6.4
高危
28 个模型检测该样本为恶意!
重新分析
更多

d482725a70a08e4110c90e93de82f2ff748e68a4b5038b9e804ebae2da5f0018

96a8d3676305aecfa3e41d6fd44b5bdb.exe

分析耗时

88s

最近分析

文件大小

752.0KB
静态报毒 动态报毒 AI SCORE=86 AIDETECTVM CLASSIC DOWNLOADER34 ELDORADO EMOTET FSUZ GDSDA GENERICKDZ KRYPTIK MALICIOUS MALWARE1 R345561 SCORE TRICKBOT VQ0@AI3FLMNI ZEXAF 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Trickbot-FSUZ!96A8D3676305 20200722 6.0.6.653
Alibaba 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast 20200722 18.4.3895.0
Kingsoft 20200722 2013.8.14.323
Tencent 20200722 1.0.0.1
CrowdStrike 20190702 1.0
静态指标
Queries for the computername (1 个事件)
Time & API Arguments Status Return Repeated
1620808827.297375
GetComputerNameA
computer_name: OSKAR-PC
success 1 0
Uses Windows APIs to generate a cryptographic key (3 个事件)
Time & API Arguments Status Return Repeated
1620808816.000375
CryptGenKey
crypto_handle: 0x0038b490
algorithm_identifier: 0x0000660e ()
provider_handle: 0x0038a778
flags: 1
key: f8 ¥±‰É‚ R àk^;
success 1 0
1620808827.343375
CryptExportKey
crypto_handle: 0x0038b490
crypto_export_handle: 0x0038a840
buffer: f¤·9è¸Sðd¸Ô­¼ý„‹Ð&M1`ÜÈn׶Àúf9kŽhj:‹<'v×cb“}¨Û)/=ø+܍l!Š=™EdLÝ8jm,ïD¸6wGïÊ}iDE–’,¢óÝ
blob_type: 1
flags: 64
success 1 0
1620808855.297375
CryptExportKey
crypto_handle: 0x0038b490
crypto_export_handle: 0x0038a840
buffer: f¤ìQ¾œÐ?´4KG’#«²ÚúºR=Ô³m;kí ýgn$sqkV™\J­ªa£FžLLdÆ¥àx’›?Æ-3â•SS4˜ÓkLsš\ÁšÉt45óðˆb a7
blob_type: 1
flags: 64
success 1 0
The executable uses a known packer (1 个事件)
packer Armadillo v1.71
The file contains an unknown PE resource name possibly indicative of a packer (2 个事件)
resource name RGN
resource name None
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1620808803.906375
NtAllocateVirtualMemory
process_identifier: 2764
region_size: 36864
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12289 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00580000
success 0 0
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1620808828.453375
GetAdaptersAddresses
flags: 0
family: 0
failed 111 0
The binary likely contains encrypted or compressed data indicative of a packer (1 个事件)
entropy 7.278181547383492 section {'size_of_data': '0x0000e000', 'virtual_address': '0x00067000', 'entropy': 7.278181547383492, 'name': '.data', 'virtual_size': '0x00011f88'} description A section with a high entropy has been found
Expresses interest in specific running processes (1 个事件)
process 96a8d3676305aecfa3e41d6fd44b5bdb.exe
Reads the systems User Agent and subsequently performs requests (1 个事件)
Time & API Arguments Status Return Repeated
1620808827.687375
InternetOpenW
proxy_bypass:
access_type: 0
proxy_name:
flags: 0
user_agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
success 13369348 0
网络通信
Communicates with host for which no DNS query was performed (3 个事件)
host 144.139.91.187
host 157.7.199.53
host 172.217.24.14
Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)
Time & API Arguments Status Return Repeated
1620808831.047375
RegSetValueExA
key_handle: 0x000003a8
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1620808831.047375
RegSetValueExA
key_handle: 0x000003a8
value: õ1@G×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1620808831.047375
RegSetValueExA
key_handle: 0x000003a8
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1620808831.047375
RegSetValueExW
key_handle: 0x000003a8
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1620808831.062375
RegSetValueExA
key_handle: 0x000003c0
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1620808831.062375
RegSetValueExA
key_handle: 0x000003c0
value: õ1@G×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1620808831.062375
RegSetValueExA
key_handle: 0x000003c0
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
1620808831.078375
RegSetValueExW
key_handle: 0x000003a4
value: {40112ABE-63B3-43C3-BE93-1440EE3AF106}
regkey_r: WpadLastNetwork
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
success 0 0
File has been identified by 28 AntiVirus engines on VirusTotal as malicious (28 个事件)
Bkav W32.AIDetectVM.malware1
MicroWorld-eScan Trojan.GenericKDZ.68895
FireEye Generic.mg.96a8d3676305aecf
McAfee Trickbot-FSUZ!96A8D3676305
K7AntiVirus Trojan ( 0056af591 )
K7GW Trojan ( 0056af591 )
F-Prot W32/Kryptik.BQR.gen!Eldorado
APEX Malicious
BitDefender Trojan.GenericKDZ.68895
Rising Trojan.Kryptik!1.C89F (CLASSIC)
Emsisoft Trojan.Emotet (A)
F-Secure Trojan.TR/AD.Emotet.BY
DrWeb Trojan.DownLoader34.2696
Trapmine suspicious.low.ml.score
Cyren W32/Kryptik.BQR.gen!Eldorado
Avira TR/AD.Emotet.BY
Microsoft Trojan:Win32/Emotet.ARJ!MTB
Arcabit Trojan.Generic.D10D1F
GData Trojan.GenericKDZ.68895
AhnLab-V3 Trojan/Win32.Kryptik.R345561
MAX malware (ai score=86)
Ad-Aware Trojan.GenericKDZ.68895
Malwarebytes Trojan.Emotet
ESET-NOD32 Win32/Emotet.CD
Ikarus Trojan-Banker.Emotet
Fortinet W32/GenericKDZ.6889!tr
BitDefenderTheta Gen:NN.ZexaF.34138.Vq0@ai3fLMni
Panda Trj/GdSda.A
Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (4 个事件)
dead_host 172.217.24.14:443
dead_host 144.139.91.187:443
dead_host 216.58.200.46:443
dead_host 157.7.199.53:8080
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-07-21 23:19:55

