7.0
高危
57 个模型检测该样本为恶意!
重新分析
更多

7414614347da8d3c46404d6c7599740c83d697742e09edf9cc7a848b14701164

5f3a3af93f5ff773d7d391cd7493eb10.exe

分析耗时

87s

最近分析

文件大小

624.0KB
静态报毒 动态报毒 AI SCORE=85 AIDETECTVM BSCOPE CLASSIC CONFIDENCE CRYPTERX DOWNLOADER34 EBWKRLLEEHG ELDORADO EMOTET GENCIRC GENERICKD GENETIC GRAYWARE HIGH CONFIDENCE HVCHZG KCLOUD MALWARE1 MALWARE@#1TYEFMH3PEPIA NU0@ACJH2BLI QVM09 R + TROJ R057C0DIH20 R351170 SBEUJ SCORE UNSAFE ZEXAF 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Emotet-FSF!5F3A3AF93F5F 20201119 6.0.6.653
Baidu 20190318 1.0.0.2
Alibaba Trojan:Win32/Emotet.73ef52ec 20190527 0.3.0.5
Kingsoft Win32.Troj.Banker.(kcloud) 20201119 2017.9.26.565
Tencent Malware.Win32.Gencirc.10ce0267 20201119 1.0.0.1
Avast 20201120 20.10.5736.0
CrowdStrike win/malicious_confidence_60% (W) 20190702 1.0
静态指标
Queries for the computername (1 个事件)
Time & API Arguments Status Return Repeated
1620960355.452625
GetComputerNameA
computer_name: OSKAR-PC
success 1 0
Uses Windows APIs to generate a cryptographic key (3 个事件)
Time & API Arguments Status Return Repeated
1620960343.077625
CryptGenKey
crypto_handle: 0x002a43d8
algorithm_identifier: 0x0000660e ()
provider_handle: 0x002a3c20
flags: 1
key: f®8+í] 3Uå»áÖ»Uú
success 1 0
1620960355.499625
CryptExportKey
crypto_handle: 0x002a43d8
crypto_export_handle: 0x002a4398
buffer: f¤ |$€Fkcñ¸pwÑ¢îšmWù©`¯{qøé¥_ ™F‹tÚ;Ü>@HV‚¬ø@$é¤âÿn'zœoöüãÖáÓÏÛ¡ßçÇ;® K—Ã^9+=V'Vyæ},I>Ù®*âv
blob_type: 1
flags: 64
success 1 0
1620960392.311625
CryptExportKey
crypto_handle: 0x002a43d8
crypto_export_handle: 0x002a4398
buffer: f¤ÂNktL@ñ=ÏÝ 6 J¥HnJ®„ë·…u ìA´Oh—“ 0޺ز'^Þ£èÚMË­ž bgëk„þ\%Z¿Ö„W.¥V]R×H‹”E K²~*ؑ—¥ïêŽ
blob_type: 1
flags: 64
success 1 0
The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 个事件)
section Shared
The file contains an unknown PE resource name possibly indicative of a packer (1 个事件)
resource name None
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1620960342.436625
NtAllocateVirtualMemory
process_identifier: 2240
region_size: 61440
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x005b0000
success 0 0
Searches running processes potentially to identify processes for sandbox evasion, code injection or memory dumping (1 个事件)
Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) (1 个事件)
Time & API Arguments Status Return Repeated
1620960342.467625
NtProtectVirtualMemory
process_identifier: 2240
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
length: 45056
protection: 32 (PAGE_EXECUTE_READ)
process_handle: 0xffffffff
base_address: 0x01d91000
success 0 0
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1620960356.733625
GetAdaptersAddresses
flags: 0
family: 0
failed 111 0
Expresses interest in specific running processes (1 个事件)
process 5f3a3af93f5ff773d7d391cd7493eb10.exe
Reads the systems User Agent and subsequently performs requests (1 个事件)
Time & API Arguments Status Return Repeated
1620960355.842625
InternetOpenW
proxy_bypass:
access_type: 0
proxy_name:
flags: 0
user_agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
success 13369348 0
网络通信
Communicates with host for which no DNS query was performed (4 个事件)
