7.0
高危
34 个模型检测该样本为恶意!
重新分析
更多

f08e7e2dbad3b4fdbcf15e7e3d27a455bafda92a93123924b60b8afe6d4369a6

a47a2c15c31d549c4bf37d36db560da0.exe

分析耗时

94s

最近分析

文件大小

496.1KB
静态报毒 动态报毒 AI SCORE=82 ATTRIBUTE BEHAVIOR BSCOPE DZPVQ ELDORADO EMOTET FMU75T GDBO GENERIC@ML GENERICKDZ HIGH CONFIDENCE HIGHCONFIDENCE MULDROP RDML SCORE Y378LH0D5EVVP+9V6NLNDA 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Emotet-FQS!A47A2C15C31D 20200902 6.0.6.653
Alibaba Trojan:Win32/Emotet.75af3ad1 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Tencent 20200902 1.0.0.1
Kingsoft 20200902 2013.8.14.323
CrowdStrike 20190702 1.0
静态指标
Queries for the computername (1 个事件)
Time & API Arguments Status Return Repeated
1620835751.521751
GetComputerNameA
computer_name: OSKAR-PC
success 1 0
Uses Windows APIs to generate a cryptographic key (4 个事件)
Time & API Arguments Status Return Repeated
1620835738.787751
CryptGenKey
crypto_handle: 0x00586d18
algorithm_identifier: 0x0000660e ()
provider_handle: 0x005865f0
flags: 1
key: fˆ’~·Ö限ýÊâIìT ±
success 1 0
1620835751.552751
CryptExportKey
crypto_handle: 0x00586d18
crypto_export_handle: 0x00586cd8
buffer: f¤BõPˆ^Õ4ä3Î~P=ÎNÕ5ˆÓø¿gô½÷¾á™ÕÑRåàê(Žw|®µMz&ÊlòGek»ÈUž`»x˜¾Ù:©³ÎE¹Ս£!a\ø¼ÁxgW‚OjǞ œ~
blob_type: 1
flags: 64
success 1 0
1620835779.552751
CryptExportKey
crypto_handle: 0x00586d18
crypto_export_handle: 0x00586cd8
buffer: f¤á Ïè,+ü^ψJ£ú}AKá ä£5ož`$9X‹ŠáïkvY¡Çbn«Gô¯Ô8t‘«€cê1½3æ Þª5p¼%wì±èÕR Z)>#˹` ¢ú —¶X”Ú/
blob_type: 1
flags: 64
success 1 0
1620835784.224751
CryptExportKey
crypto_handle: 0x00586d18
crypto_export_handle: 0x00586cd8
buffer: f¤+ÑpßrôÍ]^ 3¤÷çuìA‰»µœ?ÿ•‹¼‹‘'”¾yÃÄ$V’ì"´wÏ6”´Ö*з„µ¢ä" } ׫Øq[³#¯Ý‹ÐÆ)þQ õI²ôXc@
blob_type: 1
flags: 64
success 1 0
The executable uses a known packer (1 个事件)
packer Armadillo v1.71
The file contains an unknown PE resource name possibly indicative of a packer (1 个事件)
resource name None
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (2 个事件)
Time & API Arguments Status Return Repeated
1620835738.131751
NtAllocateVirtualMemory
process_identifier: 2656
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x003f0000
success 0 0
1620835738.162751
NtAllocateVirtualMemory
process_identifier: 2656
region_size: 36864
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00530000
success 0 0
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1620835752.209751
GetAdaptersAddresses
flags: 0
family: 0
failed 111 0
Expresses interest in specific running processes (1 个事件)
process a47a2c15c31d549c4bf37d36db560da0.exe
Reads the systems User Agent and subsequently performs requests (1 个事件)
Time & API Arguments Status Return Repeated
1620835751.912751
InternetOpenW
proxy_bypass:
access_type: 0
proxy_name:
flags: 0
user_agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
