SmartHawk

7.6

高危

56 个模型检测该样本为恶意！

重新分析

下载样本

79836672aba325f95a33b0cab19f2dbc91da282641de7495264c63ae5adb1ee6

a40a82a17383203776d082c486d41e25.exe

分析耗时

131s

最近分析

文件大小

318.5KB

静态报毒动态报毒 100% AI SCORE=85 AIDETECTVM CLASSIC CONFIDENCE ELDORADO EMOTET EVYR GDFY GENCIRC HIGH CONFIDENCE HUBWPC KRYPTIK MALWARE1 MALWARE@#ZZTCWSU86ZP7 R + TROJ R350263 SCORE SUSGEN TFDIN THJOEBO TRX9 TUW@AOGQZPPO UNSAFE ZEXAF 更多

未检测暂无鹰眼引擎检测结果

查杀引擎	查杀结果	查杀时间	查杀版本
Alibaba	Trojan:Win32/Emotet.13890ddf	20190527	0.3.0.5
CrowdStrike	win/malicious_confidence_100% (W)	20190702	1.0
Baidu		20190318	1.0.0.2
Avast	Win32:Malware-gen	20201211	21.1.5827.0
McAfee	Emotet-FRI!A40A82A17383	20201211	6.0.6.653
Tencent	Malware.Win32.Gencirc.10cdfd72	20201211	1.0.0.1

Queries for the computername (1 个事件)

Time & API	Arguments	Status	Return	Repeated
1619805155.253999 GetComputerNameA	computer_name: OSKAR-PC	success	1	0

Uses Windows APIs to generate a cryptographic key (5 个事件)

Time & API	Arguments	Status	Return
1619805144.924999 CryptGenKey	crypto_handle: 0x0057f540 algorithm_identifier: 0x0000660e () provider_handle: 0x0057e950 flags: 1 key: f¢Û![`wøãìýç cÉB	success	1
1619805155.362999 CryptExportKey	crypto_handle: 0x0057f540 crypto_export_handle: 0x0057ea28 buffer: f¤¡rDRWùq}`Ój£h Ys"þ¨V5µõj?aòU¼G¥3îºà>5'»³$åÜ{^'ÇÆí´ÁÛ3ñ`T¿z{F blob_type: 1 flags: 64	success	1
1619805183.018999 CryptExportKey	crypto_handle: 0x0057f540 crypto_export_handle: 0x0057ea28 buffer: f¤BÔ¾¨õßßà æéPHY»8J75ë®ÃôPõWé½æð©%ÍáQÇþ#ÑXhû]æÌíÙ¯ØêËTSâï;.S9!Û¿C: úµm·¼öèY%~Ýõ( blob_type: 1 flags: 64	success	1
1619805187.018999 CryptExportKey	crypto_handle: 0x0057f540 crypto_export_handle: 0x0057ea28 buffer: f¤as$÷Zúj¬6ÖPÃDZ_X&î.6/ÈFs@<àÞ©J\>´¹&kjTòëp öÝC(~ã¦7ü÷Û¢wÑÓ ð:.ZÍó°]½/Óè»É blob_type: 1 flags: 64	success	1
1619805190.737999 CryptExportKey	crypto_handle: 0x0057f540 crypto_export_handle: 0x0057ea28 buffer: f¤Î%Kî=8 ÅFüß5ÿzH`ç\¸6ÁO7ß%`ôC^7ìmÉ}LÜ:ö-88¢r< V2Knb 2ckÀOÎ-´úx¹AÃaCM°½×p blob_type: 1 flags: 64	success	1

HTTP traffic contains suspicious features which may be indicative of malware related traffic (1 个事件)

suspicious_features

POST method with no referer header

suspicious_request

POST https://update.googleapis.com/service/update2?cup2key=10:4077305647&cup2hreq=1315ee83e87b779d15e408469cfb38a8057c570c264fa1554816c95c288d9cfe

