6.4
高危
49 个模型检测该样本为恶意!
重新分析
更多

e832fe2b9251b58442d1c9e380ae5f5d338af57a43329f79786e333c15507ec4

8a5d1e11c3d30417bdaeb869346b69e6.exe

分析耗时

73s

最近分析

文件大小

906.9KB
静态报毒 动态报毒 AI SCORE=99 AIDETECTVM ALIEN ARTEMIS ATTRIBUTE BLUTEAL CLASSIC CONFIDENCE EBHD GENERICKD HHNG HIDDENRUN HIGH CONFIDENCE HIGHCONFIDENCE MALWARE2 MALWARE@#39020HXBK5GR3 R002C0DI520 R349753 SCORE UNSAFE VAWTRAK XVEOJ 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Artemis!8A5D1E11C3D3 20201030 6.0.6.653
Alibaba Trojan:Win32/Alien.e6d70b72 20190527 0.3.0.5
CrowdStrike win/malicious_confidence_60% (W) 20190702 1.0
Avast Win32:Malware-gen 20201030 20.10.5736.0
Baidu 20190318 1.0.0.2
Kingsoft 20201030 2013.8.14.323
Tencent Win32.Trojan.Alien.Ebhd 20201030 1.0.0.1
静态指标
Queries for the computername (12 个事件)
Time & API Arguments Status Return Repeated
1619692374.28
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1619692378.576625
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1619692378.576625
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1619692378.576625
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1619692378.576625
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1619692378.576625
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1619692379.155
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1619692379.155
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1619692379.155
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1619692379.155
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1619692379.155
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1619692386.8895
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
Checks if process is being debugged by a debugger (3 个事件)
Time & API Arguments Status Return Repeated
1619692374.265
IsDebuggerPresent
failed 0 0
1619692378.123625
IsDebuggerPresent
failed 0 0
1619692378.858
IsDebuggerPresent
failed 0 0
Command line console output was observed (50 out of 160 个事件)
Time & API Arguments Status Return Repeated
1619692366.889625
WriteConsoleW
buffer: jjdXX
console_handle: 0x00000007
success 1 0
1619692368.889625
WriteConsoleW
buffer: Microsoft Windows [版本 6.1.7601]
console_handle: 0x00000007
success 1 0
1619692368.889625
WriteConsoleW
buffer: 版权所有 (c) 2009 Microsoft Corporation。保留所有权利。
console_handle: 0x00000007
success 1 0
1619692368.889625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692368.889625
WriteConsoleW
buffer: Set fokOhApsw=Q
console_handle: 0x00000007
success 1 0
1619692368.904625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692368.904625
WriteConsoleW
buffer: if exist C:\aaa_TouchMeNot_.txt exit
console_handle: 0x00000007
success 1 0
1619692368.904625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692368.904625
WriteConsoleW
buffer: if %computername% == DESKTOP-%fokOhApsw%O5%fokOhApsw%U33 exit
console_handle: 0x00000007
success 1 0
1619692368.920625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692368.920625
WriteConsoleW
buffer: ping -n 1 Qojli.cCMlh
console_handle: 0x00000007
success 1 0
1619692372.467625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692372.467625
WriteConsoleW
buffer: if %errorlevel% == 0 exit
console_handle: 0x00000007
success 1 0
1619692372.467625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692372.482625
WriteConsoleW
buffer: if %computername% == NfZtFbPfH exit
console_handle: 0x00000007
success 1 0
1619692372.482625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692372.498625
WriteConsoleW
buffer: if %computername% == ELICZ exit
console_handle: 0x00000007
success 1 0
1619692372.498625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692372.498625