Imports

Library KERNEL32.dll:
0x4541a0 GetStdHandle
0x4541a4 LCMapStringA
0x4541a8 LCMapStringW
0x4541b0 GetStringTypeA
0x4541b4 GetStringTypeW
0x4541b8 IsBadReadPtr
0x4541bc IsBadCodePtr
0x4541c0 SetHandleCount
0x4541c4 CompareStringA
0x4541c8 CompareStringW
0x4541d4 GetProfileStringA
0x4541d8 InterlockedExchange
0x4541ec IsBadWritePtr
0x4541f0 VirtualAlloc
0x4541f4 VirtualFree
0x4541f8 HeapCreate
0x4541fc HeapDestroy
0x454200 HeapSize
0x454204 HeapReAlloc
0x454208 GetFileType
0x45420c SetStdHandle
0x454210 GetACP
0x454214 GetLocalTime
0x454218 GetSystemTime
0x454220 RaiseException
0x454224 TerminateProcess
0x454228 ExitProcess
0x45422c GetCommandLineA
0x454230 GetStartupInfoA
0x454234 HeapAlloc
0x454238 HeapFree
0x45423c RtlUnwind
0x454240 SetErrorMode
0x454244 GetOEMCP
0x454250 GetFileSize
0x454254 GetShortPathNameA
0x454258 GetThreadLocale
0x45425c GetStringTypeExA
0x454264 FindFirstFileA
0x454268 FindClose
0x45426c MoveFileA
0x454270 SetEndOfFile
0x454274 UnlockFile
0x454278 LockFile
0x45427c FlushFileBuffers
0x454280 SetFilePointer
0x454284 WriteFile
0x454288 ReadFile
0x45428c CreateFileA
0x454290 DuplicateHandle
0x454294 GetProcessVersion
0x454298 TlsGetValue
0x45429c LocalReAlloc
0x4542a0 TlsSetValue
0x4542a8 GlobalReAlloc
0x4542b0 TlsFree
0x4542b4 GlobalHandle
0x4542bc TlsAlloc
0x4542c4 LocalAlloc
0x4542c8 GlobalFlags
0x4542cc ReleaseMutex
0x4542d0 CreateMutexA
0x4542d4 GetDiskFreeSpaceA
0x4542d8 GetFileTime
0x4542dc SetFileTime
0x4542e0 GetFullPathNameA
0x4542e4 GetTempFileNameA
0x4542e8 GetFileAttributesA
0x4542ec lstrcpynA
0x4542f0 GetLastError
0x4542f4 GlobalFree
0x454300 LocalFree
0x454304 lstrcatA
0x454308 GlobalGetAtomNameA
0x45430c GlobalFindAtomA
0x454310 lstrcpyA
0x454314 GetModuleHandleA
0x454318 SetLastError
0x454328 GlobalAddAtomA
0x45432c WideCharToMultiByte
0x454338 WaitForSingleObject
0x45433c GlobalAlloc
0x454340 GlobalDeleteAtom
0x454344 GetCurrentThread
0x454348 GetCurrentThreadId
0x45434c GlobalLock
0x454350 lstrcmpA
0x454354 GlobalUnlock
0x454358 SizeofResource
0x45435c GetCurrentProcess
0x454360 OpenFileMappingA
0x454364 CreateFileMappingA
0x454368 MapViewOfFile
0x45436c UnmapViewOfFile
0x454370 CloseHandle
0x454374 MultiByteToWideChar
0x454378 lstrcmpiA
0x45437c FindResourceA
0x454380 LoadResource
0x454384 LockResource
0x454388 GetCPInfo
0x45438c lstrlenW
0x454390 lstrlenA
0x454394 GetVersion
0x454398 GetVersionExA
0x45439c MulDiv
0x4543a0 GetModuleFileNameA
0x4543a4 DeleteFileA
0x4543a8 GetTickCount
0x4543ac LoadLibraryA
0x4543b0 FreeLibrary
