SmartHawk

3.0

中危

53 个模型检测该样本为恶意！

重新分析

下载样本

5483f71f21f1231f8f05df7dbf37ff2754047b2cdb31eccc389654a27ad04d2a

607e477f2d77960f0a22937bbe5e2223.exe

分析耗时

76s

最近分析

文件大小

587.5KB

静态报毒动态报毒 9XU42KBCQGC AGEN AGENTTESLA AI SCORE=100 ATTRIBUTE AVOT CONFIDENCE CRYPTINJECT DAPATO DPYE ELDORADO FVWPVM GDSDA GENERICRXIH GENKRYPTIK HIGH CONFIDENCE HIGHCONFIDENCE KM0@AOP8IGO KRYPT KRYPTIK MALICIOUS PE MALWARE@#LJDUCSE78U4I MSILKRYPT13 PWSX R066C0PIO20 SCORE STATIC AI SUSGEN TSCOPE UNSAFE VUVAZI WMJE ZEMSILF 更多

未检测暂无鹰眼引擎检测结果

查杀引擎	查杀结果	查杀时间	查杀版本
McAfee	GenericRXIH-YY!607E477F2D77	20201226	6.0.6.653
Alibaba	TrojanDropper:MSIL/CryptInject.f7f22445	20190527	0.3.0.5
Baidu		20190318	1.0.0.2
Avast	Win32:PWSX-gen [Trj]	20201226	21.1.5827.0
Tencent	Msil.Trojan-dropper.Dapato.Wmje	20201226	1.0.0.1
Kingsoft		20201226	2017.9.26.565
CrowdStrike	win/malicious_confidence_90% (W)	20190702	1.0

Checks if process is being debugged by a debugger (2 个事件)

Time & API	Arguments	Status	Return	Repeated
1619513306.193119 IsDebuggerPresent		failed	0	0
1619513306.193119 IsDebuggerPresent		failed	0	0

Checks amount of memory in system, this can be used to detect virtual machines that have a low amount of memory available (1 个事件)

Time & API	Arguments	Status	Return	Repeated
1619513306.224119 GlobalMemoryStatusEx		success	1	0

Allocates read-write-execute memory (usually to unpack itself) (50 out of 76 个事件)

Time & API	Arguments	Status	Return
1619513305.443119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 1245184 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 8192 (MEM_RESERVE) base_address: 0x003d0000	success	0
1619513305.443119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x004c0000	success	0
1619513305.786119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 1835008 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 8192 (MEM_RESERVE) base_address: 0x02040000	success	0
1619513305.786119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x021c0000	success	0
1619513305.974119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x73e71000	success	0
1619513306.193119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 1245184 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 8192 (MEM_RESERVE) base_address: 0x02040000	success	0
1619513306.193119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x02130000	success	0
1619513306.193119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x002aa000	success	0
1619513306.193119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8192 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x73e72000	success	0
1619513306.193119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x002a2000	success	0
1619513306.505119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x002b2000	success	0
1619513306.568119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x003e5000	success	0
1619513306.568119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x003eb000	success	0
1619513306.568119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x003e7000	success	0
1619513306.646119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x002b3000	success	0
1619513306.677119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x002bc000	success	0
1619513306.755119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x002b4000	success	0
1619513306.943119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x00510000	success	0
1619513307.052119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x002b5000	success	0
1619513307.099119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x002b6000	success	0
1619513307.193119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x002b7000	success	0
1619513307.208119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x003d6000	success	0
1619513307.255119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x003da000	success	0
1619513307.255119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x003d7000	success	0
1619513307.271119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x002b8000	success	0
1619513307.286119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x00511000	success	0
1619513307.318119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x002b9000	success	0
1619513307.333119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 12288 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x00512000	success	0
1619513307.583119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x00515000	success	0
1619513310.443119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x00516000	success	0
1619513310.443119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x00b90000	success	0
1619513310.474119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x00517000	success	0
1619513310.474119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x00518000	success	0
1619513310.521119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x00519000	success	0
1619513310.521119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x0051a000	success	0
1619513310.536119 NtAllocateVirtualMemory	process_identifier: 2976 region_size: 8192 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x0051b000	success	0
1619513310.708119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x04e90178	failed	3221225550
1619513310.724119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x04e901a0	failed	3221225550
1619513310.724119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x04e901c8	failed	3221225550
1619513310.724119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 11 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x04efd29e	failed	3221225550
1619513310.724119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 11 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x04efd292	failed	3221225550
1619513310.724119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 72 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x04e90208	failed	3221225550
1619513310.724119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x04ef1d98	failed	3221225550
1619513310.724119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x04ef1dbc	failed	3221225550
1619513310.724119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x04ef1dc4	failed	3221225550
1619513310.724119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x04ef1dc8	failed	3221225550
1619513310.724119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x04ef1dd0	failed	3221225550
1619513310.724119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x04ef1dd4	failed	3221225550
1619513310.724119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x04ef1dd8	failed	3221225550
1619513310.724119 NtProtectVirtualMemory	process_identifier: 2976 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x04ef1ddc	failed	3221225550

