5.6
高危
52 个模型检测该样本为恶意!
重新分析
更多

8f09a38037f581ad331bb766ad568d1957303222043fdc62f3cc9456c16d6242

62814bdc512913408f60af4c9d75e412.exe

分析耗时

72s

最近分析

文件大小

712.2KB
静态报毒 动态报毒 A VARIANT OF GENERIK AI SCORE=82 ATTRIBUTE BSCOPE CLOUD CONFIDENCE DEYMA DOWNLOADER33 ELDORADO EMOTET EQTQZ GENCIRC GENERICKD GENERICRXLK GENETIC HDKU HIGH HIGH CONFIDENCE HIGHCONFIDENCE HNYDZY JKFXMQ KRYPTIK MALICIOUS R002C0DGJ20 RYUK SCORE SQ1@AKGD UNSAFE ZEXAE 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee GenericRXLK-NT!62814BDC5129 20200721 6.0.6.653
Alibaba Trojan:Win32/Emotet.72b76bc0 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast Win32:Malware-gen 20200721 18.4.3895.0
Kingsoft 20200721 2013.8.14.323
Tencent Malware.Win32.Gencirc.10cde088 20200721 1.0.0.1
CrowdStrike win/malicious_confidence_60% (W) 20190702 1.0
静态指标
Queries for the computername (2 个事件)
Time & API Arguments Status Return Repeated
1620982365.147751
GetComputerNameA
computer_name: OSKAR-PC
success 1 0
1620982365.147751
GetComputerNameA
computer_name: OSKAR-PC
success 1 0
Collects information to fingerprint the system (MachineGuid, DigitalProductId, SystemBiosDate) (1 个事件)
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid
This executable has a PDB path (1 个事件)
pdb_path c:\Users\DODO\Downloads\irdamobilepcsrc\Release\IrdaMobile.pdb
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (2 个事件)
Time & API Arguments Status Return Repeated
1620946615.490119
NtAllocateVirtualMemory
process_identifier: 2740
region_size: 53248
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12289 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00340000
success 0 0
1620982365.085751
NtAllocateVirtualMemory
process_identifier: 1108
region_size: 53248
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12289 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00350000
success 0 0
Creates executable files on the filesystem (1 个事件)
file c:\programdata\44def37582\bdif.exe
A process created a hidden window (1 个事件)
Time & API Arguments Status Return Repeated
1620946616.849119
CreateProcessInternalW
thread_identifier: 2060
thread_handle: 0x000000ec
process_identifier: 1108
current_directory:
filepath:
track: 1
command_line: c:\programdata\44def37582\bdif.exe
filepath_r:
stack_pivoted: 0
creation_flags: 134217728 (CREATE_NO_WINDOW)
process_handle: 0x000000e8
inherit_handles: 0
success 1 0
Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) (1 个事件)
Time & API Arguments Status Return Repeated
1620946615.537119