0x4543b4 Sleep
0x4543b8 LoadLibraryExA
0x4543bc GetProcAddress
Library USER32.dll:
0x4543e8 SetScrollInfo
0x4543ec GetScrollInfo
0x4543f0 ScrollWindow
0x4543f4 DeferWindowPos
0x4543f8 EqualRect
0x4543fc SetActiveWindow
0x454400 MapWindowPoints
0x454404 GetWindowDC
0x454408 BeginPaint
0x45440c EndPaint
0x454414 EndDialog
0x454418 WindowFromPoint
0x45441c LoadAcceleratorsA
0x454424 DestroyMenu
0x454428 LoadMenuA
0x45442c ReuseDDElParam
0x454430 UnpackDDElParam
0x454434 BringWindowToTop
0x454438 IsZoomed
0x45443c SetCursorPos
0x454440 DestroyCursor
0x454444 FindWindowA
0x454448 InvertRect
0x45444c DrawMenuBar
0x454450 DefMDIChildProcA
0x454454 GetClassNameA
0x454458 CharUpperA
0x45445c LockWindowUpdate
0x454460 TrackPopupMenu
0x454464 SetWindowPlacement
0x454468 DefWindowProcA
0x45446c DestroyWindow
0x454470 CreateWindowExA
0x454474 SetPropA
0x454478 GetPropA
0x45447c CallWindowProcA
0x454480 RemovePropA
0x454484 GetMessageTime
0x454488 GetMessagePos
0x45448c GetForegroundWindow
0x454494 IntersectRect
0x454498 GetWindowPlacement
0x45449c AdjustWindowRectEx
0x4544a0 WaitMessage
0x4544a4 UnhookWindowsHookEx
0x4544a8 SetFocus
0x4544ac SetWindowPos
0x4544b0 MoveWindow
0x4544b4 SetWindowLongA
0x4544b8 GetDlgCtrlID
0x4544c0 GetWindowTextA
0x4544c4 IsDialogMessageA
0x4544c8 SetDlgItemTextA
0x4544cc SendDlgItemMessageA
0x4544d0 GetDlgItem
0x4544d4 LoadStringA
0x4544dc SetMenuItemBitmaps
0x4544e0 CheckMenuItem
0x4544e4 EnableMenuItem
0x4544e8 GetNextDlgTabItem
0x4544ec GetMessageA
0x4544f0 TranslateMessage
0x4544f4 ShowScrollBar
0x4544f8 GetActiveWindow
0x4544fc CallNextHookEx
0x454500 ValidateRect
0x454504 PeekMessageA
0x454508 SetWindowsHookExA
0x45450c IsWindowEnabled
0x454510 GetWindowLongA
0x454514 MessageBoxA
0x454518 SetCursor
0x45451c ShowOwnedPopups
0x454520 PostQuitMessage
0x454524 GetAsyncKeyState
0x454528 EnumChildWindows
0x45452c FrameRect
0x454530 IsWindow
0x454534 SetWindowRgn
0x454538 GetLastActivePopup
0x45453c IsIconic
0x454540 SetForegroundWindow
0x454544 SetMenuDefaultItem
0x454548 IsMenu
0x45454c SetRectEmpty
0x454550 DrawIcon
0x454554 LoadImageA
0x454558 GrayStringA
0x45455c TabbedTextOutA
0x454560 RemoveMenu
0x454564 LoadBitmapA
0x454568 GetMenuStringA
0x45456c CreateMenu
0x454570 CreatePopupMenu
0x454574 GetSubMenu
0x454578 GetMenuItemID
0x45457c GetMenuState
0x454580 ModifyMenuA
0x454584 GetMenuItemCount
0x454588 InsertMenuA
0x45458c GetSystemMetrics
0x454590 DrawTextA
0x454594 DrawIconEx
0x454598 DestroyIcon
0x45459c DrawEdge
0x4545a0 SetRect
0x4545a4 GetMenuItemInfoA