Performs some HTTP requests (4 个事件)

request	HEAD http://redirector.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe
request	HEAD http://r1---sn-j5o7dn7e.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?cms_redirect=yes&mh=ms&mip=202.100.214.100&mm=28&mn=sn-j5o7dn7e&ms=nvh&mt=1619776097&mv=m&mvi=1&pl=23&shardbypass=yes
request	HEAD http://r3---sn-j5o7dn7e.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?mh=ms&mvi=3&pl=17&shardbypass=yes&redirect_counter=1&rm=sn-j5ok7e&req_id=9188e89a3b12f413&cms_redirect=yes&ipbypass=yes&mip=59.50.85.19&mm=28&mn=sn-j5o7dn7e&ms=nvh&mt=1619776097&mv=m
request	POST https://update.googleapis.com/service/update2?cup2key=10:4077305647&cup2hreq=1315ee83e87b779d15e408469cfb38a8057c570c264fa1554816c95c288d9cfe

Sends data using the HTTP POST Method (1 个事件)

request

POST https://update.googleapis.com/service/update2?cup2key=10:4077305647&cup2hreq=1315ee83e87b779d15e408469cfb38a8057c570c264fa1554816c95c288d9cfe

Allocates read-write-execute memory (usually to unpack itself) (1 个事件)

Time & API	Arguments	Status	Return	Repeated
1619805143.003999 NtAllocateVirtualMemory	process_identifier: 2268 region_size: 36864 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 12289 (MEM_COMMIT\|MEM_RESERVE) base_address: 0x004e0000	success	0	0

Searches running processes potentially to identify processes for sandbox evasion, code injection or memory dumping (2 个事件)

Time & API	Arguments	Status	Return	Repeated
1619805155.362999 Process32NextW	process_name: mscorsvw.exe snapshot_handle: 0x0000011c process_identifier: 428	success	1	0
1619805155.362999 Process32NextW	process_name: GoogleUpdate.exe snapshot_handle: 0x0000011c process_identifier: 524	success	1	0

Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)

Time & API	Arguments	Status	Return	Repeated
1619805156.862999 GetAdaptersAddresses	flags: 0 family: 0	failed	111	0

Expresses interest in specific running processes (1 个事件)

process

a40a82a17383203776d082c486d41e25.exe

Reads the systems User Agent and subsequently performs requests (1 个事件)

Time & API	Arguments	Status	Return	Repeated
1619805156.049999 InternetOpenW	proxy_bypass: access_type: 0 proxy_name: flags: 0 user_agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)	success	13369348	0

Communicates with host for which no DNS query was performed (5 个事件)

host	140.186.212.146
host	142.44.137.67
host	162.241.242.173
host	172.217.24.14
host	85.214.28.226

Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)

Time & API	Arguments	Status
1619805159.518999 RegSetValueExA	key_handle: 0x00000378 value: 1 regkey_r: WpadDecisionReason reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason	success
1619805159.534999 RegSetValueExA	key_handle: 0x00000378 value: ð¬R·=× regkey_r: WpadDecisionTime reg_type: 3 (REG_BINARY) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime	success
1619805159.534999 RegSetValueExA	key_handle: 0x00000378 value: 3 regkey_r: WpadDecision reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision	success
1619805159.534999 RegSetValueExW	key_handle: 0x00000378 value: 网络 2 regkey_r: WpadNetworkName reg_type: 1 (REG_SZ) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName	success
1619805159.534999 RegSetValueExA	key_handle: 0x00000390 value: 1 regkey_r: WpadDecisionReason reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason	success
1619805159.534999 RegSetValueExA	key_handle: 0x00000390 value: ð¬R·=× regkey_r: WpadDecisionTime reg_type: 3 (REG_BINARY) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime	success
1619805159.534999 RegSetValueExA	key_handle: 0x00000390 value: 3 regkey_r: WpadDecision reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision	success
1619805159.549999 RegSetValueExW	key_handle: 0x00000374 value: {40112ABE-63B3-43C3-BE93-1440EE3AF106} regkey_r: WpadLastNetwork reg_type: 1 (REG_SZ) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork	success