NtProtectVirtualMemory
process_identifier: 2740
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
length: 20480
protection: 32 (PAGE_EXECUTE_READ)
process_handle: 0xffffffff
base_address: 0x00591000
success 0 0
网络通信
Communicates with host for which no DNS query was performed (2 个事件)
host 172.217.24.14
host 217.8.117.41
Attempts to identify installed AV products by installation directory (7 个事件)
file C:\ProgramData\AVAST Software
file C:\ProgramData\Avira
file C:\ProgramData\Kaspersky Lab
file C:\ProgramData\Panda Security
file C:\ProgramData\Bitdefender
file C:\ProgramData\AVG
file C:\ProgramData\Doctor Web
Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually) (1 个事件)
dead_host 217.8.117.41:80
File has been identified by 52 AntiVirus engines on VirusTotal as malicious (50 out of 52 个事件)
MicroWorld-eScan Trojan.GenericKD.43493853
FireEye Generic.mg.62814bdc51291340
McAfee GenericRXLK-NT!62814BDC5129
Cylance Unsafe
Zillya Downloader.Deyma.Win32.145
Sangfor Malware
K7AntiVirus Trojan ( 0056aa1a1 )
Alibaba Trojan:Win32/Emotet.72b76bc0
K7GW Trojan ( 0056aa1a1 )
Arcabit Trojan.Generic.D297A9DD
BitDefenderTheta Gen:NN.ZexaE.34136.Sq1@aKgD!2xi
Cyren W32/Kryptik.BQI.gen!Eldorado
Symantec ML.Attribute.HighConfidence
APEX Malicious
Avast Win32:Malware-gen
Kaspersky UDS:DangerousObject.Multi.Generic
BitDefender Trojan.GenericKD.43493853
NANO-Antivirus Trojan.Win32.Dwn.hnydzy
Paloalto generic.ml
Rising Trojan.Kryptik!1.C80B (CLOUD)
Ad-Aware Trojan.GenericKD.43493853
Emsisoft Trojan.GenericKD.43493853 (B)
F-Secure Trojan.TR/AD.Ryuk.eqtqz
DrWeb Trojan.DownLoader33.64957
VIPRE Trojan.Win32.Generic!BT
TrendMicro TROJ_GEN.R002C0DGJ20
Trapmine malicious.high.ml.score
Sophos Mal/Generic-S
F-Prot W32/Kryptik.BQI.gen!Eldorado
Webroot W32.Trojan.Gen
Avira TR/AD.Ryuk.eqtqz
MAX malware (ai score=82)
Antiy-AVL Trojan[Downloader]/Win32.Deyma
Microsoft Trojan:Win32/Emotet.DGB!MTB
Endgame malicious (high confidence)
AegisLab Trojan.Multi.Generic.4!c
ZoneAlarm UDS:DangerousObject.Multi.Generic
GData Trojan.GenericKD.43493853
Cynet Malicious (score: 85)
AhnLab-V3 Malware/Win32.Generic.C4160581
VBA32 BScope.Backdoor.Emotet
ALYac Trojan.GenericKD.43493853
Malwarebytes Trojan.Injector
ESET-NOD32 a variant of Generik.JKFXMQ
TrendMicro-HouseCall TROJ_GEN.R002C0DGJ20
Tencent Malware.Win32.Gencirc.10cde088
Ikarus Trojan.SuspectCRC
Fortinet W32/Kryptik.HDKU!tr
AVG Win32:Malware-gen
Panda Trj/Genetic.gen
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-07-14 18:38:31