host 104.156.59.7
host 104.32.141.43
host 172.217.24.14
host 58.63.233.66
Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)
Time & API Arguments Status Return Repeated
1620960359.311625
RegSetValueExA
key_handle: 0x000003b8
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1620960359.311625
RegSetValueExA
key_handle: 0x000003b8
value: ÙӁZH×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1620960359.311625
RegSetValueExA
key_handle: 0x000003b8
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1620960359.311625
RegSetValueExW
key_handle: 0x000003b8
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1620960359.311625
RegSetValueExA
key_handle: 0x000003d0
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1620960359.311625
RegSetValueExA
key_handle: 0x000003d0
value: ÙӁZH×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1620960359.327625
RegSetValueExA
key_handle: 0x000003d0
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
1620960359.389625
RegSetValueExW
key_handle: 0x000003b4
value: {40112ABE-63B3-43C3-BE93-1440EE3AF106}
regkey_r: WpadLastNetwork
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
success 0 0
File has been identified by 57 AntiVirus engines on VirusTotal as malicious (50 out of 57 个事件)
Bkav W32.AIDetectVM.malware1
Elastic malicious (high confidence)
FireEye Generic.mg.5f3a3af93f5ff773
Qihoo-360 Generic/HEUR/QVM09.0.ED87.Malware.Gen
McAfee Emotet-FSF!5F3A3AF93F5F
Cylance Unsafe
VIPRE Trojan.Win32.Generic!BT
AegisLab Trojan.Win32.Emotet.L!c
K7AntiVirus Trojan ( 0056e48a1 )
BitDefender Trojan.GenericKD.43947542
K7GW Trojan ( 0056e48a1 )
Invincea Mal/Generic-R + Troj/Emotet-CNG
Cyren W32/Emotet.ASL.gen!Eldorado
Symantec Packed.Generic.554
APEX Malicious
Paloalto generic.ml
Cynet Malicious (score: 90)
Kaspersky HEUR:Trojan-Banker.Win32.Emotet.pef
Alibaba Trojan:Win32/Emotet.73ef52ec
NANO-Antivirus Trojan.Win32.Emotet.hvchzg
MicroWorld-eScan Trojan.GenericKD.43947542
Rising Trojan.Emotet!1.CC60 (CLASSIC)
Ad-Aware Trojan.GenericKD.43947542
Sophos Troj/Emotet-CNG
Comodo Malware@#1tyefmh3pepia
F-Secure Trojan.TR/AD.Emotet.sbeuj
DrWeb Trojan.DownLoader34.42138
Zillya Trojan.Emotet.Win32.29287
TrendMicro TROJ_GEN.R057C0DIH20
McAfee-GW-Edition BehavesLike.Win32.Emotet.jm
Emsisoft Trojan.Emotet (A)
GData Trojan.GenericKD.43947542
Jiangmin Trojan.Banker.Emotet.okb
Webroot W32.Trojan.Gen
Avira TR/AD.Emotet.sbeuj
MAX malware (ai score=85)
Antiy-AVL GrayWare/Win32.Emotet.cd
Kingsoft Win32.Troj.Banker.(kcloud)
Gridinsoft Trojan.Win32.Emotet.oa
Arcabit Trojan.Generic.D29E9616
ZoneAlarm HEUR:Trojan-Banker.Win32.Emotet.pef
Microsoft Trojan:Win32/Emotet.ARJ!MTB
AhnLab-V3 Trojan/Win32.Emotet.R351170
BitDefenderTheta Gen:NN.ZexaF.34634.Nu0@aCjh2bli
ALYac Trojan.Agent.Emotet
TACHYON Banker/W32.Emotet.638976.B
VBA32 BScope.Trojan.Downloader
Malwarebytes Trojan.MalPack.TRE
Panda Trj/Genetic.gen
ESET-NOD32 Win32/Emotet.CD
Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (2 个事件)
dead_host 104.156.59.7:8080
dead_host 104.32.141.43:80
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-09-15 00:27:08