success 13369348 0
网络通信
Communicates with host for which no DNS query was performed (5 个事件)
host 113.108.239.196
host 172.217.24.14
host 209.236.123.42
host 216.10.40.16
host 91.121.54.71
Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)
Time & API Arguments Status Return Repeated
1620835754.802751
RegSetValueExA
key_handle: 0x000003b4
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1620835754.802751
RegSetValueExA
key_handle: 0x000003b4
value: imG×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1620835754.802751
RegSetValueExA
key_handle: 0x000003b4
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1620835754.802751
RegSetValueExW
key_handle: 0x000003b4
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1620835754.802751
RegSetValueExA
key_handle: 0x000003cc
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1620835754.802751
RegSetValueExA
key_handle: 0x000003cc
value: imG×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1620835754.802751
RegSetValueExA
key_handle: 0x000003cc
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
1620835754.818751
RegSetValueExW
key_handle: 0x000003b0
value: {40112ABE-63B3-43C3-BE93-1440EE3AF106}
regkey_r: WpadLastNetwork
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
success 0 0
Generates some ICMP traffic
File has been identified by 34 AntiVirus engines on VirusTotal as malicious (34 个事件)
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKDZ.69847
FireEye Trojan.GenericKDZ.69847
McAfee Emotet-FQS!A47A2C15C31D
K7AntiVirus Trojan ( 0053af701 )
Alibaba Trojan:Win32/Emotet.75af3ad1
K7GW Trojan ( 0053af701 )
Arcabit Trojan.Generic.D110D7
Invincea Mal/Generic-S
Cyren W32/Emotet.ARR.gen!Eldorado
Symantec ML.Attribute.HighConfidence
APEX Malicious
Paloalto generic.ml
Kaspersky Trojan-Banker.Win32.Emotet.gdbo
BitDefender Trojan.GenericKDZ.69847
ViRobot Trojan.Win32.Emotet.507904.E
Ad-Aware Trojan.GenericKDZ.69847
F-Secure Trojan.TR/AD.Emotet.dzpvq
DrWeb Trojan.Emotet.1008
VIPRE Trojan.Win32.Generic!BT
Sophos Mal/Generic-S
Ikarus Trojan-Banker.Emotet
Avira TR/AD.Emotet.dzpvq
Microsoft Trojan:Win32/Emotet.ARJ!MTB
ZoneAlarm Trojan-Banker.Win32.Emotet.gdbo
GData Win32.Trojan.PSE.FMU75T
Cynet Malicious (score: 85)
VBA32 BScope.Trojan.MulDrop
MAX malware (ai score=82)
Malwarebytes Trojan.MalPack.TRE
ESET-NOD32 Win32/Emotet.CD
Rising Trojan.Generic@ML.85 (RDML:y378LH0d5EVVp+9v6NlNdA)
Fortinet W32/Malicious_Behavior.VEX
AVG Win32:Dropper-gen [Drp]
Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (6 个事件)
dead_host 172.217.160.110:443
dead_host 192.168.56.101:49180
dead_host 172.217.24.14:443
dead_host 209.236.123.42:8080
dead_host 91.121.54.71:8080
dead_host 216.10.40.16:80
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-09-01 14:53:07

