3.8
中危
该样本未表现出任何异常!
重新分析
更多

2c120b0ef76555988f0fb1e8ae867cd8f979702ad57971b1bd167c37e1635943

52ffc0248b670364811ae0bd042055df.exe

分析耗时

117s

最近分析

文件大小

1.4MB
静态报毒 动态报毒
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
未检测 暂无反病毒引擎检测结果
静态指标
The file contains an unknown PE resource name possibly indicative of a packer (4 个事件)
resource name MID
resource name PNG
resource name REMOTE
resource name WAVE
行为判定
动态指标
Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation (1 个事件)
Time & API Arguments Status Return Repeated
1620758155.0615
GetDiskFreeSpaceW
root_path: C:\
sectors_per_cluster: 8
number_of_free_clusters: 4787597
total_number_of_clusters: 8362495
bytes_per_sector: 512
success 1 0
Foreign language identified in PE resource (39 个事件)
name MID language LANG_CHINESE offset 0x00125278 filetype Standard MIDI data (format 1) using 10 tracks at 1/384 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00007ebd
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name PNG language LANG_CHINESE offset 0x0011e298 filetype PNG image data, 170 x 21, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00001906
name REMOTE language LANG_CHINESE offset 0x0012d5b8 filetype PE32+ executable (DLL) (GUI) x86-64, for MS Windows sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00048600
name REMOTE language LANG_CHINESE offset 0x0012d5b8 filetype PE32+ executable (DLL) (GUI) x86-64, for MS Windows sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00048600
name WAVE language LANG_CHINESE offset 0x001225a8 filetype RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 11025 Hz sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002ccc
name WAVE language LANG_CHINESE offset 0x001225a8 filetype RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 11025 Hz sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002ccc
name RT_ICON language LANG_CHINESE offset 0x000d0bb8 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x000d0bb8 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x000d0bb8 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x000d0bb8 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x000d0bb8 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x000d0bb8 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x000d0bb8 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x000d0bb8 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x000d0bb8 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ACCELERATOR language LANG_CHINESE offset 0x000d1080 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000010
name RT_GROUP_ICON language LANG_CHINESE offset 0x000d1020 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000005a
name RT_GROUP_ICON language LANG_CHINESE offset 0x000d1020 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000005a
name RT_VERSION language LANG_CHINESE offset 0x0012d138 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000474