WriteConsoleW
buffer: if %computername% == MAIN exit
console_handle: 0x00000007
success 1 0
1619692372.514625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692372.514625
WriteConsoleW
buffer: <nul set /p ="M" > lsm.com
console_handle: 0x00000007
success 1 0
1619692372.545625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692372.545625
WriteConsoleW
buffer: type lZaAeJGTxYLdiJNWVh.com >> lsm.com
console_handle: 0x00000007
success 1 0
1619692373.639625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692373.639625
WriteConsoleW
buffer: del lZaAeJGTxYLdiJNWVh.com
console_handle: 0x00000007
success 1 0
1619692373.670625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692373.670625
WriteConsoleW
buffer: certutil -decode trWqjuDVREmm.com j
console_handle: 0x00000007
success 1 0
1619692377.686625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692377.686625
WriteConsoleW
buffer: lsm.com j
console_handle: 0x00000007
success 1 0
1619692377.842625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692377.842625
WriteConsoleW
buffer: ping 127.0.0.1 -n 30
console_handle: 0x00000007
success 1 0
1619692408.936625
WriteConsoleW
buffer: C:\Users\ADMINI~1.OSK\AppData\Local\Temp\7ZipSfx.000>
console_handle: 0x00000007
success 1 0
1619692371.529625
WriteConsoleA
buffer: Ping ÇëÇóÕÒ²»µ½Ö÷»ú Qojli.cCMlh¡£Çë¼ì²é¸ÃÃû³Æ£¬È»ºóÖØÊÔ¡£
console_handle: 0x00000007
success 1 0
1619692374.312
WriteConsoleW
buffer: 输入长度 = 980536
console_handle: 0x00000007
success 1 0
1619692374.343
WriteConsoleW
buffer: 输出长度 = 713075
console_handle: 0x00000007
success 1 0
1619692374.358
WriteConsoleW
buffer: CertUtil: -decode 命令成功完成。
console_handle: 0x00000007
success 1 0
1619692378.3735
WriteConsoleA
buffer: ÕýÔÚ Ping 127.0.0.1
console_handle: 0x00000007
success 1 0
1619692378.3895
WriteConsoleA
buffer: ¾ßÓÐ 32 ×Ö½ÚµÄÊý¾Ý:
console_handle: 0x00000007
success 1 0
1619692378.4045
WriteConsoleA
buffer: À´×Ô 127.0.0.1 µÄ»Ø¸´:
console_handle: 0x00000007
success 1 0
1619692378.4045
WriteConsoleA
buffer: ×Ö½Ú=32
console_handle: 0x00000007
success 1 0
1619692378.4045
WriteConsoleA
buffer: ʱ¼ä<1ms
console_handle: 0x00000007
success 1 0
1619692378.4045
WriteConsoleA
buffer: TTL=128
console_handle: 0x00000007
success 1 0
1619692379.4365
WriteConsoleA
buffer: À´×Ô 127.0.0.1 µÄ»Ø¸´:
console_handle: 0x00000007
success 1 0
1619692379.4365
WriteConsoleA
buffer: ×Ö½Ú=32
console_handle: 0x00000007
success 1 0
1619692379.4365
WriteConsoleA
buffer: ʱ¼ä<1ms
console_handle: 0x00000007
success 1 0
1619692379.4515
WriteConsoleA
buffer: TTL=128
console_handle: 0x00000007
success 1 0
1619692380.4515
WriteConsoleA
buffer: À´×Ô 127.0.0.1 µÄ»Ø¸´:
console_handle: 0x00000007
success 1 0
1619692380.4515
WriteConsoleA
buffer: ×Ö½Ú=32
console_handle: 0x00000007
success 1 0
1619692380.4515
WriteConsoleA
buffer: ʱ¼ä<1ms
console_handle: 0x00000007
success 1 0
1619692380.4515
WriteConsoleA
buffer: TTL=128
console_handle: 0x00000007
success 1 0
Collects information to fingerprint the system (MachineGuid, DigitalProductId, SystemBiosDate) (1 个事件)
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid
Checks amount of memory in system, this can be used to detect virtual machines that have a low amount of memory available (1 个事件)
Time & API Arguments Status Return Repeated
1619686135.504436
GlobalMemoryStatusEx
success 1 0
The executable uses a known packer (1 个事件)
packer Armadillo v1.71
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (2 个事件)
Time & API Arguments Status Return Repeated
1619692385.937
NtAllocateVirtualMemory
process_identifier: 1272
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00720000
