6.6
高危
53 个模型检测该样本为恶意!
重新分析
更多

a521bd7e14bd3f373c03a13487b5ec4156c9b59bcf7751db5b6fded58d4825d3

9b878d9209ed90815bc3bc06a842dd4c.exe

分析耗时

81s

最近分析

文件大小

2.7MB
静态报毒 动态报毒 AI SCORE=87 ARTEMIS ATTRIBUTE CLOUD CONFIDENCE EKCN EMOZ FALSESIGN GDSDA GENERICKD HIGH CONFIDENCE HIGHCONFIDENCE HNBXCO HVSX INVALIDSIG JTYJZ KRYPTIK NETWIREDRC R011C0RG820 SCORE SIGGEN9 SUSPICIOUS PE TROJANX TUQL UNSAFE YMACCO 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
Alibaba Backdoor:Win32/Injector.1133056d 20190527 0.3.0.5
CrowdStrike win/malicious_confidence_70% (W) 20190702 1.0
Baidu 20190318 1.0.0.2
Avast Win32:TrojanX-gen [Trj] 20200819 18.4.3895.0
Tencent Win32.Trojan.Falsesign.Hvsx 20200820 1.0.0.1
Kingsoft 20200820 2013.8.14.323
McAfee Artemis!9B878D9209ED 20200820 6.0.6.653
静态指标
This executable is signed
The executable contains unknown PE section names indicative of a packer (could be a false positive) (3 个事件)
section CODE
section DATA
section BSS
The executable uses a known packer (1 个事件)
packer BobSoft Mini Delphi -> BoB / BobSoft
One or more processes crashed (1 个事件)
Time & API Arguments Status Return Repeated
1619790500.62775
__exception__
stacktrace: 
0x909562
DriverCallback+0x4e waveOutOpen-0xa2e winmm+0x3af0 @ 0x750c3af0
timeEndPeriod+0x54a timeKillEvent-0x57 winmm+0xa535 @ 0x750ca535
timeEndPeriod+0x449 timeKillEvent-0x158 winmm+0xa434 @ 0x750ca434
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 55966748
registers.edi: 55966792
registers.eax: 0
registers.ebp: 55967344
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 4294967294
exception.instruction_r: 8b 40 3c 99 03 04 24 13 54 24 04 83 c4 08 89 44
exception.instruction: mov eax, dword ptr [eax + 0x3c]
exception.exception_code: 0xc0000005
exception.symbol:
exception.address: 0x908c2c
success 0 0
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1619790450.86175
NtAllocateVirtualMemory
process_identifier: 1432
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00380000
success 0 0
Downloads a file or document from Google Drive (1 个事件)
domain drive.google.com
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1619790468.36175
GetAdaptersAddresses
flags: 0
family: 0
failed 111 0
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
Disables proxy possibly for traffic interception (1 个事件)
Time & API Arguments Status Return Repeated
1619790467.45575
RegSetValueExA
key_handle: 0x000002c0
value: 0
regkey_r: ProxyEnable
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
success 0 0
Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)
Time & API Arguments Status Return Repeated
1619790470.93975
RegSetValueExA
key_handle: 0x000003b0
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1619790470.93975
RegSetValueExA
key_handle: 0x000003b0
value: àœÛS’=×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1619790470.93975