Imports

Library MPR.dll:
0x44838c WNetAddConnection2A
Library KERNEL32.dll:
0x448120 WaitNamedPipeA
0x448124 CreateFileA
0x448128 FreeConsole
0x448130 MulDiv
0x448134 GlobalUnlock
0x448138 GlobalLock
0x44813c GlobalAlloc
0x448140 GlobalFree
0x448144 FreeResource
0x448148 GetVersionExA
0x44814c lstrcmpW
0x448150 FreeLibrary
0x448154 GlobalDeleteAtom
0x448158 GlobalFindAtomA
0x44815c GlobalAddAtomA
0x448160 GlobalGetAtomNameA
0x448164 GetCurrentThreadId
0x448168 GetModuleFileNameW
0x448170 GetModuleFileNameA
0x448174 SetThreadPriority
0x448178 WaitForSingleObject
0x44817c SetEvent
0x448184 CreateEventA
0x448188 lstrcmpA
0x44818c GetLocaleInfoA
0x448198 GetCurrentThread
0x4481a8 GetFileAttributesA
0x4481ac SetFileTime
0x4481b0 GetFileTime
0x4481b4 GetTempFileNameA
0x4481b8 GetFullPathNameA
0x4481bc GetDiskFreeSpaceA
0x4481c0 LocalAlloc
0x4481c4 TlsGetValue
0x4481c8 GlobalReAlloc
0x4481cc GlobalHandle
0x4481d0 TlsAlloc
0x4481d4 TlsSetValue
0x4481d8 LocalReAlloc
0x4481e0 TlsFree
0x4481e4 GlobalFlags
0x4481e8 GetCPInfo
0x4481ec GetOEMCP
0x4481f0 GetThreadLocale
0x448200 MoveFileA
0x448204 DeleteFileA
0x448208 SetFilePointer
0x44820c FlushFileBuffers
0x448210 LockFile
0x448214 UnlockFile
0x448218 SetEndOfFile
0x44821c GetFileSize
0x448220 DuplicateHandle
0x448224 GetCurrentProcess
0x448228 FindClose
0x44822c FindFirstFileA
0x448234 GetShortPathNameA
0x448240 SetErrorMode
0x448244 HeapAlloc
0x448248 HeapFree
0x44824c RtlUnwind
0x448250 HeapReAlloc
0x448254 VirtualAlloc
0x448258 ExitThread
0x44825c CreateThread
0x448260 RaiseException
0x448264 GetCommandLineA
0x448268 GetProcessHeap
0x44826c GetStartupInfoA
0x448270 ExitProcess
0x448274 HeapSize
0x448278 VirtualFree
0x44827c HeapDestroy
0x448280 HeapCreate
0x448284 GetStdHandle
0x448288 TerminateProcess
0x448294 IsDebuggerPresent
0x448298 GetACP
0x4482ac SetHandleCount
0x4482b0 GetFileType
0x4482b8 GetTickCount
0x4482c4 GetConsoleCP
0x4482c8 GetConsoleMode
0x4482cc LCMapStringA
0x4482d0 LCMapStringW
0x4482d4 GetStringTypeA
0x4482d8 GetStringTypeW
0x4482dc GetUserDefaultLCID
0x4482e0 EnumSystemLocalesA
0x4482e4 IsValidLocale
0x4482e8 IsValidCodePage
0x4482ec GetLocaleInfoW
0x4482f0 SetStdHandle
0x4482f4 WriteConsoleA
0x4482f8 GetConsoleOutputCP
0x4482fc WriteConsoleW
0x448304 Sleep
0x448308 ReadFile
0x44830c SetLastError
0x448310 GetProcAddress
0x448314 GetModuleHandleA
0x448318 LoadLibraryA
0x44831c WriteFile
0x448320 FormatMessageA
0x448324 LocalFree
0x448330 FindResourceA
0x448334 LoadResource
0x448338 LockResource
0x44833c SizeofResource
0x448340 ResumeThread
0x448344 GetStringTypeExA
0x448348 lstrlenA
0x44834c lstrcmpiA
0x448350 CompareStringW
0x448354 CompareStringA
0x448358 GetCurrentProcessId
0x448360 Module32First
0x448364 Module32Next
0x448368 CloseHandle
0x44836c GetVersion
0x448370 GetLastError
0x448374 WideCharToMultiByte
0x448378 MultiByteToWideChar
0x44837c InterlockedExchange
0x448380 SuspendThread
Library USER32.dll:
0x4483e0 SetDlgItemTextA
0x4483e4 IsDialogMessageA
0x4483e8 SetWindowTextA