Imports

Library KERNEL32.dll:
0x44b190 TerminateProcess
0x44b194 CreateThread
0x44b198 ExitThread
0x44b19c HeapReAlloc
0x44b1a0 HeapSize
0x44b1a4 GetACP
0x44b1ac GetSystemTime
0x44b1b0 GetLocalTime
0x44b1b4 HeapDestroy
0x44b1b8 HeapCreate
0x44b1bc VirtualFree
0x44b1c0 FatalAppExitA
0x44b1c4 IsBadWritePtr
0x44b1e0 SetHandleCount
0x44b1e4 GetStdHandle
0x44b1e8 HeapFree
0x44b1ec LCMapStringA
0x44b1f0 LCMapStringW
0x44b1f4 GetStringTypeA
0x44b1f8 GetStringTypeW
0x44b1fc Sleep
0x44b200 IsBadReadPtr
0x44b204 IsBadCodePtr
0x44b208 IsValidLocale
0x44b20c IsValidCodePage
0x44b210 GetLocaleInfoA
0x44b214 EnumSystemLocalesA
0x44b218 GetUserDefaultLCID
0x44b21c GetVersionExA
0x44b224 SetStdHandle
0x44b228 CompareStringA
0x44b22c CompareStringW
0x44b234 GetLocaleInfoW
0x44b238 GetCommandLineA
0x44b23c GetStartupInfoA
0x44b240 RaiseException
0x44b244 HeapAlloc
0x44b248 RtlUnwind
0x44b254 SetFileAttributesA
0x44b258 SetFileTime
0x44b264 GetFileTime
0x44b268 GetFileSize
0x44b26c GetFileAttributesA
0x44b270 GetShortPathNameA
0x44b274 GetThreadLocale
0x44b278 GetStringTypeExA
0x44b27c GetFullPathNameA
0x44b280 InterlockedExchange
0x44b288 FindFirstFileA
0x44b28c FindClose
0x44b290 DeleteFileA
0x44b294 MoveFileA
0x44b298 SetEndOfFile
0x44b29c UnlockFile
0x44b2a0 LockFile
0x44b2a4 FlushFileBuffers
0x44b2a8 SetFilePointer
0x44b2ac WriteFile
0x44b2b0 ReadFile
0x44b2b4 CreateFileA
0x44b2b8 GetCurrentProcess
0x44b2bc DuplicateHandle
0x44b2c0 SetErrorMode
0x44b2d4 GetOEMCP
0x44b2d8 GetCPInfo
0x44b2dc GetProcessVersion
0x44b2e0 TlsGetValue
0x44b2e4 LocalReAlloc
0x44b2e8 TlsSetValue
0x44b2f0 GlobalReAlloc
0x44b2f8 TlsFree
0x44b2fc GlobalHandle
0x44b304 TlsAlloc
0x44b30c LocalAlloc
0x44b310 SizeofResource
0x44b314 GlobalFlags
0x44b318 lstrcpynA
0x44b31c FormatMessageA
0x44b320 LocalFree
0x44b324 MulDiv
0x44b328 SetLastError
0x44b32c ExitProcess
0x44b330 CreateEventA
0x44b334 SuspendThread
0x44b338 SetThreadPriority
0x44b33c ResumeThread
0x44b340 SetEvent
0x44b344 WaitForSingleObject
0x44b348 CloseHandle
0x44b34c GetModuleFileNameA
0x44b350 GlobalAlloc
0x44b354 lstrcmpA
0x44b358 GetCurrentThread
0x44b35c MultiByteToWideChar
0x44b360 WideCharToMultiByte
0x44b36c lstrlenA
0x44b370 LoadLibraryA
0x44b374 FreeLibrary
0x44b378 GetVersion
0x44b37c lstrcatA
0x44b380 GetCurrentThreadId
0x44b384 GlobalGetAtomNameA
0x44b388 lstrcmpiA
0x44b38c GlobalAddAtomA
0x44b390 GlobalFindAtomA
0x44b394 GlobalDeleteAtom
0x44b398 lstrcpyA
0x44b39c GetModuleHandleA
0x44b3a0 GlobalLock
0x44b3a4 GlobalUnlock
0x44b3a8 GlobalFree
0x44b3ac LockResource
0x44b3b0 FindResourceA
0x44b3b4 LoadResource
0x44b3b8 VirtualAlloc
0x44b3bc GetModuleHandleW
0x44b3c0 GetProcAddress
0x44b3c4 GetLastError
0x44b3c8 GetFileType
Library USER32.dll:
0x44b3e4 ReleaseDC
0x44b3e8 CheckDlgButton
0x44b3ec CheckRadioButton
0x44b3f0 GetDlgItemInt
0x44b3f4 GetDlgItemTextA
0x44b3f8 SetDlgItemInt
0x44b3fc SetDlgItemTextA
0x44b400 IsDlgButtonChecked
0x44b404 ScrollWindowEx
0x44b408 IsDialogMessageA
0x44b40c SetWindowTextA
0x44b410 MoveWindow
0x44b414 ShowWindow
0x44b418 CharToOemA