The binary likely contains encrypted or compressed data indicative of a packer (2 个事件)
entropy 7.394801098219694 section {'size_of_data': '0x000c1000', 'virtual_address': '0x000b5000', 'entropy': 7.394801098219694, 'name': '.rsrc', 'virtual_size': '0x000c0e48'} description A section with a high entropy has been found
entropy 0.5285861006504622 description Overall entropy of this PE file is high
Checks for the Locally Unique Identifier on the system for a suspicious privilege (1 个事件)
Time & API Arguments Status Return Repeated
1620758151.3435
LookupPrivilegeValueW
system_name:
privilege_name: SeDebugPrivilege
success 1 0
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config (1 个事件)
Time & API Arguments Status Return Repeated
1620758159.0775
RegSetValueExW
key_handle: 0x0000000000000244
value: ¸Pehcf 9@device:dmo:{2EEB4ADF-4578-4D10-BCA7-BB955F56320A}{57F2DB8B-E6BB-4513-9D43-DCD2A6593125}+@device:dmo:{5210F8E4-B0BB-47C3-A8D9-7B2282CC79ED}{57F2DB8B-E6BB-4513-9D43-DCD2A6593125}›q@device:dmo:{874131CB-4ECC-443B-8948-746B89595D20}{57F2DB8B-E6BB-4513-9D43-DCD2A6593125}@device:dmo:{BBEEA841-0A63-4F52-A7AB-A9B3A84ED38A}{57F2DB8B-E6BB-4513-9D43-DCD2A6593125}@device:dmo:{2A11BAE2-FE6E-4249-864B-9E9ED6E8DBC2}{4A69B442-28BE-4991-969C-B500ADF5D8A8}@device:dmo:{7BAFB3B1-D8F4-4279-9253-27DA423108DE}{4A69B442-28BE-4991-969C-B500ADF5D8A8}@device:dmo:{82D353DF-90BD-4382-8BC2-3F6192B76E34}{4A69B442-28BE-4991-969C-B500ADF5D8A8}@device:dmo:{CBA9E78B-49A3-49EA-93D4-6BCBA8C4DE07}{4A69B442-28BE-4991-969C-B500ADF5D8A8}@device:dmo:{F371728A-6052-4D47-827C-D039335DFE0A}{4A69B442-28BE-4991-969C-B500ADF5D8A8}@device:sw:{083863F1-70DE-11D0-BD40-00A0C911CE86}\{129D7E40-C10D-11D0-AFB9-00AA00B67A42}@device:sw:{083863F1-70DE-11D0-BD40-00A0C911CE86}\{1643E180-90F5-11CE-97D5-00AA0055595A}@device:sw:{083863F1-70DE-11D0-BD40-00A0C911CE86}\{187463A0-5BB7-11D3-ACBE-0080C75E246E}@device:sw:{083863F1-70DE-11D0-BD40-00A0C911CE86}\{1B544C20-FD0B-11CE-8C63-00AA0044B51E}@device:sw:{083863F1-70DE-11D0-BD40-00A0C911CE86}\{1DA08500-9EDC-11CF-BC10-00AA00AC74F6}@device:sw:{083863F1-70DE-11D0-BD40-00A0C911CE86}\{212690FB-83E5-4526-8FD7-74478B7939CD}@device:sw:{083863F1-70DE-11D0-BD40-00A0C911CE86}\{280A3020-86CF-11D1-ABE6-00A0C905F375}@device:sw:{083863F1-70DE-11D0-BD40-00A0C911CE86}\{2F7EE4B6-6FF5-4EB4-B24A-2BFC41117171}@device:sw:{083863F1-70DE-11D0-BD40-00A0C911CE86}\{301056D0-6DFF-11D2-9EEB-006008039E37}@device:sw:{083863F1-70DE-11D0-BD40-00A0C911CE86}\{336475D0-942A-11CE-A870-00AA002FEAB5}@device:sw:{083863F1-70DE-11D0-BD40-00A0C911CE86}\{33FACFE0-A9BE-11D0-A520-00A0D10129C0}@device:sw:{083863F1-70DE-11D0-BD40-00A0C911CE86}\{370A1D5D-DDEB-418C-81CD-189E0D4FA443}@device:sw:{083863F1-70DE-11D0-BD40-00A0C911CE86}\{3AE86B20-7BE8-11D1-ABE6-00A0C905F375}@device:sw:{083863F1-70DE-11D0-BD40-00A0C911CE86}\{4
regkey_r: 0
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache64\0
success 0 0
Generates some ICMP traffic
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2016-03-30 09:37:57