0x4483f0 ValidateRect
0x4483f4 TranslateMessage
0x4483f8 GetMessageA
0x4483fc InflateRect
0x448400 GetMenuItemInfoA
0x448404 DestroyMenu
0x448408 InvalidateRect
0x448410 SetMenu
0x448414 BringWindowToTop
0x448418 SetRectEmpty
0x44841c CreatePopupMenu
0x448420 InsertMenuItemA
0x448424 LoadAcceleratorsA
0x448428 ReleaseCapture
0x44842c SetCursor
0x448430 ReuseDDElParam
0x448434 UnpackDDElParam
0x448438 SetRect
0x44843c KillTimer
0x448440 WindowFromPoint
0x448444 IsZoomed
0x448448 RedrawWindow
0x44844c SetCapture
0x448450 SetCursorPos
0x448454 DestroyCursor
0x448458 IsRectEmpty
0x44845c UnionRect
0x448460 PostQuitMessage
0x448464 ShowOwnedPopups
0x448468 FillRect
0x44846c TabbedTextOutA
0x448470 DrawTextA
0x448474 DrawTextExA
0x448478 GrayStringA
0x44847c GetWindowDC
0x448480 BeginPaint
0x448484 EndPaint
0x448488 GetSysColorBrush
0x44848c UnregisterClassA
0x448490 SetParent
0x448494 GetDCEx
0x448498 LockWindowUpdate
0x44849c FindWindowA
0x4484a0 DestroyIcon
0x4484a4 SetWindowsHookExA
0x4484a8 CallNextHookEx
0x4484ac GetClassLongA
0x4484b0 GetClassNameA
0x4484b4 SetPropA
0x4484b8 GetPropA
0x4484bc RemovePropA
0x4484c0 GetFocus
0x4484c4 SetFocus
0x4484cc GetWindowTextA
0x4484d0 GetForegroundWindow
0x4484d4 GetLastActivePopup
0x4484d8 DispatchMessageA
0x4484dc BeginDeferWindowPos
0x4484e0 EndDeferWindowPos
0x4484e4 GetTopWindow
0x4484e8 UnhookWindowsHookEx
0x4484ec GetMessageTime
0x4484f0 GetMessagePos
0x4484f4 PeekMessageA
0x4484f8 MapWindowPoints
0x4484fc TrackPopupMenu
0x448500 GetKeyState
0x448504 SetScrollPos
0x448508 GetScrollPos
0x44850c IsWindowVisible
0x448510 GetMenu
0x448514 PostMessageA
0x448518 MessageBoxA
0x44851c CreateWindowExA
0x448520 GetClassInfoExA
0x448524 GetClassInfoA
0x448528 RegisterClassA
0x44852c GetSysColor
0x448530 AdjustWindowRectEx
0x448534 ScreenToClient
0x448538 EqualRect
0x44853c DeferWindowPos
0x448540 GetDlgCtrlID
0x448544 DefWindowProcA
0x448548 CallWindowProcA
0x44854c SetWindowLongA
0x448550 SetWindowPos
0x448554 OffsetRect
0x448558 IntersectRect
0x448560 IsIconic
0x448564 GetWindowPlacement
0x448568 GetWindowRect
0x44856c GetWindow
0x448570 GetActiveWindow
0x448574 SetActiveWindow
0x448578 GetSystemMetrics
0x448580 DestroyWindow
0x448584 GetWindowLongA
0x448588 GetDlgItem
0x44858c IsWindowEnabled
0x448590 GetParent
0x448594 GetNextDlgTabItem
0x448598 EndDialog
0x44859c ReleaseDC
0x4485a0 GetDC
0x4485a4 CopyRect
0x4485a8 IsWindow
0x4485ac GetMenuState
0x4485b0 GetMenuStringA
0x4485b4 GetMenuItemID
0x4485b8 InsertMenuA
0x4485bc GetMenuItemCount
0x4485c0 EnableWindow
0x4485c4 CharUpperA
0x4485c8 SendMessageA
0x4485cc LoadStringA
0x4485d0 PtInRect
0x4485d4 GetSubMenu
0x4485d8 LoadMenuA
0x4485dc ClientToScreen
0x4485e0 LoadIconA
0x4485e4 GetClientRect
0x4485e8 DeleteMenu
0x4485ec GetSystemMenu
0x4485f0 SetTimer
0x4485f4 UpdateWindow
0x4485f8 GetDesktopWindow
0x4485fc ShowWindow
0x448600 LoadBitmapA
0x448604 LoadCursorA
0x448608 SetForegroundWindow
0x44860c GetCursorPos
0x448610 SetMenuItemBitmaps
0x448618 ModifyMenuA
