5.8
高危
60 个模型检测该样本为恶意!
重新分析
更多

05b662e6e0ee03a3e2b87b14fcda6e28f8e048b62f5baeb698068b85d83b1181

a6b58263ee465da7376c391873bd1138.exe

分析耗时

89s

最近分析

文件大小

435.0KB
静态报毒 动态报毒 100% AI SCORE=82 AIDETECT ATTRIBUTE AVPL BFNR BUW@AK28DUHI CLOUD CONFIDENCE CRYPTERX EMOTET EWEQ GENCIRC GENERICRXLX HGCC HIGH CONFIDENCE HIGHCONFIDENCE HUMKXA KCLOUD KRYPT KRYPTIK MALWARE2 MALWARE@#QTYEM3E8WRT2 NJGS NWKOQJ3MCUW POSSIBLETHREAT R + TROJ R350952 SAVE SCORE STATIC AI SUSGEN SUSPICIOUS PE THJOEBO TRBG TRICK TRICKBOT TRICKSTER UNSAFE WZJTI ZENPAK ZEXAF 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee GenericRXLX-QP!A6B58263EE46 20210301 6.0.6.653
Alibaba Backdoor:Win32/Trickbot.4bc5ab1e 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast Win32:CrypterX-gen [Trj] 20210301 21.1.5827.0
Tencent Malware.Win32.Gencirc.11aee97c 20210301 1.0.0.1
Kingsoft Win32.Troj.Generic_a.a.(kcloud) 20210301 2017.9.26.565
CrowdStrike win/malicious_confidence_100% (W) 20210203 1.0
静态指标
Queries for the computername (1 个事件)
Time & API Arguments Status Return Repeated
1620839012.36727
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
This executable has a PDB path (1 个事件)
pdb_path C:\Users\Mr.Anderson\Desktop\2013\ColorPicker-master\ColorPicker-master\ColorPicker.pdb
The file contains an unknown PE resource name possibly indicative of a packer (1 个事件)
resource name None
One or more processes crashed (1 个事件)
Time & API Arguments Status Return Repeated
1620839013.75827
__exception__
stacktrace: 
RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x77b69a5a
RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x77a7b5e7
stacktrace+0x1d1 memdup-0x62 @ 0x748005bd
New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x74816d97
KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x77ba1278
RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x77b69a5a
RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x77a7b5e7
stacktrace+0x1d1 memdup-0x62 @ 0x748005bd
New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x74816d97
KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x77ba1278
RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x77b69a5a
RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x77a7b5e7
stacktrace+0x1d1 memdup-0x62 @ 0x748005bd
New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x74816d97
KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x77ba1278
RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x77b69a5a
RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x77a7b5e7
stacktrace+0x1d1 memdup-0x62 @ 0x748005bd
New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x74816d97
KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x77ba1278
RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x77b69a5a
RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x77a7b5e7
stacktrace+0x1d1 memdup-0x62 @ 0x748005bd
New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x74816d97
KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x77ba1278
RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x77b69a5a
RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x77a7b5e7
stacktrace+0x1d1 memdup-0x62 @ 0x748005bd
New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x74816d97
KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x77ba1278
RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x77b69a5a
RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x77a7b5e7
stacktrace+0x1d1 memdup-0x62 @ 0x748005bd
New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x74816d97
KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x77ba1278
RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x77b69a5a
RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x77a7b5e7
stacktrace+0x1d1 memdup-0x62 @ 0x748005bd
New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x74816d97
KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x77ba1278
RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x77b69a5a
RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x77a7b5e7
stacktrace+0x1d1 memdup-0x62 @ 0x748005bd
New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x74816d97
KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x77ba1278
RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x77b69a5a
RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x77a7b5e7
stacktrace+0x1d1 memdup-0x62 @ 0x748005bd
New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x74816d97
KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x77ba1278
RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x77b69a5a
RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x77a7b5e7
stacktrace+0x1d1 memdup-0x62 @ 0x748005bd
New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x74816d97
KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x77ba1278
RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x77b69a5a
RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x77a7b5e7
stacktrace+0x1d1 memdup-0x62 @ 0x748005bd
hook_in_monitor+0x45 lde-0x133 @ 0x747f42ea
New_ntdll_LdrGetProcedureAddress+0x43 New_ntdll_LdrLoadDll-0x156 @ 0x7480f7f3
GetProcAddress+0x60 GetModuleHandleA-0x80 kernelbase+0x4190 @ 0x7fefdc54190
SvchostPushServiceGlobals+0x471 WinHttpQueryOption-0x1a7b winhttp+0x1eb99 @ 0x7fef9efeb99
SvchostPushServiceGlobals+0x4fb WinHttpQueryOption-0x19f1 winhttp+0x1ec23 @ 0x7fef9efec23
WinHttpConnect+0x1ab WinHttpGetDefaultProxyConfiguration-0x1615 winhttp+0x13fe7 @ 0x7fef9ef3fe7