Imports

Library KERNEL32.dll:
0x4791a0 GetCPInfo
0x4791a4 GetOEMCP
0x4791a8 GetAtomNameA
0x4791b4 SetErrorMode
0x4791c0 SetFileTime
0x4791c4 SetFileAttributesA
0x4791c8 GetFileAttributesA
0x4791cc GetFileTime
0x4791d0 RtlUnwind
0x4791d4 RaiseException
0x4791d8 TerminateProcess
0x4791e4 IsDebuggerPresent
0x4791e8 HeapAlloc
0x4791ec HeapFree
0x4791f0 HeapReAlloc
0x4791f4 VirtualProtect
0x4791f8 VirtualAlloc
0x4791fc GetSystemInfo
0x479200 VirtualQuery
0x479204 GetCommandLineA
0x479208 GetProcessHeap
0x47920c GetStartupInfoA
0x479210 ExitProcess
0x479214 ExitThread
0x479218 CreateThread
0x47921c HeapSize
0x479220 GetACP
0x479224 GetShortPathNameA
0x479228 LCMapStringW
0x47922c FatalAppExitA
0x479230 VirtualFree
0x479234 HeapDestroy
0x479238 HeapCreate
0x47923c GetStdHandle
0x479250 SetHandleCount
0x479254 GetFileType
0x479264 GetStringTypeA
0x479268 GetStringTypeW
0x479270 GetTimeFormatA
0x479274 GetDateFormatA
0x479278 GetUserDefaultLCID
0x47927c EnumSystemLocalesA
0x479280 IsValidLocale
0x479284 IsValidCodePage
0x479288 GetConsoleCP
0x47928c GetConsoleMode
0x479290 GetLocaleInfoW
0x479294 SetStdHandle
0x479298 WriteConsoleA
0x47929c GetConsoleOutputCP
0x4792a0 WriteConsoleW
0x4792a8 GetFullPathNameA
0x4792b0 FindFirstFileA
0x4792b4 FindClose
0x4792b8 DuplicateHandle
0x4792bc GetThreadLocale
0x4792c0 GetFileSize
0x4792c4 SetEndOfFile
0x4792c8 UnlockFile
0x4792cc LockFile
0x4792d0 FlushFileBuffers
0x4792d4 SetFilePointer
0x4792d8 DeleteFileA
0x4792dc MoveFileA
0x4792e4 TlsFree
0x4792ec LocalReAlloc
0x4792f0 TlsSetValue
0x4792f4 TlsAlloc
0x4792fc GlobalHandle
0x479300 GlobalReAlloc
0x479308 TlsGetValue
0x479310 LocalAlloc
0x479314 GlobalFlags
0x47932c GetModuleFileNameW
0x479330 CopyFileA
0x479334 GlobalSize
0x479338 FormatMessageA
0x47933c LocalFree
0x479340 MulDiv
0x479344 GlobalGetAtomNameA
0x479348 GlobalFindAtomA
0x47934c lstrcmpW
0x479350 GetVersionExA
0x479354 GlobalUnlock
0x479358 GlobalFree
0x47935c FreeResource
0x479360 GetCurrentProcessId
0x479364 SetLastError
0x479368 GlobalAddAtomA
0x47936c CreateEventA
0x479370 SuspendThread
0x479374 SetEvent
0x479378 WaitForSingleObject
0x47937c ResumeThread
0x479380 SetThreadPriority
0x479384 GetCurrentThread
0x479388 GetCurrentThreadId
0x479390 GetModuleFileNameA
0x479398 GetLocaleInfoA
0x47939c LoadLibraryA
0x4793a0 GlobalLock
0x4793a4 lstrcmpA
0x4793a8 GlobalAlloc
0x4793ac FreeLibrary
0x4793b0 GlobalDeleteAtom
0x4793b4 GetModuleHandleA
0x4793b8 GetProcAddress
0x4793bc GetStringTypeExW
0x4793c0 GetStringTypeExA
0x4793cc lstrlenA
0x4793d0 lstrcmpiW
0x4793d4 lstrcmpiA
0x4793d8 CompareStringW
0x4793dc CompareStringA
0x4793e0 lstrlenW
0x4793e4 GetVersion
0x4793e8 GetLastError
0x4793ec MultiByteToWideChar
0x4793f0 InterlockedExchange
0x4793f4 Sleep
0x4793f8 CreateFileA
0x4793fc SetupComm
0x479400 GetCommState
0x479404 SetCommState
0x479408 GetCommTimeouts