Imports

Library KERNEL32.dll:
0x14007c070 SizeofResource
0x14007c078 LockResource
0x14007c080 LoadResource
0x14007c088 FindResourceW
0x14007c090 FindResourceExW
0x14007c0a0 RaiseException
0x14007c0a8 DecodePointer
0x14007c0b0 DeleteCriticalSection
0x14007c0b8 GetModuleHandleW
0x14007c0c0 GlobalAlloc
0x14007c0c8 GlobalLock
0x14007c0d0 GlobalUnlock
0x14007c0d8 FreeResource
0x14007c0e0 CreateFileW
0x14007c0e8 CreateFileMappingW
0x14007c0f0 MapViewOfFile
0x14007c0f8 UnmapViewOfFile
0x14007c100 GetFileAttributesW
0x14007c108 ReadProcessMemory
0x14007c110 GetCurrentProcess
0x14007c118 LoadLibraryW
0x14007c120 GetProcAddress
0x14007c128 FreeLibrary
0x14007c130 WriteProcessMemory
0x14007c138 IsWow64Process
0x14007c140 GetNativeSystemInfo
0x14007c148 GetSystemInfo
0x14007c150 VirtualQueryEx
0x14007c158 VirtualAllocEx
0x14007c160 SetLastError
0x14007c168 VirtualFreeEx
0x14007c170 CreateRemoteThread
0x14007c178 WaitForSingleObject
0x14007c180 OpenProcess
0x14007c188 CreateToolhelp32Snapshot
0x14007c190 Process32FirstW
0x14007c198 Process32NextW
0x14007c1a0 Module32FirstW
0x14007c1a8 MultiByteToWideChar
0x14007c1b0 ResumeThread
0x14007c1b8 GetPrivateProfileStringW
0x14007c1c8 WriteConsoleW
0x14007c1d0 SetStdHandle
0x14007c1d8 FlushFileBuffers
0x14007c1e0 SetFilePointerEx
0x14007c1e8 GetConsoleMode
0x14007c1f0 GetConsoleCP
0x14007c1f8 UnregisterWaitEx
0x14007c200 QueryDepthSList
0x14007c208 InterlockedFlushSList
0x14007c218 InterlockedPopEntrySList
0x14007c220 InitializeSListHead
0x14007c228 ReleaseSemaphore
0x14007c230 VirtualProtect
0x14007c238 VirtualFree
0x14007c240 VirtualAlloc
0x14007c248 Sleep
0x14007c250 GetModuleHandleA
0x14007c258 FreeLibraryAndExitThread
0x14007c260 GetThreadTimes
0x14007c268 GetTimeZoneInformation
0x14007c270 FreeEnvironmentStringsW
0x14007c278 GetEnvironmentStringsW
0x14007c280 GetCurrentProcessId
0x14007c288 QueryPerformanceCounter
0x14007c290 GetModuleFileNameW
0x14007c298 GetFileType
0x14007c2a0 GetStdHandle
0x14007c2a8 GetOEMCP
0x14007c2b0 GetACP
0x14007c2b8 IsValidCodePage
0x14007c2c0 GetModuleHandleExW
0x14007c2c8 WriteFile
0x14007c2d0 GetLastError
0x14007c2d8 Module32NextW
0x14007c2e0 CloseHandle
0x14007c2e8 GetProcessHeap
0x14007c2f0 HeapAlloc
0x14007c2f8 HeapFree
0x14007c300 HeapReAlloc
0x14007c308 ExitProcess
0x14007c310 EnumSystemLocalesW
0x14007c318 GetUserDefaultLCID
0x14007c320 IsValidLocale
0x14007c328 GetLocaleInfoW
0x14007c330 LCMapStringW
0x14007c338 CompareStringW
0x14007c340 GetTimeFormatW
0x14007c348 GetDateFormatW
0x14007c350 UnregisterWait
0x14007c360 SetThreadAffinityMask
0x14007c368 GetProcessAffinityMask
0x14007c370 GetNumaHighestNodeNumber
0x14007c378 DeleteTimerQueueTimer
0x14007c380 ChangeTimerQueueTimer
0x14007c388 CreateTimerQueueTimer
0x14007c398 GetThreadPriority
0x14007c3a0 SetThreadPriority
0x14007c3a8 SwitchToThread
0x14007c3b0 SignalObjectAndWait
0x14007c3b8 WaitForSingleObjectEx
0x14007c3c0 SetEvent
0x14007c3c8 SetEnvironmentVariableA
0x14007c3d0 CreateTimerQueue
0x14007c3d8 LoadLibraryExW
0x14007c3e0 ExitThread
0x14007c3e8 CreateThread
0x14007c3f0 CreateSemaphoreW
0x14007c3f8 GetTickCount
0x14007c400 GetStartupInfoW
0x14007c408 TlsFree
0x14007c410 TlsSetValue
0x14007c418 TlsGetValue
0x14007c420 TlsAlloc
0x14007c428 TerminateProcess
0x14007c430 CreateEventW
0x14007c440 UnhandledExceptionFilter
0x14007c448 RtlVirtualUnwind
0x14007c450 RtlCaptureContext
0x14007c460 GetCPInfo
0x14007c468 HeapSize
0x14007c470 GetVersionExW
0x14007c478 HeapDestroy
0x14007c480 RtlUnwindEx
0x14007c488 RtlLookupFunctionEntry