registers.r14: -5398054588245316483
registers.r9: 1955190784
registers.rcx: 0
registers.rsi: 41815760
registers.r10: 0
registers.rbx: 0
registers.rdi: 0
registers.r11: 0
registers.r8: 5
registers.rdx: 2
registers.rbp: 0
registers.r15: 23166406
registers.r12: 2829840
registers.rsp: 1697856
registers.rax: 1
registers.r13: 449
exception.instruction_r: 48 8b 01 4a 89 44 c6 78 4d 85 e4 74 08 4b 89 8c
exception.symbol: RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a
exception.instruction: mov rax, qword ptr [rcx]
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 105050
exception.address: 0x77b69a5a
success 0 0
行为判定
动态指标
One or more potentially interesting buffers were extracted, these generally contain injected code, configuration data, etc.
Allocates read-write-execute memory (usually to unpack itself) (10 个事件)
Time & API Arguments Status Return Repeated
1620808807.390375
NtAllocateVirtualMemory
process_identifier: 3040
region_size: 217088
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00820000
success 0 0
1620808807.453375
NtAllocateVirtualMemory
process_identifier: 3040
region_size: 204800
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12289 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x02010000
success 0 0
1620808807.453375
NtProtectVirtualMemory
process_identifier: 3040
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
length: 204800
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
base_address: 0x02051000
success 0 0
1620808808.453375
NtAllocateVirtualMemory
process_identifier: 3040
region_size: 16384
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00860000
success 0 0
1620808808.453375
NtAllocateVirtualMemory
process_identifier: 3040
region_size: 12288
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 8192 (MEM_RESERVE)
base_address: 0x10000000
success 0 0
1620808808.453375
NtAllocateVirtualMemory
process_identifier: 3040
region_size: 8192
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x10001000
success 0 0
1620808808.468375
NtAllocateVirtualMemory
process_identifier: 3040
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00870000
success 0 0
1620808808.468375
NtAllocateVirtualMemory
process_identifier: 3040
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x022f0000
success 0 0
1620808808.468375
NtAllocateVirtualMemory
process_identifier: 3040
region_size: 167936
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x02300000
success 0 0
1620838989.25827
NtAllocateVirtualMemory
process_identifier: 2760
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffffffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x0000000000390000
success 0 0
The binary likely contains encrypted or compressed data indicative of a packer (2 个事件)