The binary likely contains encrypted or compressed data indicative of a packer (2 个事件)

entropy

7.8680163281327

section

{'size_of_data': '0x00092400', 'virtual_address': '0x00002000', 'entropy': 7.8680163281327, 'name': '.text', 'virtual_size': '0x00092284'}

description

A section with a high entropy has been found

entropy

0.9965928449744463

description

Overall entropy of this PE file is high

Communicates with host for which no DNS query was performed (1 个事件)

host

172.217.24.14

File has been identified by 53 AntiVirus engines on VirusTotal as malicious (50 out of 53 个事件)

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Heur.MSIL.Vuvazi.7.1
McAfee	GenericRXIH-YY!607E477F2D77
Cylance	Unsafe
Zillya	Trojan.Kryptik.Win32.1704006
K7AntiVirus	Trojan ( 005559861 )
Alibaba	TrojanDropper:MSIL/CryptInject.f7f22445
K7GW	Trojan ( 005559861 )
Cybereason	malicious.f2d779
Cyren	W32/MSIL_Kryptik.MD.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan-Dropper.MSIL.Dapato.gen
BitDefender	Gen:Heur.MSIL.Vuvazi.7.1
NANO-Antivirus	Trojan.Win32.Dapato.fvwpvm
Avast	Win32:PWSX-gen [Trj]
Tencent	Msil.Trojan-dropper.Dapato.Wmje
Ad-Aware	Gen:Heur.MSIL.Vuvazi.7.1
Sophos	Mal/Generic-S
Comodo	Malware@#ljducse78u4i
F-Secure	Heuristic.HEUR/AGEN.1101061
DrWeb	Trojan.PWS.Stealer.19347
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R066C0PIO20
McAfee-GW-Edition	BehavesLike.Win32.Generic.hc
FireEye	Generic.mg.607e477f2d77960f
Emsisoft	Gen:Heur.MSIL.Vuvazi.7.1 (B)
Ikarus	Trojan.MSIL.Krypt
GData	Gen:Heur.MSIL.Vuvazi.7.1
Jiangmin	TrojanDropper.MSIL.avot
Avira	HEUR/AGEN.1101061
Arcabit	Trojan.MSIL.Vuvazi.7.1
AegisLab	Trojan.Multi.Generic.4!c
ZoneAlarm	HEUR:Trojan-Dropper.MSIL.Dapato.gen
Microsoft	Trojan:MSIL/CryptInject.PM!MTB
Cynet	Malicious (score: 100)
AhnLab-V3	Win-Trojan/MSILKrypt13.Exp
VBA32	TScope.Trojan.MSIL
ALYac	Gen:Heur.MSIL.Vuvazi.7.1
MAX	malware (ai score=100)
Malwarebytes	Spyware.AgentTesla
ESET-NOD32	a variant of MSIL/Kryptik.SMY
TrendMicro-HouseCall	TROJ_GEN.R066C0PIO20
Yandex	Trojan.Kryptik!9Xu42KBcQGc
SentinelOne	Static AI - Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/GenKryptik.DPYE!tr
BitDefenderTheta	Gen:NN.ZemsilF.34700.Km0@aOp8iGo
AVG	Win32:PWSX-gen [Trj]

暂无二进制图像该样本未生成二进制可视化图像

暂无运行截图该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手，可以帮您分析和解读恶意软件报告。请随时向我提问！

🔍 主要威胁分析

⚡ 行为特征

🛡️ 防护建议

🔧 技术手段

🎯 检测方法

🤖

Static Analysis
Strings

PE Compile Time

2019-08-12 08:29:37

Imports

Library mscoree.dll:

• 0x402000 _CorExeMain

Hosts

No hosts contacted.

DNS

Name	Response	Post-Analysis Lookup
time.windows.com	A 20.189.79.72 CNAME time.microsoft.akadns.net
dns.msftncsi.com	AAAA fd3e:4f5a:5b81::1	131.107.255.255
dns.msftncsi.com	A 131.107.255.255	131.107.255.255
teredo.ipv6.microsoft.com		127.0.0.1

TCP

No TCP connections recorded.

UDP

Source	Source Port	Destination	Destination Port
192.168.56.101	50534	114.114.114.114	53
192.168.56.101	51808	114.114.114.114	53
192.168.56.101	56539	114.114.114.114	53
192.168.56.101	58367	114.114.114.114	53
192.168.56.101	63429	114.114.114.114	53
192.168.56.101	65004	114.114.114.114	53
192.168.56.101	137	192.168.56.255	137
192.168.56.101	138	192.168.56.255	138
192.168.56.101	123	20.189.79.72 time.windows.com	123
192.168.56.101	49235	224.0.0.252	5355
192.168.56.101	51963	224.0.0.252	5355
192.168.56.101	56804	224.0.0.252	5355
192.168.56.101	62191	224.0.0.252	5355
192.168.56.101	1900	239.255.255.250	1900
192.168.56.101	51809	239.255.255.250	3702
192.168.56.101	56540	239.255.255.250	3702
192.168.56.101	56807	239.255.255.250	1900
192.168.56.101	58707	239.255.255.250	3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.

Sorry! No dropped buffers.