File has been identified by 56 AntiVirus engines on VirusTotal as malicious (50 out of 56 个事件)

Bkav	W32.AIDetectVM.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.Agent.EVYR
FireEye	Trojan.Agent.EVYR
ALYac	Trojan.Agent.Emotet
Cylance	Unsafe
Zillya	Trojan.Emotet.Win32.28371
Sangfor	Malware
K7AntiVirus	Riskware ( 0040eff71 )
Alibaba	Trojan:Win32/Emotet.13890ddf
K7GW	Riskware ( 0040eff71 )
CrowdStrike	win/malicious_confidence_100% (W)
Arcabit	Trojan.Agent.EVYR
Cyren	W32/Emotet.ARX.gen!Eldorado
Symantec	Trojan.Emotet
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Keylogger.Emotet-9752343-0
Kaspersky	Trojan-Banker.Win32.Emotet.gdfy
BitDefender	Trojan.Agent.EVYR
NANO-Antivirus	Trojan.Win32.Emotet.hubwpc
Paloalto	generic.ml
AegisLab	Trojan.Win32.Emotet.trx9
Rising	Trojan.Kryptik!1.CBC2 (CLASSIC)
Ad-Aware	Trojan.Agent.EVYR
TACHYON	Banker/W32.Emotet.326144
Sophos	Mal/Generic-R + Troj/Emotet-CMX
Comodo	Malware@#zztcwsu86zp7
F-Secure	Trojan.TR/Emotet.tfdin
DrWeb	Trojan.Emotet.1013
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TrojanSpy.Win32.EMOTET.THJOEBO
McAfee-GW-Edition	Emotet-FRI!A40A82A17383
Emsisoft	Trojan.Emotet (A)
Jiangmin	Trojan.Banker.Emotet.ohc
Avira	TR/Emotet.tfdin
Antiy-AVL	Trojan[Banker]/Win32.Emotet
Gridinsoft	Trojan.Win32.Emotet.oa
Microsoft	Trojan:Win32/Emotet.ARJ!MTB
ZoneAlarm	Trojan-Banker.Win32.Emotet.gdfy
GData	Trojan.Agent.EVYR
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Emotet.R350263
McAfee	Emotet-FRI!A40A82A17383
MAX	malware (ai score=85)
Malwarebytes	Trojan.MalPack.TRE
ESET-NOD32	Win32/Emotet.CD
TrendMicro-HouseCall	TrojanSpy.Win32.EMOTET.THJOEBO
Tencent	Malware.Win32.Gencirc.10cdfd72
Ikarus	Trojan-Banker.Emotet

Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (6 个事件)

dead_host	172.217.160.110:443
dead_host	140.186.212.146:80
dead_host	172.217.24.14:443
dead_host	162.241.242.173:8080
dead_host	85.214.28.226:8080
dead_host	192.168.56.101:49183

暂无二进制图像该样本未生成二进制可视化图像

暂无运行截图该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手，可以帮您分析和解读恶意软件报告。请随时向我提问！

🔍 主要威胁分析

⚡ 行为特征

🛡️ 防护建议

🔧 技术手段

🎯 检测方法

🤖

Static Analysis
Strings

PE Compile Time

2020-09-03 03:41:11

Imports

Library KERNEL32.dll:

• 0x403020 UnhandledExceptionFilter

• 0x403024 GetCurrentProcess

• 0x403028 TerminateProcess

• 0x40302c SetUnhandledExceptionFilter

• 0x403030 InterlockedCompareExchange

• 0x403034 Sleep

• 0x403038 InterlockedExchange

• 0x40303c GetSystemTimeAsFileTime

• 0x403040 IsDebuggerPresent

• 0x403044 QueryPerformanceCounter

• 0x403048 GetTickCount

• 0x40304c GetCurrentThreadId

• 0x403050 GetCurrentProcessId

• 0x403054 GetStartupInfoA

• 0x403058 LoadLibraryExA

Library USER32.dll:

• 0x403120 GetClientRect

• 0x403124 PostQuitMessage

• 0x403128 DispatchMessageA

• 0x40312c TranslateMessage

• 0x403130 GetMessageA

• 0x403134 UpdateWindow

• 0x403138 CreateWindowExA

• 0x40313c RegisterClassA

• 0x403140 LoadCursorA

• 0x403144 BeginPaint

• 0x403148 GetSysColor

• 0x40314c EndPaint

• 0x403150 DefWindowProcA

• 0x403154 SendMessageA

• 0x403158 DialogBoxParamA

• 0x40315c SetTimer

• 0x403160 EndDialog

• 0x403164 KillTimer

• 0x403168 MessageBoxA

• 0x40316c SetWindowTextA

• 0x403170 ShowWindow

• 0x403174 InvalidateRect

• 0x403178 LoadIconA

Library GDI32.dll:

• 0x403000 CreateSolidBrush

• 0x403004 CreatePen

• 0x403008 LineTo

• 0x40300c MoveToEx

• 0x403010 GetStockObject

• 0x403014 SelectObject

• 0x403018 Rectangle

Library MSVCP90.dll:

• 0x403060 ?_Unlock@_Mutex@std@@QAEXXZ

• 0x403064 ?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

• 0x403068 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

• 0x40306c ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

• 0x403070 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

• 0x403074 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z

• 0x403078 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

• 0x40307c ?uncaught_exception@std@@YA_NXZ

• 0x403080 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

• 0x403084 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

• 0x403088 ?_Lock@_Mutex@std@@QAEXXZ

Library MSVCR90.dll:

• 0x403090 ?terminate@@YAXXZ

• 0x403094 _unlock

• 0x403098 __dllonexit

• 0x40309c _lock

• 0x4030a0 _onexit

• 0x4030a4 _decode_pointer

• 0x4030a8 _except_handler4_common

• 0x4030ac _invoke_watson

• 0x4030b0 _controlfp_s

• 0x4030b4 exit

• 0x4030b8 rand

• 0x4030bc _time64

• 0x4030c0 _crt_debugger_hook

• 0x4030c4 sprintf

• 0x4030c8 __CxxFrameHandler3

• 0x4030cc _wtoi

• 0x4030d0 srand

• 0x4030d4 memcpy

• 0x4030d8 _amsg_exit

• 0x4030dc __getmainargs

• 0x4030e0 _cexit

• 0x4030e4 _exit

• 0x4030e8 _XcptFilter

• 0x4030ec _ismbblead

• 0x4030f0 _wcslwr

• 0x4030f4 _acmdln

• 0x4030f8 _initterm

• 0x4030fc _initterm_e

• 0x403100 _configthreadlocale

• 0x403104 __setusermatherr

• 0x403108 _adjust_fdiv

• 0x40310c __p__commode

• 0x403110 __p__fmode

• 0x403114 _encode_pointer

• 0x403118 __set_app_type

Hosts

No hosts contacted.

DNS

Name	Response	Post-Analysis Lookup
time.windows.com	A 20.189.79.72 CNAME time.microsoft.akadns.net
r3---sn-j5o7dn7e.gvt1.com	CNAME r3.sn-j5o7dn7e.gvt1.com A 113.108.239.196	113.108.239.196
dns.msftncsi.com	AAAA fd3e:4f5a:5b81::1	131.107.255.255
dns.msftncsi.com	A 131.107.255.255	131.107.255.255
clients2.google.com	A 172.217.160.110 CNAME clients.l.google.com	216.58.200.238
r1---sn-j5o7dn7e.gvt1.com	A 113.108.239.194 CNAME r1.sn-j5o7dn7e.gvt1.com	113.108.239.194
redirector.gvt1.com	A 203.208.41.65	203.208.41.97
update.googleapis.com	A 203.208.41.98	203.208.41.34
teredo.ipv6.microsoft.com		127.0.0.1