success 0 0
1619692385.983
NtAllocateVirtualMemory
process_identifier: 1272
region_size: 12288
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00740000
success 0 0
Creates executable files on the filesystem (8 个事件)
file C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\7ZipSfx.000\dxLvaANoi.com
file C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\7ZipSfx.000\fWXeLkphtIAkrWNHDX.com
file C:\Users\Administrator.Oskar-PC\AppData\Roaming\mintSoftware\EwalSrZ.vbs
file C:\Users\Administrator.Oskar-PC\AppData\Roaming\mintSoftware\fWXeLkphtIAkrWNHDX.com
file C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\7ZipSfx.000\lZaAeJGTxYLdiJNWVh.com
file C:\Users\Administrator.Oskar-PC\AppData\Roaming\mintSoftware\mintSoftware.com
file C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\7ZipSfx.000\trWqjuDVREmm.com
file C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\7ZipSfx.000\lsm.com
Creates a suspicious process (2 个事件)
cmdline "C:\Windows\System32\cmd.exe" /c cmd < dxLvaANoi.com
cmdline "C:\Windows\System32\cmd.exe" /c echo jjdXX
Drops a binary and executes it (1 个事件)
file C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\7ZipSfx.000\lsm.com
Drops an executable to the user AppData folder (1 个事件)
file C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\7ZipSfx.000\lsm.com
A process created a hidden window (2 个事件)
Time & API Arguments Status Return Repeated
1619686136.020436
ShellExecuteExW
parameters: /c echo jjdXX
filepath: cmd
filepath_r: cmd
show_type: 0
success 1 0
1619686137.708436
ShellExecuteExW
parameters: /c cmd < dxLvaANoi.com
filepath: cmd
filepath_r: cmd
show_type: 0
success 1 0
Uses Windows utilities for basic Windows functionality (2 个事件)
cmdline ping -n 1 Qojli.cCMlh
cmdline ping 127.0.0.1 -n 30
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
Installs itself for autorun at Windows startup (1 个事件)
file C:\Users\Administrator.Oskar-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mintSoftware.url
File has been identified by 49 AntiVirus engines on VirusTotal as malicious (49 个事件)
Bkav W32.AIDetectVM.malware2
Elastic malicious (high confidence)
DrWeb Trojan.PWS.Stealer.29339
MicroWorld-eScan Trojan.GenericKD.43777814
McAfee Artemis!8A5D1E11C3D3
Sangfor Malware
K7AntiVirus Trojan ( 0056dc0b1 )
Alibaba Trojan:Win32/Alien.e6d70b72
K7GW Trojan ( 0056dc0b1 )
CrowdStrike win/malicious_confidence_60% (W)
Arcabit Trojan.Generic.D29BFF16
Invincea Mal/Generic-S
Cyren W32/Trojan.HHNG-5239
Symantec ML.Attribute.HighConfidence
APEX Malicious
Avast Win32:Malware-gen
Kaspersky Trojan.Win32.Alien.ijb
BitDefender Trojan.GenericKD.43777814
Paloalto generic.ml
AegisLab Trojan.Win32.Alien.4!c
Rising Trojan.HiddenRun/SFX!1.CC6B (CLASSIC)
Ad-Aware Trojan.GenericKD.43777814
Emsisoft Trojan.GenericKD.43777814 (B)
Comodo Malware@#39020hxbk5gr3
F-Secure Malware.BAT/Agent.xveoj
VIPRE Trojan.Win32.Generic!BT
TrendMicro TROJ_GEN.R002C0DI520
McAfee-GW-Edition BehavesLike.Win32.Vawtrak.dc
FireEye Generic.mg.8a5d1e11c3d30417
Sophos Mal/Generic-S
Avira BAT/Agent.xveoj
MAX malware (ai score=99)
Gridinsoft Trojan.Win32.Agent.oa
Microsoft Trojan:Win32/Bluteal!rfn
ZoneAlarm Trojan.Win32.Alien.ijb
GData Trojan.GenericKD.43777814
Cynet Malicious (score: 85)
AhnLab-V3 Trojan/Win32.Injector.R349753
VBA32 Trojan.Alien
ALYac Trojan.Agent.Bluteal
Cylance Unsafe
ESET-NOD32 BAT/Agent.OYP
TrendMicro-HouseCall TROJ_GEN.R002C0DI520
Tencent Win32.Trojan.Alien.Ebhd
Ikarus Trojan.BAT.Agent
eGambit Trojan.Generic
Fortinet W32/Alien.IJB!tr
AVG Win32:Malware-gen
Qihoo-360 Win32/Trojan.eab
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2016-04-03 06:14:34