entropy 7.9980408976941515 section {'size_of_data': '0x00034c00', 'virtual_address': '0x0003b000', 'entropy': 7.9980408976941515, 'name': '.rsrc', 'virtual_size': '0x00034a58'} description A section with a high entropy has been found
entropy 0.4861751152073733 description Overall entropy of this PE file is high
Checks for the Locally Unique Identifier on the system for a suspicious privilege (3 个事件)
Time & API Arguments Status Return Repeated
1620839004.50827
LookupPrivilegeValueW
system_name:
privilege_name: SeDebugPrivilege
success 1 0
1620839006.53927
LookupPrivilegeValueW
system_name:
privilege_name: SeDebugPrivilege
success 1 0
1620839009.61727
LookupPrivilegeValueW
system_name:
privilege_name: SeDebugPrivilege
success 1 0
网络通信
Communicates with host for which no DNS query was performed (3 个事件)
host 172.217.24.14
host 185.205.209.241
host 195.123.240.252
File has been identified by 60 AntiVirus engines on VirusTotal as malicious (50 out of 60 个事件)
Bkav W32.AIDetect.malware2
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.Agent.EWEQ
McAfee GenericRXLX-QP!A6B58263EE46
Cylance Unsafe
Zillya Trojan.Kryptik.Win32.2555487
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan ( 0056e12b1 )
Alibaba Backdoor:Win32/Trickbot.4bc5ab1e
K7GW Trojan ( 0056e12b1 )
Cybereason malicious.3ee465
Arcabit Trojan.Agent.EWEQ
Cyren W32/Trojan.NJGS-1970
Symantec ML.Attribute.HighConfidence
APEX Malicious
Avast Win32:CrypterX-gen [Trj]
Kaspersky Trojan.Win32.Zenpak.avpl
BitDefender Trojan.Agent.EWEQ
NANO-Antivirus Trojan.Win32.Zenpak.humkxa
Paloalto generic.ml
Tencent Malware.Win32.Gencirc.11aee97c
Ad-Aware Trojan.Agent.EWEQ
Sophos Mal/Generic-R + Troj/Agent-BFNR
Comodo Malware@#qtyem3e8wrt2
F-Secure Trojan.TR/Kryptik.wzjti
DrWeb Trojan.Trick.46722
VIPRE Win32.Malware!Drop
TrendMicro TrojanSpy.Win32.TRICKBOT.THJOEBO
McAfee-GW-Edition BehavesLike.Win32.Emotet.gc
FireEye Generic.mg.a6b58263ee465da7
Emsisoft Trojan.Agent.EWEQ (B)
SentinelOne Static AI - Suspicious PE
Jiangmin Trojan.Zenpak.czz
Webroot W32.Trojan.Trickbot
Avira TR/Kryptik.wzjti
Antiy-AVL Trojan/Win32.Zenpak
Kingsoft Win32.Troj.Generic_a.a.(kcloud)
Gridinsoft Trojan.Win32.TrickBot.oa
Microsoft Trojan:Win32/Trickbot!MSR
AegisLab Trojan.Win32.Encoder.trBg
ZoneAlarm Trojan.Win32.Zenpak.avpl
GData Trojan.Agent.EWEQ
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win32.Emotet.R350952
BitDefenderTheta Gen:NN.ZexaF.34590.BuW@aK28dUhi
ALYac Trojan.Trickster.Gen
MAX malware (ai score=82)
Malwarebytes Trojan.TrickBot
ESET-NOD32 a variant of Win32/Kryptik.HGCC
TrendMicro-HouseCall TrojanSpy.Win32.TRICKBOT.THJOEBO
Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (4 个事件)
dead_host 172.217.24.14:443
dead_host 185.205.209.241:443
dead_host 172.217.160.78:443
dead_host 195.123.240.252:443
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-09-09 02:35:47