0x44b41c OemToCharA
0x44b420 wvsprintfA
0x44b424 PostQuitMessage
0x44b428 ShowOwnedPopups
0x44b42c SetCursor
0x44b430 GetCursorPos
0x44b434 ValidateRect
0x44b438 TranslateMessage
0x44b43c GetMessageA
0x44b440 ClientToScreen
0x44b444 GetWindowDC
0x44b448 BeginPaint
0x44b44c EndPaint
0x44b450 TabbedTextOutA
0x44b454 DrawTextA
0x44b458 GrayStringA
0x44b45c InflateRect
0x44b460 GetClassNameA
0x44b464 GetDesktopWindow
0x44b468 GetDialogBaseUnits
0x44b46c LoadCursorA
0x44b470 DestroyMenu
0x44b474 LoadStringA
0x44b478 WaitMessage
0x44b480 WindowFromPoint
0x44b484 InsertMenuA
0x44b488 DeleteMenu
0x44b48c GetMenuStringA
0x44b490 SetRectEmpty
0x44b494 LoadAcceleratorsA
0x44b49c LoadMenuA
0x44b4a0 SetMenu
0x44b4a4 ReuseDDElParam
0x44b4a8 UnpackDDElParam
0x44b4ac BringWindowToTop
0x44b4b0 CharUpperA
0x44b4b4 CheckMenuItem
0x44b4b8 EnableMenuItem
0x44b4bc PostMessageA
0x44b4c0 SendDlgItemMessageA
0x44b4c4 MapWindowPoints
0x44b4c8 PeekMessageA
0x44b4cc DispatchMessageA
0x44b4d0 GetFocus
0x44b4d4 SetFocus
0x44b4d8 AdjustWindowRectEx
0x44b4dc ScreenToClient
0x44b4e0 EqualRect
0x44b4e4 DeferWindowPos
0x44b4e8 BeginDeferWindowPos
0x44b4ec EndDeferWindowPos
0x44b4f0 IsWindowVisible
0x44b4f4 ScrollWindow
0x44b4f8 GetScrollInfo
0x44b4fc SetScrollInfo
0x44b500 ShowScrollBar
0x44b504 GetScrollRange
0x44b50c GetScrollPos
0x44b510 SetScrollPos
0x44b514 GetTopWindow
0x44b518 MessageBoxA
0x44b51c IsChild
0x44b520 GetCapture
0x44b524 WinHelpA
0x44b528 wsprintfA
0x44b52c GetClassInfoA
0x44b530 RegisterClassA
0x44b534 GetMenu
0x44b538 GetMenuItemCount
0x44b53c GetSubMenu
0x44b540 GetMenuItemID
0x44b544 TrackPopupMenu
0x44b548 SetWindowPlacement
0x44b550 GetDlgCtrlID
0x44b554 GetKeyState
0x44b558 DefWindowProcA
0x44b55c CreateWindowExA
0x44b560 SetWindowsHookExA
0x44b564 CallNextHookEx
0x44b568 GetClassLongA
0x44b56c SetPropA
0x44b570 UnhookWindowsHookEx
0x44b574 GetPropA
0x44b578 CallWindowProcA
0x44b57c RemovePropA
0x44b580 GetMessageTime
0x44b584 GetMessagePos
0x44b588 GetLastActivePopup
0x44b58c GetForegroundWindow
0x44b590 SetForegroundWindow
0x44b594 GetWindow
0x44b598 SetWindowLongA
0x44b59c SetWindowPos
0x44b5a4 IntersectRect
0x44b5ac IsIconic
0x44b5b0 GetWindowPlacement
0x44b5b4 GetNextDlgTabItem
0x44b5b8 EndDialog
0x44b5bc GetActiveWindow
0x44b5c0 SetActiveWindow
0x44b5c4 IsWindow
0x44b5cc DestroyWindow
0x44b5d0 GetWindowLongA
0x44b5d4 GetDlgItem
0x44b5d8 IsWindowEnabled
0x44b5dc GetClientRect
0x44b5e0 PtInRect
0x44b5e4 ReleaseCapture
0x44b5e8 SetRect
0x44b5ec OffsetRect
0x44b5f0 GetWindowRect
0x44b5f4 GetParent
0x44b5f8 GetDC
0x44b5fc SetCapture
0x44b600 CopyRect
0x44b604 DrawFrameControl
0x44b608 LoadIconA
0x44b60c DrawStateA
0x44b610 CopyImage
0x44b614 DestroyIcon
0x44b618 DrawIconEx
0x44b61c GetSysColorBrush
0x44b620 FrameRect
0x44b624 DrawFocusRect
0x44b628 GetSystemMetrics
0x44b62c GetSysColor
0x44b630 MessageBeep
0x44b634 LoadBitmapA
0x44b638 GetMenuState
0x44b63c ModifyMenuA
0x44b640 SetScrollRange
0x44b644 SetMenuItemBitmaps
0x44b648 InvalidateRect
0x44b64c UpdateWindow
0x44b650 SendMessageA