Imports

Library COMCTL32.dll:
0x41d010
Library SHELL32.dll:
0x41d274 ShellExecuteExW
0x41d278 ShellExecuteW
0x41d27c SHGetMalloc
0x41d284 SHBrowseForFolderW
0x41d288 SHGetFileInfoW
Library GDI32.dll:
0x41d018 CreateCompatibleDC
0x41d01c CreateFontIndirectW
0x41d020 DeleteObject
0x41d024 DeleteDC
0x41d028 GetCurrentObject
0x41d02c StretchBlt
0x41d030 GetDeviceCaps
0x41d038 SelectObject
0x41d03c SetStretchBltMode
0x41d040 GetObjectW
Library ADVAPI32.dll:
0x41d000 FreeSid
Library USER32.dll:
0x41d294 GetParent
0x41d298 ScreenToClient
0x41d29c CreateWindowExW
0x41d2a0 GetDesktopWindow
0x41d2a8 SetWindowPos
0x41d2ac SetTimer
0x41d2b0 GetMessageW
0x41d2b4 CopyImage
0x41d2b8 KillTimer
0x41d2bc CharUpperW
0x41d2c0 SendMessageW
0x41d2c4 ShowWindow
0x41d2c8 BringWindowToTop
0x41d2cc wsprintfW
0x41d2d0 MessageBoxW
0x41d2d4 EndDialog
0x41d2d8 ReleaseDC
0x41d2dc GetWindowDC
0x41d2e0 GetMenu
0x41d2e4 GetWindowLongW
0x41d2e8 GetClassNameA
0x41d2ec wsprintfA
0x41d2f0 DispatchMessageW
0x41d2f4 SetWindowTextW
0x41d2f8 GetSysColor
0x41d2fc DestroyWindow
0x41d300 MessageBoxA
0x41d304 GetKeyState
0x41d308 IsWindow
0x41d30c GetDlgItem
0x41d310 GetClientRect
0x41d314 GetSystemMetrics
0x41d318 SetWindowLongW
0x41d31c UnhookWindowsHookEx
0x41d320 SetFocus
0x41d328 DrawTextW
0x41d32c GetDC
0x41d330 ClientToScreen
0x41d334 GetWindow
0x41d33c DrawIconEx
0x41d340 CallWindowProcW
0x41d344 DefWindowProcW
0x41d348 CallNextHookEx
0x41d34c PtInRect
0x41d350 SetWindowsHookExW
0x41d354 LoadImageW
0x41d358 LoadIconW
0x41d35c MessageBeep
0x41d360 EnableWindow
0x41d364 EnableMenuItem
0x41d368 GetSystemMenu
0x41d36c CreateWindowExA
0x41d370 wvsprintfW
0x41d374 GetWindowTextW
0x41d378 GetWindowRect
Library ole32.dll:
0x41d384 CoCreateInstance
0x41d388 CoInitialize
Library OLEAUT32.dll:
0x41d25c SysAllocStringLen
0x41d260 VariantClear
0x41d264 SysFreeString
0x41d268 OleLoadPicture
0x41d26c SysAllocString
Library KERNEL32.dll:
0x41d048 SetFileTime
0x41d04c SetEndOfFile
0x41d054 VirtualFree
0x41d058 GetModuleHandleA
0x41d060 VirtualAlloc
0x41d064 ReadFile
0x41d068 SetFilePointer
0x41d06c GetFileSize
0x41d07c FormatMessageW
0x41d080 lstrcpyW
0x41d084 LocalFree
0x41d088 IsBadReadPtr
0x41d08c GetSystemDirectoryW
0x41d090 GetCurrentThreadId
0x41d094 SuspendThread
0x41d098 TerminateThread
0x41d0a0 ResetEvent
0x41d0a4 SetEvent
0x41d0a8 CreateEventW