RegSetValueExA
key_handle: 0x000003b0
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1619790470.93975
RegSetValueExW
key_handle: 0x000003b0
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1619790470.93975
RegSetValueExA
key_handle: 0x000003cc
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1619790470.93975
RegSetValueExA
key_handle: 0x000003cc
value: àœÛS’=×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1619790470.93975
RegSetValueExA
key_handle: 0x000003cc
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
1619790470.98675
RegSetValueExW
key_handle: 0x000003ac
value: {40112ABE-63B3-43C3-BE93-1440EE3AF106}
regkey_r: WpadLastNetwork
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
success 0 0
Network activity contains more than one unique useragent (2 个事件)
process 9b878d9209ed90815bc3bc06a842dd4c.exe useragent Internal
process 9b878d9209ed90815bc3bc06a842dd4c.exe useragent CODE
Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually) (1 个事件)
dead_host 66.220.155.14:443
File has been identified by 53 AntiVirus engines on VirusTotal as malicious (50 out of 53 个事件)
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.43451788
FireEye Generic.mg.9b878d9209ed9081
ALYac Trojan.GenericKD.43451788
Cylance Unsafe
VIPRE Trojan.Win32.Generic!BT
Sangfor Malware
K7AntiVirus Trojan ( 0056a3501 )
Alibaba Backdoor:Win32/Injector.1133056d
K7GW Trojan ( 0056a3501 )
CrowdStrike win/malicious_confidence_70% (W)
TrendMicro TROJ_GEN.R011C0RG820
Symantec ML.Attribute.HighConfidence
APEX Malicious
Paloalto generic.ml
ClamAV Win.Trojan.Netwiredrc-8698209-0
GData Trojan.GenericKD.43451788
Kaspersky HEUR:Backdoor.Win32.NetWiredRC.gen
BitDefender Trojan.GenericKD.43451788
NANO-Antivirus Trojan.Win32.NetWiredRC.hnbxco
Avast Win32:TrojanX-gen [Trj]
Tencent Win32.Trojan.Falsesign.Hvsx
Ad-Aware Trojan.GenericKD.43451788
F-Secure Trojan.TR/Injector.jtyjz
DrWeb Trojan.Siggen9.57257
Zillya Trojan.Injector.Win32.748655
Sophos Mal/Agent-ATI
Ikarus Trojan.Agent
Cyren W32/Trojan.TUQL-3561
Jiangmin Backdoor.NetWiredRC.bnx
Webroot W32.Trojan.Gen
Avira TR/Injector.jtyjz
eGambit PE.Heur.InvalidSig
Antiy-AVL Trojan[Backdoor]/Win32.NetWiredRC
Arcabit Trojan.Generic.D297058C
ZoneAlarm HEUR:Backdoor.Win32.NetWiredRC.gen
Microsoft Trojan:Win32/Ymacco.AAA5
Cynet Malicious (score: 85)
AhnLab-V3 Trojan/Win32.Kryptik.C4159345
McAfee Artemis!9B878D9209ED
MAX malware (ai score=87)
VBA32 Backdoor.NetWiredRC
Malwarebytes Trojan.MalPack.DLF
ESET-NOD32 a variant of Win32/Injector.EMOZ
TrendMicro-HouseCall TROJ_GEN.R011C0RG820
Rising Trojan.Kryptik!1.C56D (CLOUD)
SentinelOne DFI - Suspicious PE
Fortinet W32/Injector.EKCN!tr
BitDefenderTheta AI:Packer.2A892A8321
AVG Win32:TrojanX-gen [Trj]
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