0x44861c EnableMenuItem
0x448620 CheckMenuItem
0x448628 SendDlgItemMessageA
0x44862c WinHelpA
0x448630 IsChild
0x448634 GetCapture
Library GDI32.dll:
0x448064 CreatePatternBrush
0x448068 GetStockObject
0x44806c CreateSolidBrush
0x448070 SetRectRgn
0x448074 CreateRectRgn
0x448078 SelectClipRgn
0x44807c CombineRgn
0x448084 PatBlt
0x448088 GetClipBox
0x44808c SetTextColor
0x448090 SetBkColor
0x448094 CreateBitmap
0x448098 CreateFontIndirectA
0x4480a0 DeleteObject
0x4480a4 GetCharWidthA
0x4480a8 SelectObject
0x4480ac CreateFontA
0x4480b0 DeleteDC
0x4480b4 StretchDIBits
0x4480b8 GetBkColor
0x4480bc GetTextMetricsA
0x4480c0 SaveDC
0x4480c4 RestoreDC
0x4480c8 SetBkMode
0x4480cc GetObjectA
0x4480d0 CreateCompatibleDC
0x4480d4 BitBlt
0x4480d8 ScaleWindowExtEx
0x4480dc SetWindowExtEx
0x4480e0 ScaleViewportExtEx
0x4480e4 SetViewportExtEx
0x4480e8 OffsetViewportOrgEx
0x4480ec SetViewportOrgEx
0x4480f0 ExtTextOutA
0x4480f4 SetMapMode
0x4480f8 ExcludeClipRect
0x4480fc IntersectClipRect
0x448100 Escape
0x448104 TextOutA
0x448108 RectVisible
0x44810c PtVisible
0x448110 GetPixel
0x448118 GetDeviceCaps
Library ADVAPI32.dll:
0x448000 RegCloseKey
0x448004 RegOpenKeyA
0x448008 RegQueryValueExA
0x44800c RegOpenKeyExA
0x448010 RegDeleteKeyA
0x448014 RegEnumKeyA
0x448018 RegQueryValueA
0x44801c RegCreateKeyExA
0x448020 RegSetValueExA
0x448024 RegDeleteValueA
0x448028 SetFileSecurityA
0x44802c GetFileSecurityA
0x448030 RegCreateKeyA
0x448034 OpenSCManagerA
0x448038 OpenServiceA
0x44803c CreateServiceA
0x448040 CloseServiceHandle
0x448044 StartServiceA
0x448054 RegSetValueA
Library SHELL32.dll:
0x4483b4 SHGetFileInfoA
0x4483b8 DragFinish
0x4483bc DragQueryFileA
0x4483c0 ExtractIconA
0x4483c4 Shell_NotifyIconA
Library COMCTL32.dll:
0x44805c ImageList_Destroy
Library SHLWAPI.dll:
0x4483cc PathFindFileNameA
0x4483d0 PathStripToRootA
0x4483d4 PathFindExtensionA
0x4483d8 PathIsUNCA
Library WS2_32.dll:
0x44864c WSACleanup
0x448650 WSAStartup
Library OLEACC.dll:
0x448398 LresultFromObject
Library WINSPOOL.DRV:
0x44863c OpenPrinterA
0x448640 DocumentPropertiesA
0x448644 ClosePrinter
Library comdlg32.dll:
0x448658 GetFileTitleA
Library OLEAUT32.dll:
0x4483a0 VariantInit
0x4483a4 SysAllocStringLen
0x4483a8 VariantChangeType
0x4483ac VariantClear

Exports

Ordinal Address Name
1 0x4049e6 KCCDWafdUUJKIIOFFCVDDS

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 51378 114.114.114.114 53
192.168.56.101 53657 114.114.114.114 53
192.168.56.101 57874 114.114.114.114 53
192.168.56.101 61680 114.114.114.114 53
192.168.56.101 62318 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 49713 224.0.0.252 5355
192.168.56.101 50534 224.0.0.252 5355
192.168.56.101 50568 224.0.0.252 5355
192.168.56.101 51808 224.0.0.252 5355
192.168.56.101 51963 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 57756 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 63429 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 53660 239.255.255.250 1900

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.