0x14007c490 RtlPcToFileHeader
0x14007c498 GetCommandLineW
0x14007c4a0 CreateDirectoryW
0x14007c4a8 GetSystemTimeAsFileTime
0x14007c4b0 IsDebuggerPresent
0x14007c4b8 OutputDebugStringW
0x14007c4c0 EnterCriticalSection
0x14007c4c8 LeaveCriticalSection
0x14007c4d0 WideCharToMultiByte
0x14007c4d8 GetStringTypeW
0x14007c4e0 DuplicateHandle
0x14007c4e8 GetCurrentThread
0x14007c4f0 GetCurrentThreadId
0x14007c4f8 EncodePointer
Library USER32.dll:
0x14007c528 PostMessageW
0x14007c530 LoadCursorW
0x14007c538 CreateWindowExW
0x14007c540 SendMessageW
0x14007c548 MessageBoxW
0x14007c550 GetAsyncKeyState
0x14007c558 SystemParametersInfoW
0x14007c560 LoadIconW
0x14007c568 RegisterClassExW
0x14007c570 GetSystemMetrics
0x14007c578 SetWindowLongPtrW
0x14007c580 ShowWindow
0x14007c588 DispatchMessageW
0x14007c590 GetDC
0x14007c598 GetWindowRect
0x14007c5a0 UpdateLayeredWindow
0x14007c5a8 ReleaseDC
0x14007c5b0 GetWindowLongPtrW
0x14007c5b8 DefWindowProcW
0x14007c5c8 BeginPaint
0x14007c5d0 EndPaint
0x14007c5d8 PostQuitMessage
0x14007c5e0 SetTimer
0x14007c5e8 SetCursor
0x14007c5f0 KillTimer
0x14007c5f8 ReleaseCapture
0x14007c600 MoveWindow
0x14007c608 TranslateMessage
0x14007c610 UpdateWindow
0x14007c618 GetMessageW
0x14007c620 LoadAcceleratorsW
0x14007c628 TranslateAcceleratorW
Library GDI32.dll:
0x14007c038 DeleteDC
0x14007c040 SelectObject
0x14007c048 CreateDIBSection
0x14007c050 CreateCompatibleDC
0x14007c058 DeleteObject
0x14007c060 CreateFontIndirectW
Library ADVAPI32.dll:
0x14007c000 LookupPrivilegeValueW
0x14007c008 AdjustTokenPrivileges
0x14007c010 OpenProcessToken
Library SHELL32.dll:
0x14007c518 SHGetFolderPathW
Library ole32.dll:
0x14007c790 CreateStreamOnHGlobal
Library gdiplus.dll:
0x14007c670 GdipFree
0x14007c678 GdipCreateTexture
0x14007c680 GdipCreateTextureIAI
0x14007c688 GdipSetTextureWrapMode
0x14007c698 GdipFillRectangleI
0x14007c6a0 GdiplusStartup
0x14007c6a8 GdiplusShutdown
0x14007c6b8 GdipCloneImage
0x14007c6c0 GdipGetTextureImage
0x14007c6c8 GdipDeleteBrush
0x14007c6d8 GdipDeleteFontFamily
0x14007c6e8 GdipCreateSolidFill
0x14007c6f0 GdipCloneStringFormat
0x14007c700 GdipSetStringFormatFlags
0x14007c708 GdipDeleteFont
0x14007c710 GdipSetSolidFillColor
0x14007c718 GdipMeasureString
0x14007c720 GdipDrawString
0x14007c728 GdipCreateFromHDC
0x14007c730 GdipDeleteGraphics
0x14007c738 GdipSetStringFormatAlign
0x14007c740 GdipAlloc
0x14007c748 GdipGetImageHeight
0x14007c750 GdipCloneBrush
0x14007c768 GdipCreateFont
0x14007c770 GdipGetImageWidth
0x14007c780 GdipDisposeImage
Library WINMM.dll:
0x14007c658 PlaySoundW
0x14007c660 mciSendStringW
Library COMCTL32.dll:
0x14007c020 InitCommonControlsEx
0x14007c028 _TrackMouseEvent
Library VERSION.dll:
0x14007c638 GetFileVersionInfoW
0x14007c640 GetFileVersionInfoSizeW
0x14007c648 VerQueryValueW
Library PSAPI.DLL:
0x14007c508 GetProcessMemoryInfo

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 50002 114.114.114.114 53
192.168.56.101 51808 114.114.114.114 53
192.168.56.101 57756 114.114.114.114 53
192.168.56.101 58367 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 50534 224.0.0.252 5355
192.168.56.101 51378 224.0.0.252 5355
192.168.56.101 51963 224.0.0.252 5355
192.168.56.101 53237 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 63429 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 50003 239.255.255.250 3702
192.168.56.101 58368 239.255.255.250 3702
192.168.56.101 58707 239.255.255.250 3702
192.168.56.101 62319 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.