1992-06-20 06:22:17

Imports

Library kernel32.dll:
0x487178 VirtualFree
0x48717c VirtualAlloc
0x487180 LocalFree
0x487184 LocalAlloc
0x487188 GetTickCount
0x487190 GetVersion
0x487194 GetCurrentThreadId
0x4871a0 VirtualQuery
0x4871a4 WideCharToMultiByte
0x4871a8 MultiByteToWideChar
0x4871ac lstrlenA
0x4871b0 lstrcpynA
0x4871b4 LoadLibraryExA
0x4871b8 GetThreadLocale
0x4871bc GetStartupInfoA
0x4871c0 GetProcAddress
0x4871c4 GetModuleHandleA
0x4871c8 GetModuleFileNameA
0x4871cc GetLocaleInfoA
0x4871d0 GetCommandLineA
0x4871d4 FreeLibrary
0x4871d8 FindFirstFileA
0x4871dc FindClose
0x4871e0 ExitProcess
0x4871e4 WriteFile
0x4871ec RtlUnwind
0x4871f0 RaiseException
0x4871f4 GetStdHandle
Library user32.dll:
0x4871fc GetKeyboardType
0x487200 LoadStringA
0x487204 MessageBoxA
0x487208 CharNextA
Library advapi32.dll:
0x487210 RegQueryValueExA
0x487214 RegOpenKeyExA
0x487218 RegCloseKey
Library oleaut32.dll:
0x487220 SysFreeString
0x487224 SysReAllocStringLen
0x487228 SysAllocStringLen
Library kernel32.dll:
0x487230 TlsSetValue
0x487234 TlsGetValue
0x487238 LocalAlloc
0x48723c GetModuleHandleA
Library advapi32.dll:
0x487244 RegSetValueExA
0x487248 RegQueryValueExA
0x48724c RegOpenKeyExA
0x487250 RegFlushKey
0x487254 RegDeleteValueA
0x487258 RegCreateKeyExA
0x48725c RegCloseKey
Library kernel32.dll:
0x487264 lstrcpyA
0x487268 lstrcmpA
0x48726c WriteFile
0x487270 WaitForSingleObject
0x487274 VirtualQuery
0x487278 VirtualProtect
0x48727c VirtualAlloc
0x487280 Sleep
0x487284 SizeofResource
0x487288 SetThreadLocale
0x48728c SetFilePointer
0x487290 SetEvent
0x487294 SetErrorMode
0x487298 SetEndOfFile
0x48729c ResetEvent
0x4872a0 ReadFile
0x4872a4 MulDiv
0x4872a8 LockResource
0x4872ac LoadResource
0x4872b0 LoadLibraryA
0x4872bc GlobalUnlock
0x4872c0 GlobalReAlloc
0x4872c4 GlobalHandle
0x4872c8 GlobalLock
0x4872cc GlobalFree
0x4872d0 GlobalFindAtomA
0x4872d4 GlobalDeleteAtom
0x4872d8 GlobalAlloc
0x4872dc GlobalAddAtomA
0x4872e0 GetVersionExA
0x4872e4 GetVersion
0x4872e8 GetTickCount
0x4872ec GetThreadLocale
0x4872f0 GetSystemInfo
0x4872f4 GetStringTypeExA
0x4872f8 GetStdHandle
0x4872fc GetProcAddress
0x487300 GetModuleHandleA
0x487304 GetModuleFileNameA
0x487308 GetLocaleInfoA
0x48730c GetLocalTime
0x487310 GetLastError
0x487314 GetFullPathNameA
0x487318 GetDiskFreeSpaceA
0x48731c GetDateFormatA
0x487320 GetCurrentThreadId
0x487324 GetCurrentProcessId
0x487328 GetCPInfo
0x48732c GetACP
0x487330 FreeResource
0x487334 InterlockedExchange
0x487338 FreeLibrary
0x48733c FormatMessageA
0x487340 FindResourceA
0x487344 FindFirstFileA
0x487348 FindClose
0x487354 EnumCalendarInfoA
0x487360 CreateThread
0x487364 CreateMutexA
0x487368 CreateFileA
0x48736c CreateEventA
0x487370 CompareStringA
0x487374 CloseHandle
Library version.dll:
0x48737c VerQueryValueA
0x487384 GetFileVersionInfoA
Library gdi32.dll:
0x48738c UnrealizeObject
0x487390 StretchBlt
0x487394 SetWindowOrgEx
0x487398 SetWinMetaFileBits
0x48739c SetViewportOrgEx
0x4873a0 SetTextColor
0x4873a4 SetStretchBltMode
0x4873a8 SetROP2
0x4873ac SetPixel
0x4873b0 SetEnhMetaFileBits
0x4873b4 SetDIBColorTable
0x4873b8 SetBrushOrgEx
0x4873bc SetBkMode
0x4873c0 SetBkColor