0x41d0ac GetVersionExW
0x41d0b0 GetModuleFileNameW
0x41d0b4 GetCurrentProcess
0x41d0c0 GetDriveTypeW
0x41d0c4 CreateFileW
0x41d0c8 LoadLibraryA
0x41d0cc SetThreadLocale
0x41d0d8 CompareFileTime
0x41d0dc WideCharToMultiByte
0x41d0e0 GetTempPathW
0x41d0ec lstrcmpiW
0x41d0f0 GetLocaleInfoW
0x41d0f4 MultiByteToWideChar
0x41d104 lstrcmpiA
0x41d108 GlobalAlloc
0x41d10c GlobalFree
0x41d110 MulDiv
0x41d114 FindResourceExA
0x41d118 SizeofResource
0x41d11c LoadResource
0x41d120 LockResource
0x41d124 GetModuleHandleW
0x41d128 FindFirstFileW
0x41d12c lstrcmpW
0x41d130 DeleteFileW
0x41d134 FindNextFileW
0x41d138 FindClose
0x41d13c RemoveDirectoryW
0x41d140 GetStdHandle
0x41d144 WriteFile
0x41d148 lstrlenA
0x41d14c CreateDirectoryW
0x41d150 GetFileAttributesW
0x41d158 GetLocalTime
0x41d160 CreateThread
0x41d164 GetExitCodeThread
0x41d168 Sleep
0x41d16c SetFileAttributesW
0x41d170 GetDiskFreeSpaceExW
0x41d174 SetLastError
0x41d178 GetTickCount
0x41d17c lstrlenW
0x41d180 ExitProcess
0x41d184 lstrcatW
0x41d188 GetProcAddress
0x41d18c CloseHandle
0x41d190 WaitForSingleObject
0x41d194 GetExitCodeProcess
0x41d19c ResumeThread
0x41d1ac CreateJobObjectW
0x41d1b0 GetLastError
0x41d1b4 CreateProcessW
0x41d1b8 GetStartupInfoW
0x41d1bc GetCommandLineW
0x41d1c0 GetStartupInfoA
Library MSVCRT.dll:
0x41d1c8 _purecall
0x41d1cc ??2@YAPAXI@Z
0x41d1d0 _wtol
0x41d1d4 memset
0x41d1d8 memmove
0x41d1dc memcpy
0x41d1e0 _wcsnicmp
0x41d1e4 _controlfp
0x41d1e8 _except_handler3
0x41d1ec __set_app_type
0x41d1f0 __p__fmode
0x41d1f4 __p__commode
0x41d1f8 _adjust_fdiv
0x41d1fc __setusermatherr
0x41d200 _initterm
0x41d204 __getmainargs
0x41d208 _acmdln
0x41d20c exit
0x41d210 _XcptFilter
0x41d214 _exit
0x41d21c _onexit
0x41d220 __dllonexit
0x41d224 malloc
0x41d228 realloc
0x41d22c free
0x41d230 wcsstr
0x41d234 _CxxThrowException
0x41d238 _beginthreadex
0x41d23c _EH_prolog
0x41d244 strncmp
0x41d248 wcsncmp
0x41d24c wcsncpy
0x41d250 strncpy
0x41d254 ??3@YAXPAX@Z

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 51808 114.114.114.114 53
192.168.56.101 51963 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 58367 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 50535 239.255.255.250 3702
192.168.56.101 50537 239.255.255.250 3702
192.168.56.101 56540 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58707 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.