0x47940c SetCommTimeouts
0x479410 PurgeComm
0x479414 CloseHandle
0x479418 WriteFile
0x47941c GetTickCount
0x479420 ReadFile
0x479424 WideCharToMultiByte
0x479428 LockResource
0x47942c LoadLibraryExA
0x479430 LoadLibraryExW
0x479434 FindResourceA
0x479438 LoadResource
0x47943c SizeofResource
0x479440 LCMapStringA
0x479444 GetCurrentProcess
Library USER32.dll:
0x479520 InvalidateRgn
0x479524 GetNextDlgGroupItem
0x479528 MessageBeep
0x47952c UnregisterClassA
0x479534 SetMenu
0x479538 BringWindowToTop
0x47953c SetRectEmpty
0x479540 CreatePopupMenu
0x479544 InsertMenuItemA
0x479548 LoadAcceleratorsA
0x47954c LoadMenuA
0x479550 ReuseDDElParam
0x479554 UnpackDDElParam
0x47955c SetParent
0x479560 UnionRect
0x479564 PostThreadMessageA
0x479568 SetTimer
0x47956c KillTimer
0x479570 GetDCEx
0x479574 LockWindowUpdate
0x479578 GetForegroundWindow
0x47957c BeginDeferWindowPos
0x479580 EndDeferWindowPos
0x479584 GetTopWindow
0x479588 UnhookWindowsHookEx
0x47958c GetMessageTime
0x479590 GetMessagePos
0x479594 MapWindowPoints
0x479598 ScrollWindow
0x47959c TrackPopupMenuEx
0x4795a0 TrackPopupMenu
0x4795a4 SetScrollRange
0x4795a8 GetScrollRange
0x4795ac SetScrollPos
0x4795b0 GetScrollPos
0x4795b4 SetForegroundWindow
0x4795b8 ShowScrollBar
0x4795bc GetMenu
0x4795c0 GetSubMenu
0x4795c4 GetMenuItemID
0x4795c8 GetMenuItemCount
0x4795cc CreateWindowExA
0x4795d0 GetClassInfoExA
0x4795d4 GetClassInfoA
0x4795d8 RegisterClassA
0x4795dc GetSysColor
0x4795e0 AdjustWindowRectEx
0x4795e4 ScreenToClient
0x4795e8 EqualRect
0x4795ec DeferWindowPos
0x4795f0 GetScrollInfo
0x4795f4 SetScrollInfo
0x4795f8 PtInRect
0x4795fc SetWindowPlacement
0x479600 GetDlgCtrlID
0x479604 DefWindowProcA
0x479608 CallWindowProcA
0x47960c SetWindowLongA
0x479610 OffsetRect
0x479614 IntersectRect
0x479618 SetCapture
0x47961c GetWindowPlacement
0x479620 GetWindowRect
0x479624 SetRect
0x47962c MapDialogRect
0x479630 SetWindowPos
0x479634 MapVirtualKeyA
0x479638 GetKeyNameTextA
0x47963c ReleaseDC
0x479640 GetDC
0x479644 CopyRect
0x479648 GetDesktopWindow
0x47964c SetActiveWindow
0x479654 DestroyWindow
0x479658 IsWindow
0x47965c GetDlgItem
0x479660 GetNextDlgTabItem
0x479664 EndDialog
0x47966c GetWindowLongA
0x479670 GetLastActivePopup
0x479674 IsWindowEnabled
0x479678 MessageBoxA
0x47967c ShowOwnedPopups
0x479680 SetCursor
0x479684 SetWindowsHookExA
0x479688 CallNextHookEx
0x47968c GetMessageA
0x479690 TranslateMessage
0x479694 DispatchMessageA
0x479698 GetActiveWindow
0x47969c IsWindowVisible
0x4796a0 GetKeyState
0x4796a4 PeekMessageA
0x4796a8 GetCursorPos
0x4796ac ValidateRect
0x4796b0 SetMenuItemBitmaps
0x4796b8 LoadBitmapA
0x4796bc GetFocus
0x4796c0 GetParent
0x4796c4 ModifyMenuA
0x4796c8 GetMenuState
0x4796cc EnableMenuItem
0x4796d0 CheckMenuItem
0x4796d4 PostMessageA
0x4796d8 PostQuitMessage
0x4796dc CharUpperW
0x4796e0 CharUpperA
0x4796e4 DeleteMenu
0x4796e8 EndPaint