0x4873c4 SelectPalette
0x4873c8 SelectObject
0x4873cc SaveDC
0x4873d0 RestoreDC
0x4873d4 Rectangle
0x4873d8 RectVisible
0x4873dc RealizePalette
0x4873e0 Polyline
0x4873e4 PlayEnhMetaFile
0x4873e8 PatBlt
0x4873ec MoveToEx
0x4873f0 MaskBlt
0x4873f4 LineTo
0x4873f8 IntersectClipRect
0x4873fc GetWindowOrgEx
0x487400 GetWinMetaFileBits
0x487404 GetTextMetricsA
0x487408 GetTextExtentPointA
0x487414 GetStockObject
0x487418 GetPixel
0x48741c GetPaletteEntries
0x487420 GetObjectA
0x48742c GetEnhMetaFileBits
0x487430 GetDeviceCaps
0x487434 GetDIBits
0x487438 GetDIBColorTable
0x48743c GetDCOrgEx
0x487444 GetClipBox
0x487448 GetBrushOrgEx
0x48744c GetBitmapBits
0x487450 ExtTextOutA
0x487454 ExcludeClipRect
0x487458 DeleteObject
0x48745c DeleteEnhMetaFile
0x487460 DeleteDC
0x487464 CreateSolidBrush
0x487468 CreatePenIndirect
0x48746c CreatePalette
0x487474 CreateFontIndirectA
0x487478 CreateDIBitmap
0x48747c CreateDIBSection
0x487480 CreateCompatibleDC
0x487488 CreateBrushIndirect
0x48748c CreateBitmap
0x487490 CopyEnhMetaFileA
0x487494 BitBlt
Library user32.dll:
0x48749c CreateWindowExA
0x4874a0 WindowFromPoint
0x4874a4 WinHelpA
0x4874a8 WaitMessage
0x4874ac UpdateWindow
0x4874b0 UnregisterClassA
0x4874b4 UnhookWindowsHookEx
0x4874b8 TranslateMessage
0x4874c0 TrackPopupMenu
0x4874c8 ShowWindow
0x4874cc ShowScrollBar
0x4874d0 ShowOwnedPopups
0x4874d4 ShowCursor
0x4874d8 SetWindowsHookExA
0x4874dc SetWindowTextA
0x4874e0 SetWindowPos
0x4874e4 SetWindowPlacement
0x4874e8 SetWindowLongA
0x4874ec SetTimer
0x4874f0 SetScrollRange
0x4874f4 SetScrollPos
0x4874f8 SetScrollInfo
0x4874fc SetRect
0x487500 SetPropA
0x487504 SetParent
0x487508 SetMenuItemInfoA
0x48750c SetMenu
0x487510 SetForegroundWindow
0x487514 SetFocus
0x487518 SetCursor
0x48751c SetClipboardData
0x487520 SetClassLongA
0x487524 SetCapture
0x487528 SetActiveWindow
0x48752c SendMessageA
0x487530 ScrollWindow
0x487534 ScreenToClient
0x487538 RemovePropA
0x48753c RemoveMenu
0x487540 ReleaseDC
0x487544 ReleaseCapture
0x487550 RegisterClassA
0x487554 RedrawWindow
0x487558 PtInRect
0x48755c PostQuitMessage
0x487560 PostMessageA
0x487564 PeekMessageA
0x487568 OpenClipboard
0x48756c OffsetRect
0x487570 OemToCharA
0x487574 MessageBoxA
0x487578 MessageBeep
0x48757c MapWindowPoints
0x487580 MapVirtualKeyA
0x487584 LoadStringA
0x487588 LoadKeyboardLayoutA
0x48758c LoadIconA
0x487590 LoadCursorA
0x487594 LoadBitmapA
0x487598 KillTimer
0x48759c IsZoomed
0x4875a0 IsWindowVisible
0x4875a4 IsWindowEnabled
0x4875a8 IsWindow
0x4875ac IsRectEmpty
0x4875b0 IsIconic
0x4875b4 IsDialogMessageA
0x4875b8 IsChild
0x4875bc InvalidateRect
0x4875c0 IntersectRect
0x4875c4 InsertMenuItemA
0x4875c8 InsertMenuA
0x4875cc InflateRect
0x4875d4 GetWindowTextA
0x4875d8 GetWindowRect
0x4875dc GetWindowPlacement
0x4875e0 GetWindowLongA
0x4875e4 GetWindowDC
0x4875e8 GetTopWindow
0x4875ec GetSystemMetrics
0x4875f0 GetSystemMenu
0x4875f4 GetSysColorBrush
0x4875f8 GetSysColor
0x4875fc GetSubMenu
0x487600 GetScrollRange
0x487604 GetScrollPos
0x487608 GetScrollInfo
0x48760c GetPropA
0x487610 GetParent
0x487614 GetWindow
0x487618 GetMessagePos
0x48761c GetMenuStringA
0x487620 GetMenuState