0x4545a8 PostMessageA
0x4545ac DeleteMenu
0x4545b0 AppendMenuA
0x4545b4 SetParent
0x4545b8 wsprintfA
0x4545bc GetDCEx
0x4545c0 ReleaseCapture
0x4545c4 SetCapture
0x4545c8 RedrawWindow
0x4545cc GetWindow
0x4545d0 GetClassLongA
0x4545d4 ClientToScreen
0x4545d8 GetParent
0x4545dc ShowWindow
0x4545e0 UnregisterClassA
0x4545e4 HideCaret
0x4545e8 ShowCaret
0x4545ec ExcludeUpdateRgn
0x4545f0 DrawFocusRect
0x4545f4 DefDlgProcA
0x4545f8 CharNextA
0x4545fc IsWindowUnicode
0x454600 SendMessageA
0x454604 GetSystemMenu
0x454608 BeginDeferWindowPos
0x45460c EndDeferWindowPos
0x454610 IsRectEmpty
0x454614 GetSysColorBrush
0x454618 LoadCursorA
0x45461c GetCursorPos
0x454620 GetKeyState
0x454624 OffsetRect
0x454628 CopyRect
0x45462c InflateRect
0x454634 GetFocus
0x454638 IsChild
0x45463c IsWindowVisible
0x454640 GetDesktopWindow
0x454644 GetScrollRange
0x454648 SetScrollRange
0x45464c GetScrollPos
0x454650 SetScrollPos
0x454654 GetTopWindow
0x454658 GetCapture
0x45465c WinHelpA
0x454660 GetClassInfoA
0x454664 DispatchMessageA
0x454668 RegisterClassA
0x45466c GetMenu
0x454670 SetMenu
0x454674 KillTimer
0x454678 GetWindowRect
0x45467c SetTimer
0x454680 ScreenToClient
0x454684 PtInRect
0x454688 EnableWindow
0x45468c InvalidateRect
0x454690 LoadIconA
0x454694 GetDC
0x454698 GetClientRect
0x45469c GetSysColor
0x4546a0 FillRect
0x4546a4 ReleaseDC
0x4546a8 UpdateWindow
0x4546ac SetWindowTextA
Library GDI32.dll:
0x454064 GetCurrentObject
0x454068 ExtCreateRegion
0x45406c GetDIBColorTable
0x454074 CreateBitmap
0x454078 GetClipBox
0x45407c SetTextColor
0x454080 SetBkColor
0x454088 StartDocA
0x45408c SaveDC
0x454090 RestoreDC
0x454094 GetStockObject
0x454098 SelectPalette
0x45409c SetBkMode
0x4540a0 SetMapMode
0x4540a4 SetViewportOrgEx
0x4540a8 OffsetViewportOrgEx
0x4540ac SetViewportExtEx
0x4540b0 ScaleViewportExtEx
0x4540b4 SetWindowOrgEx
0x4540b8 OffsetWindowOrgEx
0x4540bc SetWindowExtEx
0x4540c0 ScaleWindowExtEx
0x4540c4 SelectClipRgn
0x4540c8 ExcludeClipRect
0x4540cc IntersectClipRect
0x4540d0 MoveToEx
0x4540d4 LineTo
0x4540d8 SetTextAlign
0x4540dc GetTextMetricsA
0x4540e0 CreateRectRgn
0x4540e4 CreatePatternBrush
0x4540e8 AbortDoc
0x4540ec EndDoc
0x4540f0 EndPage
0x4540f4 StartPage
0x4540f8 DPtoLP
0x4540fc SetAbortProc
0x454100 CreateDCA
0x454104 StretchDIBits
0x454108 GetCharWidthA
0x45410c CreateFontA
0x454110 LPtoDP
0x454114 SetRectRgn
0x454118 CombineRgn
0x45411c CreatePalette
0x454120 RealizePalette
0x454124 CreateHatchBrush
0x454128 Rectangle
0x45412c Escape
0x454130 TextOutA
0x454134 RectVisible