Imports

Library KERNEL32.dll:
0x41b020 LoadLibraryW
0x41b024 FreeConsole
0x41b028 CreateFileW
0x41b02c FlushFileBuffers
0x41b030 WriteConsoleW
0x41b034 SetStdHandle
0x41b038 GetStringTypeW
0x41b03c SetFilePointerEx
0x41b040 GetConsoleMode
0x41b044 GetConsoleCP
0x41b048 GetCPInfo
0x41b04c GetOEMCP
0x41b050 GetACP
0x41b054 IsValidCodePage
0x41b058 LoadLibraryExW
0x41b05c GetProcAddress
0x41b064 TlsGetValue
0x41b068 TlsAlloc
0x41b06c TerminateProcess
0x41b070 GetCurrentProcess
0x41b074 Sleep
0x41b084 LCMapStringW
0x41b088 GetModuleHandleW
0x41b08c ExitProcess
0x41b090 TlsFree
0x41b098 GetLastError
0x41b09c RaiseException
0x41b0a0 HeapReAlloc
0x41b0a8 TlsSetValue
0x41b0ac DecodePointer
0x41b0b8 IsDebuggerPresent
0x41b0bc OutputDebugStringW
0x41b0c8 EncodePointer
0x41b0cc HeapFree
0x41b0d0 HeapAlloc
0x41b0d4 RtlUnwind
0x41b0d8 GetCommandLineA
0x41b0e0 GetModuleHandleExW
0x41b0e4 MultiByteToWideChar
0x41b0e8 WideCharToMultiByte
0x41b0ec HeapSize
0x41b0f0 GetProcessHeap
0x41b0f4 GetStdHandle
0x41b0f8 WriteFile
0x41b0fc GetModuleFileNameW
0x41b100 SetLastError
0x41b104 GetCurrentThreadId
0x41b108 GetFileType
0x41b10c GetStartupInfoW
0x41b110 GetModuleFileNameA
0x41b118 GetCurrentProcessId
0x41b11c CloseHandle
Library USER32.dll:
0x41b124 GetMessageW
0x41b128 TranslateMessage
0x41b12c DispatchMessageW
0x41b130 LoadCursorW
0x41b134 SetWindowLongW
0x41b138 GetWindowLongW
0x41b13c ScreenToClient
0x41b140 GetCursorPos
0x41b144 SetCursor
0x41b148 GetWindowRect
0x41b14c GetClientRect
0x41b150 InvalidateRect
0x41b154 EndPaint
0x41b158 BeginPaint
0x41b15c ReleaseDC
0x41b160 GetDCEx
0x41b164 UpdateWindow
0x41b168 GetSystemMetrics
0x41b16c ReleaseCapture
0x41b170 SetCapture
0x41b174 GetAsyncKeyState
0x41b178 SetFocus
0x41b17c GetDlgItemInt
0x41b180 SetDlgItemInt
0x41b184 EndDialog
0x41b18c SetWindowPos
0x41b190 ShowWindow
0x41b194 DestroyWindow
0x41b198 IsWindow
0x41b19c CreateWindowExW
0x41b1a0 RegisterClassExW
0x41b1a4 PostQuitMessage
0x41b1a8 DefWindowProcW
0x41b1ac SendMessageW
Library GDI32.dll:
0x41b010 GetStockObject
0x41b014 GetPixel
0x41b018 GetObjectW
Library COMDLG32.dll:
0x41b000 ChooseColorW
Library ole32.dll:
0x41b1bc CoInitializeEx
Library DWrite.dll:
0x41b008 DWriteCreateFactory
Library d2d1.dll:
0x41b1b4

Exports

Ordinal Address Name
1 0x40b4b0 ERWQSDASQWAFASASWW

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 51808 114.114.114.114 53
192.168.56.101 60123 114.114.114.114 53
192.168.56.101 60215 114.114.114.114 53
192.168.56.101 60384 114.114.114.114 53
192.168.56.101 62912 114.114.114.114 53
192.168.56.101 63429 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49713 224.0.0.252 5355
192.168.56.101 51378 224.0.0.252 5355
192.168.56.101 53237 224.0.0.252 5355
192.168.56.101 55368 224.0.0.252 5355
192.168.56.101 56539 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 58367 224.0.0.252 5355
192.168.56.101 61680 224.0.0.252 5355
192.168.56.101 62318 224.0.0.252 5355
192.168.56.101 65004 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.