0x44b654 EnableWindow
0x44b658 GetWindowTextA
0x44b65c UnregisterClassA
Library GDI32.dll:
0x44b04c SaveDC
0x44b050 RestoreDC
0x44b054 SelectPalette
0x44b058 SetBkMode
0x44b05c SetPolyFillMode
0x44b060 SetROP2
0x44b064 SetStretchBltMode
0x44b068 SetMapMode
0x44b06c SetViewportOrgEx
0x44b070 OffsetViewportOrgEx
0x44b074 SetViewportExtEx
0x44b078 ScaleViewportExtEx
0x44b07c SetWindowOrgEx
0x44b080 OffsetWindowOrgEx
0x44b084 SetWindowExtEx
0x44b088 ScaleWindowExtEx
0x44b08c SelectClipRgn
0x44b090 ExcludeClipRect
0x44b094 IntersectClipRect
0x44b098 OffsetClipRgn
0x44b09c MoveToEx
0x44b0a0 LineTo
0x44b0a4 SetTextAlign
0x44b0b0 SetMapperFlags
0x44b0b8 ArcTo
0x44b0bc SetArcDirection
0x44b0c0 PolyDraw
0x44b0c4 StartDocA
0x44b0c8 SetColorAdjustment
0x44b0cc PolyBezierTo
0x44b0d0 GetClipRgn
0x44b0d4 CreateRectRgn
0x44b0d8 SelectClipPath
0x44b0dc ExtSelectClipRgn
0x44b0e0 PlayMetaFileRecord
0x44b0e4 GetObjectType
0x44b0e8 EnumMetaFile
0x44b0ec PlayMetaFile
0x44b0f0 GetDeviceCaps
0x44b0f4 GetViewportExtEx
0x44b0f8 GetWindowExtEx
0x44b0fc CreatePen
0x44b100 ExtCreatePen
0x44b104 CreateSolidBrush
0x44b108 CreateHatchBrush
0x44b10c CreatePatternBrush
0x44b114 PtVisible
0x44b118 RectVisible
0x44b11c TextOutA
0x44b120 ExtTextOutA
0x44b124 Escape
0x44b128 GetMapMode
0x44b12c SetRectRgn
0x44b130 CombineRgn
0x44b134 CreateFontIndirectA
0x44b138 DPtoLP
0x44b13c GetTextMetricsA
0x44b144 PatBlt
0x44b148 CreateBitmap
0x44b14c GetObjectA
0x44b150 SetBkColor
0x44b154 SetTextColor
0x44b158 GetClipBox
0x44b15c GetDCOrgEx
0x44b160 CreateCompatibleDC
0x44b168 BitBlt
0x44b16c DeleteObject
0x44b170 DeleteDC
0x44b174 Rectangle
0x44b178 CreateFontA
0x44b180 SelectObject
0x44b184 PolylineTo
0x44b188 GetStockObject
Library comdlg32.dll:
0x44b674 GetFileTitleA
Library WINSPOOL.DRV:
0x44b664 DocumentPropertiesA
0x44b668 ClosePrinter
0x44b66c OpenPrinterA
Library ADVAPI32.dll:
0x44b000 RegDeleteKeyA
0x44b004 RegCreateKeyExA
0x44b008 RegOpenKeyExA
0x44b00c RegQueryValueExA
0x44b010 RegOpenKeyA
0x44b014 RegCloseKey
0x44b018 RegDeleteValueA
0x44b01c RegSetValueExA
Library SHELL32.dll:
0x44b3d0 DragQueryFileA
0x44b3d4 DragFinish
0x44b3d8 DragAcceptFiles
0x44b3dc SHGetFileInfoA
Library COMCTL32.dll:
0x44b024
0x44b028
0x44b02c ImageList_Create
0x44b030
0x44b038 ImageList_Merge
0x44b03c ImageList_Read
0x44b040 ImageList_Write
0x44b044 ImageList_Destroy

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 51808 114.114.114.114 53
192.168.56.101 51963 114.114.114.114 53
192.168.56.101 55368 114.114.114.114 53
192.168.56.101 60123 114.114.114.114 53
192.168.56.101 60384 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49713 224.0.0.252 5355
192.168.56.101 51378 224.0.0.252 5355
192.168.56.101 53237 224.0.0.252 5355
192.168.56.101 53380 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 58367 224.0.0.252 5355
192.168.56.101 61680 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 62318 224.0.0.252 5355
192.168.56.101 63429 224.0.0.252 5355
192.168.56.101 65004 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.