0x4796ec BeginPaint
0x4796f0 GetWindowDC
0x4796f4 ClientToScreen
0x4796f8 GrayStringA
0x4796fc CharLowerW
0x479700 CharLowerA
0x479704 GetSystemMetrics
0x479708 LoadIconA
0x47970c EnableWindow
0x479710 InvalidateRect
0x479714 UpdateWindow
0x479718 GetClientRect
0x47971c IsIconic
0x479720 GetSystemMenu
0x479724 SendMessageA
0x479728 AppendMenuA
0x47972c DrawIcon
0x479730 IsRectEmpty
0x479738 CharNextA
0x47973c GetDialogBaseUnits
0x479740 DestroyIcon
0x479744 GetSysColorBrush
0x479748 WaitMessage
0x47974c ReleaseCapture
0x479750 LoadCursorA
0x479754 GetWindow
0x479758 WindowFromPoint
0x47975c DrawTextExA
0x479760 DrawTextA
0x479764 TabbedTextOutA
0x479768 FillRect
0x47976c DestroyMenu
0x479770 GetMenuItemInfoA
0x479774 InflateRect
0x479778 GetMenuStringA
0x47977c InsertMenuA
0x479780 RemoveMenu
0x479784 ScrollWindowEx
0x479788 ShowWindow
0x47978c MoveWindow
0x479790 SetWindowTextA
0x479794 IsDialogMessageA
0x479798 IsDlgButtonChecked
0x47979c SetDlgItemTextA
0x4797a0 SetDlgItemInt
0x4797a4 GetDlgItemTextA
0x4797a8 GetDlgItemInt
0x4797ac CheckRadioButton
0x4797b0 CheckDlgButton
0x4797b8 SendDlgItemMessageA
0x4797bc WinHelpA
0x4797c0 IsChild
0x4797c4 GetCapture
0x4797c8 GetClassLongA
0x4797cc GetClassNameA
0x4797d0 SetPropA
0x4797d4 GetPropA
0x4797d8 RemovePropA
0x4797dc SetFocus
0x4797e8 GetWindowTextA
Library GDI32.dll:
0x479034 ExtTextOutA
0x47903c SaveDC
0x479040 RestoreDC
0x479044 SetBkMode
0x479048 SetPolyFillMode
0x47904c SetROP2
0x479050 SetStretchBltMode
0x479054 SetGraphicsMode
0x479058 SetWorldTransform
0x479060 SetMapMode
0x479064 ExcludeClipRect
0x479068 IntersectClipRect
0x47906c OffsetClipRgn
0x479070 LineTo
0x479074 MoveToEx
0x479078 SetTextAlign
0x479084 SetMapperFlags
0x479088 SetArcDirection
0x47908c SetColorAdjustment
0x479090 DeleteObject
0x479094 SelectClipRgn
0x479098 GetClipRgn
0x47909c CreateRectRgn
0x4790a0 SelectClipPath
0x4790a4 GetViewportExtEx
0x4790a8 GetWindowExtEx
0x4790ac GetPixel
0x4790b0 StartDocA
0x4790b4 PtVisible
0x4790b8 RectVisible
0x4790bc TextOutA
0x4790c0 Escape
0x4790c4 SelectObject
0x4790c8 SetViewportOrgEx
0x4790cc BitBlt
0x4790d0 SetViewportExtEx
0x4790d4 ScaleViewportExtEx
0x4790d8 SetWindowOrgEx
0x4790dc OffsetWindowOrgEx
0x4790e0 SetWindowExtEx
0x4790e4 ScaleWindowExtEx
0x4790ec ArcTo
0x4790f0 PolyDraw
0x4790f4 PolylineTo
0x4790f8 PolyBezierTo
0x4790fc ExtSelectClipRgn
0x479100 DeleteDC
0x479108 CreatePatternBrush
0x47910c GetStockObject
0x479110 SelectPalette
0x479114 PlayMetaFileRecord
0x479118 GetObjectType
0x47911c EnumMetaFile
0x479120 PlayMetaFile
0x479124 CreatePen
0x479128 ExtCreatePen
0x47912c CreateSolidBrush
0x479130 CreateHatchBrush
0x479134 GetTextMetricsA
0x479138 SetRectRgn
0x47913c CombineRgn
0x479140 GetMapMode
0x479144 DPtoLP
0x479148 GetBkColor
0x47914c GetTextColor
0x479150 GetRgnBox
0x479158 GetCharWidthA
0x47915c CreateFontA
