRect
0x48ca0c DrawEdge
0x48ca10 DispatchMessageW
0x48ca14 DispatchMessageA
0x48ca18 DestroyWindow
0x48ca1c DestroyMenu
0x48ca20 DestroyIcon
0x48ca24 DestroyCursor
0x48ca28 DeleteMenu
0x48ca2c DefWindowProcA
0x48ca30 DefMDIChildProcA
0x48ca34 DefFrameProcA
0x48ca38 CreatePopupMenu
0x48ca3c CreateMenu
0x48ca40 CreateIcon
0x48ca44 ClientToScreen
0x48ca48 CheckMenuItem
0x48ca4c CallWindowProcA
0x48ca50 CallNextHookEx
0x48ca54 BeginPaint
0x48ca58 CharNextA
0x48ca5c CharLowerA
0x48ca60 CharUpperBuffA
0x48ca64 CharToOemA
0x48ca68 AdjustWindowRectEx
Library gdi32.dll:
0x48ca74 UnrealizeObject
0x48ca78 StretchBlt
0x48ca7c SetWindowOrgEx
0x48ca80 SetViewportOrgEx
0x48ca84 SetTextColor
0x48ca88 SetStretchBltMode
0x48ca8c SetROP2
0x48ca90 SetPixel
0x48ca94 SetDIBColorTable
0x48ca98 SetBrushOrgEx
0x48ca9c SetBkMode
0x48caa0 SetBkColor
0x48caa4 SelectPalette
0x48caa8 SelectObject
0x48caac SaveDC
0x48cab0 RestoreDC
0x48cab4 RectVisible
0x48cab8 RealizePalette
0x48cabc Polyline
0x48cac0 PatBlt
0x48cac4 MoveToEx
0x48cac8 MaskBlt
0x48cacc LineTo
0x48cad0 IntersectClipRect
0x48cad4 GetWindowOrgEx
0x48cad8 GetTextMetricsA
0x48cae4 GetStockObject
0x48cae8 GetRgnBox
0x48caec GetPixel
0x48caf0 GetPaletteEntries
0x48caf4 GetObjectA
0x48caf8 GetDeviceCaps
0x48cafc GetDIBits
0x48cb00 GetDIBColorTable
0x48cb04 GetDCOrgEx
0x48cb0c GetClipBox
0x48cb10 GetBrushOrgEx
0x48cb14 GetBkColor
0x48cb18 GetBitmapBits
0x48cb1c ExcludeClipRect
0x48cb20 DeleteObject
0x48cb24 DeleteDC
0x48cb28 CreateSolidBrush
0x48cb2c CreatePenIndirect
0x48cb30 CreatePalette
0x48cb38 CreateFontIndirectA
0x48cb3c CreateDIBitmap
0x48cb40 CreateDIBSection
0x48cb44 CreateCompatibleDC
0x48cb4c CreateBrushIndirect
0x48cb50 CreateBitmap
0x48cb54 BitBlt
Library version.dll:
0x48cb5c VerQueryValueA
0x48cb64 GetFileVersionInfoA
Library kernel32.dll:
0x48cb6c lstrcpyA
0x48cb70 WriteFile
0x48cb74 WaitForSingleObject
0x48cb78 VirtualQuery
0x48cb7c VirtualProtect
0x48cb80 VirtualAlloc
0x48cb84 SizeofResource
0x48cb88 SetThreadLocale
0x48cb8c SetFilePointer
0x48cb90 SetEvent
0x48cb94 SetErrorMode
0x48cb98 SetEndOfFile
0x48cb9c ResetEvent
0x48cba0 ReadFile
0x48cba4 MulDiv
0x48cba8 LockResource
0x48cbac LoadResource
0x48cbb0 LoadLibraryA
0x48cbbc GlobalFindAtomA
0x48cbc0 GlobalDeleteAtom
0x48cbc4 GlobalAddAtomA
0x48cbc8 GetVersionExA
0x48cbcc GetVersion
0x48cbd0 GetTickCount
0x48cbd4 GetThreadLocale
0x48cbd8 GetStdHandle
0x48cbdc GetProcAddress
0x48cbe0 GetModuleHandleA
0x48cbe4 GetModuleFileNameA
0x48cbe8 GetLocaleInfoA
0x48cbec GetLocalTime
0x48cbf0 GetLastError
0x48cbf4 GetFullPathNameA
0x48cbf8 GetDiskFreeSpaceA
0x48cbfc GetDateFormatA
0x48cc00 GetCurrentThreadId
0x48cc04 GetCurrentProcessId
0x48cc08 GetCPInfo
0x48cc0c FreeResource
0x48cc10 InterlockedExchange
0x48cc14 FreeLibrary
0x48cc18 FormatMessageA
0x48cc1c FindResourceA
0x48cc20 EnumCalendarInfoA
0x48cc2c CreateThread
0x48cc30 CreateFileA
0x48cc34 CreateEventA
0x48cc38 CompareStringA
0x48cc3c CloseHandle
Library advapi32.dll:
0x48cc44 RegQueryValueExA
0x48cc48 RegOpenKeyExA
0x48cc4c RegFlushKey
0x48cc50 RegCloseKey
Library kernel32.dll:
0x48cc58 Sleep
Library oleaut32.dll:
0x48cc60 SafeArrayPtrOfIndex
0x48cc64 SafeArrayGetUBound
0x48cc68 SafeArrayGetLBound
0x48cc6c SafeArrayCreate
0x48cc70 VariantChangeType
0x48cc74 VariantCopyInd
0x48cc78 VariantCopy
0x48cc7c VariantClear
0x48cc80 VariantInit
Library comctl32.dll:
0x48cc88 _TrackMouseEvent
0x48cc94 ImageList_Write
0x48cc98 ImageList_Read
0x48cca0 ImageList_DragMove
0x48cca4 ImageList_DragLeave
0x48cca8 ImageList_DragEnter
0x48ccac ImageList_EndDrag
0x48ccb0 ImageList_BeginDrag
0x48ccb4 ImageList_Remove
0x48ccb8 ImageList_DrawEx
0x48ccbc ImageList_Draw
0x48ccc8 ImageList_Add
0x48ccd0 ImageList_Destroy
0x48ccd4 ImageList_Create
Library url.dll:
0x48ccdc InetIsOffline

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 49235 114.114.114.114 53
192.168.56.101 51963 114.114.114.114 53
192.168.56.101 53657 114.114.114.114 53
192.168.56.101 55368 114.114.114.114 53
192.168.56.101 57236 114.114.114.114 53
192.168.56.101 60215 114.114.114.114 53
192.168.56.101 60221 114.114.114.114 53
192.168.56.101 62912 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 50002 224.0.0.252 5355
192.168.56.101 50534 224.0.0.252 5355
192.168.56.101 51808 224.0.0.252 5355
192.168.56.101 53210 224.0.0.252 5355
192.168.56.101 56539 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 57756 224.0.0.252 5355
192.168.56.101 57874 224.0.0.252 5355
192.168.56.101 58970 224.0.0.252 5355

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.