TCP

Source	Source Port	Destination	Destination Port
192.168.56.101	49188	113.108.239.194 r1---sn-j5o7dn7e.gvt1.com	80
192.168.56.101	49189	113.108.239.196 r3---sn-j5o7dn7e.gvt1.com	80
192.168.56.101	49184	142.44.137.67	443
192.168.56.101	49187	203.208.41.65 redirector.gvt1.com	80
192.168.56.101	49185	203.208.41.98 update.googleapis.com	443

UDP

Source	Source Port	Destination	Destination Port
192.168.56.101	49235	114.114.114.114	53
192.168.56.101	51808	114.114.114.114	53
192.168.56.101	53380	114.114.114.114	53
192.168.56.101	55169	114.114.114.114	53
192.168.56.101	56539	114.114.114.114	53
192.168.56.101	57367	114.114.114.114	53
192.168.56.101	58070	114.114.114.114	53
192.168.56.101	60123	114.114.114.114	53
192.168.56.101	60911	114.114.114.114	53
192.168.56.101	63429	114.114.114.114	53
192.168.56.101	65004	114.114.114.114	53
192.168.56.101	137	192.168.56.255	137
192.168.56.101	138	192.168.56.255	138
192.168.56.101	123	20.189.79.72 time.windows.com	123
192.168.56.101	49713	224.0.0.252	5355
192.168.56.101	50568	224.0.0.252	5355
192.168.56.101	51378	224.0.0.252	5355
192.168.56.101	53237	224.0.0.252	5355
192.168.56.101	53500	224.0.0.252	5355
192.168.56.101	54178	224.0.0.252	5355

HTTP & HTTPS Requests

URI	Data
http://redirector.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe	HEAD /edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.5 X-Old-UID: cnt=0 X-Last-HR: 0x0 X-Last-HTTP-Status-Code: 0 X-Retry-Count: 0 X-HTTP-Attempts: 1 Host: redirector.gvt1.com
http://r3---sn-j5o7dn7e.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?mh=ms&mvi=3&pl=17&shardbypass=yes&redirect_counter=1&rm=sn-j5ok7e&req_id=9188e89a3b12f413&cms_redirect=yes&ipbypass=yes&mip=59.50.85.19&mm=28&mn=sn-j5o7dn7e&ms=nvh&mt=1619776097&mv=m	HEAD /edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?mh=ms&mvi=3&pl=17&shardbypass=yes&redirect_counter=1&rm=sn-j5ok7e&req_id=9188e89a3b12f413&cms_redirect=yes&ipbypass=yes&mip=59.50.85.19&mm=28&mn=sn-j5o7dn7e&ms=nvh&mt=1619776097&mv=m HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.5 X-Old-UID: cnt=0 X-Last-HR: 0x0 X-Last-HTTP-Status-Code: 0 X-Retry-Count: 0 X-HTTP-Attempts: 1 Host: r3---sn-j5o7dn7e.gvt1.com
http://142.44.137.67:443/fmnSFFa9mw/9SgzenXC1B/5Sz2/	POST /fmnSFFa9mw/9SgzenXC1B/5Sz2/ HTTP/1.1 Content-Type: multipart/form-data; boundary=-------------------------7964e9a19b93a2550f9e92836a7d5ab User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: 142.44.137.67:443 Content-Length: 4532 Connection: Keep-Alive Cache-Control: no-cache
http://r1---sn-j5o7dn7e.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?cms_redirect=yes&mh=ms&mip=202.100.214.100&mm=28&mn=sn-j5o7dn7e&ms=nvh&mt=1619776097&mv=m&mvi=1&pl=23&shardbypass=yes	HEAD /edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?cms_redirect=yes&mh=ms&mip=202.100.214.100&mm=28&mn=sn-j5o7dn7e&ms=nvh&mt=1619776097&mv=m&mvi=1&pl=23&shardbypass=yes HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.5 X-Old-UID: cnt=0 X-Last-HR: 0x0 X-Last-HTTP-Status-Code: 0 X-Retry-Count: 0 X-HTTP-Attempts: 1 Host: r1---sn-j5o7dn7e.gvt1.com

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.

Sorry! No dropped buffers.