0x479160 StretchDIBits
0x479164 CreateCompatibleDC
0x479168 CreateFontIndirectA
0x47916c CreateDCA
0x479170 CopyMetaFileA
0x479174 GetDeviceCaps
0x479178 GetObjectA
0x47917c SetBkColor
0x479180 SetTextColor
0x479184 GetClipBox
0x479188 GetDCOrgEx
0x47918c PatBlt
0x479190 OffsetViewportOrgEx
0x479194 CreateBitmap
Library comdlg32.dll:
0x479800 GetFileTitleA
Library WINSPOOL.DRV:
0x4797f0 DocumentPropertiesA
0x4797f4 OpenPrinterA
0x4797f8 ClosePrinter
Library ADVAPI32.dll:
0x479000 RegDeleteValueA
0x479004 RegSetValueExA
0x479008 RegCreateKeyExA
0x47900c RegSetValueA
0x479010 RegQueryValueA
0x479014 RegOpenKeyA
0x479018 RegEnumKeyA
0x47901c RegDeleteKeyA
0x479020 RegOpenKeyExA
0x479024 RegQueryValueExA
0x479028 RegCloseKey
0x47902c RegCreateKeyA
Library SHELL32.dll:
0x4794f4 SHGetFileInfoA
0x4794f8 DragFinish
0x4794fc DragQueryFileA
0x479500 ExtractIconA
Library SHLWAPI.dll:
0x47950c PathFindFileNameA
0x479510 PathStripToRootA
0x479514 PathFindExtensionA
0x479518 PathIsUNCA
Library oledlg.dll:
0x479890
Library ole32.dll:
0x47980c OleInitialize
0x479814 OleUninitialize
0x479818 OleRun
0x47981c StringFromGUID2
0x479820 CoCreateInstance
0x479824 CoDisconnectObject
0x479834 CoGetClassObject
0x479838 OleDuplicateData
0x47983c CoRevokeClassObject
0x479840 ReleaseStgMedium
0x479844 CreateBindCtx
0x479848 CoTreatAsClass
0x47984c StringFromCLSID
0x479850 ReadClassStg
0x479854 ReadFmtUserTypeStg
0x479858 OleRegGetUserType
0x47985c WriteClassStg
0x479860 WriteFmtUserTypeStg
0x479864 SetConvertStg
0x479868 CoTaskMemFree
0x47986c CLSIDFromString
0x479870 CLSIDFromProgID
0x479878 OleSetClipboard
0x47987c OleFlushClipboard
0x479888 CoTaskMemAlloc
Library OLEAUT32.dll:
0x479450 SysFreeString
0x479454 VariantClear
0x479458 VariantChangeType
0x47945c VariantInit
0x479460 SysStringLen
0x479468 SysStringByteLen
0x479478 SafeArrayDestroy
0x47947c SysAllocString
0x479484 SafeArrayAccessData
0x479488 SafeArrayGetUBound
0x47948c SafeArrayGetLBound
0x479494 SafeArrayGetDim
0x479498 SafeArrayCreate
0x47949c SafeArrayRedim
0x4794a0 VariantCopy
0x4794a4 SafeArrayAllocData
0x4794ac SafeArrayCopy
0x4794b0 SafeArrayGetElement
0x4794b4 SafeArrayPtrOfIndex
0x4794b8 SafeArrayPutElement
0x4794bc SafeArrayLock
0x4794c0 SafeArrayUnlock
0x4794cc SysReAllocStringLen
0x4794d0 VarDateFromStr
0x4794d4 VarBstrFromCy
0x4794d8 VarBstrFromDec
0x4794dc VarDecFromStr
0x4794e0 VarCyFromStr
0x4794e4 VarBstrFromDate
0x4794e8 LoadTypeLib
0x4794ec SysAllocStringLen

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 49235 114.114.114.114 53
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 55368 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 50535 239.255.255.250 3702
192.168.56.101 56540 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58707 239.255.255.250 3702
192.168.56.101 56539 8.8.8.8 53

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.