0x454138 PtVisible
0x45413c GetPixel
0x454140 SetPixel
0x454144 CreateDIBSection
0x454148 SelectObject
0x45414c DeleteObject
0x454150 DeleteDC
0x454154 Ellipse
0x454160 CreateSolidBrush
0x454164 CreatePen
0x454168 GetBkMode
0x45416c PatBlt
0x454174 BitBlt
0x454178 GetTextColor
0x45417c GetDeviceCaps
0x454180 GetObjectA
0x454184 CreateFontIndirectA
0x454188 ExtTextOutA
0x45418c CreateCompatibleDC
0x454190 CreateDIBitmap
0x454194 GetTextExtentPointA
0x454198 EnumFontFamiliesA
Library comdlg32.dll:
0x45471c PrintDlgA
0x454720 GetSaveFileNameA
0x454724 GetOpenFileNameA
0x454728 GetFileTitleA
Library WINSPOOL.DRV:
0x4546b4 ClosePrinter
0x4546b8 DocumentPropertiesA
0x4546bc OpenPrinterA
Library ADVAPI32.dll:
0x454000 RegQueryValueExA
0x454004 RegOpenKeyExA
0x454008 RegQueryValueA
0x45400c RegEnumKeyA
0x454010 RegOpenKeyA
0x454014 RegDeleteKeyA
0x454018 RegCreateKeyExA
0x45401c RegSetValueExA
0x454020 RegDeleteValueA
0x454024 SetFileSecurityA
0x454028 GetFileSecurityA
0x45402c RegCreateKeyA
0x454030 RegSetValueA
0x454034 RegCloseKey
Library SHELL32.dll:
0x4543c4 ExtractIconA
0x4543c8 DragQueryFileA
0x4543cc DragFinish
0x4543d0 SHGetMalloc
0x4543d4 Shell_NotifyIconA
0x4543e0 SHGetFileInfoA
Library COMCTL32.dll:
0x454040 ImageList_Draw
0x454048 ImageList_GetIcon
0x45404c ImageList_AddMasked
0x454054
0x454058 ImageList_Destroy
0x45405c ImageList_Create
Library ole32.dll:
0x454734 CoCreateInstance
0x454738 CoUninitialize
0x45473c CoInitialize
Library WSOCK32.dll:
0x4546c4 gethostname
0x4546c8 inet_addr
0x4546cc WSACleanup
0x4546d0 WSAStartup
0x4546d4 WSASetLastError
0x4546d8 WSAGetLastError
0x4546dc accept
0x4546e0 gethostbyname
0x4546e4 bind
0x4546e8 htons
0x4546ec htonl
0x4546f0 closesocket
0x4546f4 recv
0x4546f8 send
0x4546fc WSAAsyncSelect
0x454700 inet_ntoa
0x454704 socket
0x454708 recvfrom
0x45470c sendto
0x454710 connect
0x454714 ioctlsocket

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 49235 114.114.114.114 53
192.168.56.101 51378 114.114.114.114 53
192.168.56.101 54178 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 60123 114.114.114.114 53
192.168.56.101 63429 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49713 224.0.0.252 5355
192.168.56.101 50568 224.0.0.252 5355
192.168.56.101 53210 224.0.0.252 5355
192.168.56.101 53237 224.0.0.252 5355
192.168.56.101 53657 224.0.0.252 5355
192.168.56.101 55368 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 58367 224.0.0.252 5355
192.168.56.101 60221 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.