0x487624 GetMenuItemInfoA
0x487628 GetMenuItemID
0x48762c GetMenuItemCount
0x487630 GetMenu
0x487634 GetLastActivePopup
0x487638 GetKeyboardState
0x487640 GetKeyboardLayout
0x487644 GetKeyState
0x487648 GetKeyNameTextA
0x48764c GetIconInfo
0x487650 GetForegroundWindow
0x487654 GetFocus
0x487658 GetDlgItem
0x48765c GetDesktopWindow
0x487660 GetDCEx
0x487664 GetDC
0x487668 GetCursorPos
0x48766c GetCursor
0x487670 GetClipboardData
0x487674 GetClientRect
0x487678 GetClassNameA
0x48767c GetClassInfoA
0x487680 GetCapture
0x487684 GetActiveWindow
0x487688 FrameRect
0x48768c FindWindowA
0x487690 FillRect
0x487694 EqualRect
0x487698 EnumWindows
0x48769c EnumThreadWindows
0x4876a0 EndPaint
0x4876a4 EnableWindow
0x4876a8 EnableScrollBar
0x4876ac EnableMenuItem
0x4876b0 EmptyClipboard
0x4876b4 DrawTextA
0x4876b8 DrawMenuBar
0x4876bc DrawIconEx
0x4876c0 DrawIcon
0x4876c4 DrawFrameControl
0x4876c8 DrawFocusRect
0x4876cc DrawEdge
0x4876d0 DispatchMessageA
0x4876d4 DestroyWindow
0x4876d8 DestroyMenu
0x4876dc DestroyIcon
0x4876e0 DestroyCursor
0x4876e4 DeleteMenu
0x4876e8 DefWindowProcA
0x4876ec DefMDIChildProcA
0x4876f0 DefFrameProcA
0x4876f4 CreatePopupMenu
0x4876f8 CreateMenu
0x4876fc CreateIcon
0x487700 CloseClipboard
0x487704 ClientToScreen
0x48770c CheckMenuItem
0x487710 CallWindowProcA
0x487714 CallNextHookEx
0x487718 BeginPaint
0x48771c CharNextA
0x487720 CharLowerBuffA
0x487724 CharLowerA
0x487728 CharUpperBuffA
0x48772c CharToOemA
0x487730 AdjustWindowRectEx
Library kernel32.dll:
0x48773c Sleep
Library oleaut32.dll:
0x487744 SafeArrayPtrOfIndex
0x487748 SafeArrayGetUBound
0x48774c SafeArrayGetLBound
0x487750 SafeArrayCreate
0x487754 VariantChangeType
0x487758 VariantCopy
0x48775c VariantClear
0x487760 VariantInit
Library ole32.dll:
0x487768 CoTaskMemAlloc
0x48776c CoCreateInstance
0x487770 CoUninitialize
0x487774 CoInitialize
Library comctl32.dll:
0x487784 ImageList_Write
0x487788 ImageList_Read
0x487798 ImageList_DragMove
0x48779c ImageList_DragLeave
0x4877a0 ImageList_DragEnter
0x4877a4 ImageList_EndDrag
0x4877a8 ImageList_BeginDrag
0x4877ac ImageList_Remove
0x4877b0 ImageList_DrawEx
0x4877b4 ImageList_Draw
0x4877c4 ImageList_Add
0x4877d0 ImageList_Destroy
0x4877d4 ImageList_Create
0x4877d8 InitCommonControls
Library shell32.dll:
0x4877e0 Shell_NotifyIconA
0x4877e4 ShellExecuteA
Library comdlg32.dll:
0x4877ec GetSaveFileNameA
0x4877f0 GetOpenFileNameA
Library advapi32.dll:
0x4877f8 QueryServiceStatus
0x4877fc OpenServiceA
0x487800 OpenSCManagerA
0x487804 CloseServiceHandle

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 49713 114.114.114.114 53
192.168.56.101 50002 114.114.114.114 53
192.168.56.101 53237 114.114.114.114 53
192.168.56.101 57756 114.114.114.114 53
192.168.56.101 58367 114.114.114.114 53
192.168.56.101 61680 114.114.114.114 53
192.168.56.101 62318 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 50534 224.0.0.252 5355
192.168.56.101 50568 224.0.0.252 5355
192.168.56.101 51963 224.0.0.252 5355
192.168.56.101 53657 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 57874 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 63429 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.