1.2
低危
DACN
0.12
FACILE
1.00
IMCLNet
0.73
MFGraph
0.00
反病毒引擎
| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| Alibaba | None | 20190527 | 0.3.0.5 |
| Avast | Win32:Malware-gen | 20200322 | 18.4.3895.0 |
| Baidu | None | 20190318 | 1.0.0.2 |
| CrowdStrike | win/malicious_confidence_100% (D) | 20190702 | 1.0 |
| Kingsoft | None | 20200322 | 2013.8.14.323 |
| McAfee | Dropper-FOU!7EE464C5BFCC | 20200321 | 6.0.6.653 |
| Tencent | Malware.Win32.Gencirc.10b07709 | 20200322 | 1.0.0.1 |
静态指标
可执行文件包含未知的 PE 段名称,可能指示打包器(可能是误报)
(2 个事件)
| section | |
| section | petite |
动态指标
该二进制文件可能包含加密或压缩数据,表明使用了打包工具
(2 个事件)
| section | {'name': '', 'virtual_address': '0x00001000', 'virtual_size': '0x00027000', 'size_of_data': '0x0000bc00', 'entropy': 7.663081984917489} | entropy | 7.663081984917489 | description | 发现高熵的节 | |||||||||
| entropy | 0.9943390768976489 | description | 此PE文件的整体熵值较高 | |||||||||||
网络通信
与未执行 DNS 查询的主机进行通信
(2 个事件)
| host | 114.114.114.114 | |||
| host | 8.8.8.8 | |||
文件已被 VirusTotal 上 57 个反病毒引擎识别为恶意
(50 out of 57 个事件)
| ALYac | Gen:Variant.Ulises.37 |
| APEX | Malicious |
| AVG | Win32:Malware-gen |
| Acronis | suspicious |
| Ad-Aware | Gen:Variant.Ulises.37 |
| AhnLab-V3 | Malware/RL.Generic.R256000 |
| Antiy-AVL | GrayWare/Win32.BlackMoon.a |
| Arcabit | Trojan.Ulises.37 |
| Avast | Win32:Malware-gen |
| Avira | TR/Crypt.XPACK.Gen |
| BitDefender | Gen:Variant.Ulises.37 |
| BitDefenderTheta | Gen:NN.ZexaF.34100.diY@ai09iRm |
| Bkav | HW32.Packed. |
| CAT-QuickHeal | Trojan.GenericCS.S5480318 |
| Comodo | Backdoor.Win32.Agent.BVX@8hj67l |
| CrowdStrike | win/malicious_confidence_100% (D) |
| Cybereason | malicious.0ea73b |
| Cylance | Unsafe |
| Cyren | W32/BlackMoon.P.gen!Eldorado |
| DrWeb | Trojan.Inject1.58305 |
| ESET-NOD32 | a variant of Win32/Packed.BlackMoon.A potentially unwanted |
| Emsisoft | Gen:Variant.Ulises.37 (B) |
| Endgame | malicious (high confidence) |
| F-Prot | W32/BlackMoon.P.gen!Eldorado |
| F-Secure | Trojan.TR/Crypt.XPACK.Gen |
| FireEye | Generic.mg.b45645f0ea73b529 |
| Fortinet | W32/Pliskal.B!tr |
| GData | Gen:Variant.Ulises.37 |
| Ikarus | Trojan.Win32.Dynamer |
| Invincea | heuristic |
| K7AntiVirus | Trojan ( 005003ac1 ) |
| K7GW | Trojan ( 005003ac1 ) |
| Kaspersky | HEUR:Trojan.Win32.Blamon.gen |
| MAX | malware (ai score=86) |
| Malwarebytes | Trojan.Vundo |
| MaxSecure | Trojan.Malware.300983.susgen |
| McAfee | Dropper-FOU!7EE464C5BFCC |
| McAfee-GW-Edition | BehavesLike.Win32.Dropper.kc |
| MicroWorld-eScan | Gen:Variant.Ulises.37 |
| Microsoft | Worm:Win32/Ganelp |
| Panda | Trj/Genetic.gen |
| Qihoo-360 | HEUR/QVM19.1.0C97.Malware.Gen |
| Rising | Trojan.Agent!1.B82B (RDMK:cmRtazqE2ApbmOzq3ozwJMkFBZwB) |
| Sangfor | Malware |
| SentinelOne | DFI - Malicious PE |
| Sophos | Troj/Agent-BBIM |
| Symantec | Trojan Horse |
| TACHYON | Trojan/W32.Blamon |
| Tencent | Malware.Win32.Gencirc.10b07709 |
| Trapmine | malicious.high.ml.score |
二进制图像
288x288
224x224
192x192
160x160
128x128
96x96
64x64
32x32
运行截图
暂无运行截图
该样本运行过程中未生成截图
PE Compile Time
2015-01-27 11:56:27
PE Imphash
cdf5bbb8693f29ef22aef04d2a161dd7
Sections
| Name | Virtual Address | Virtual Size | Size of Raw Data | Entropy |
|---|---|---|---|---|
| 0x00001000 | 0x00027000 | 0x0000bc00 | 7.663081984917489 | |
| petite | 0x00028000 | 0x00000112 | 0x00000112 | 3.9970132554243403 |
Imports
Library kernel32.dll:
• 0x4280da ExitProcess
• 0x4280de GetModuleHandleA
• 0x4280e2 GetProcAddress
• 0x4280e6 VirtualProtect
• 0x4280ea VirtualAlloc
• 0x4280ee VirtualFree
• 0x4280f2 LoadLibraryA
`petite
R*4Lb|<8?VQNH
d{1BLZ
kWgpVT;
Z1+y8-S
jYx9nU
13$ =N
dKt> 3!#:zIf
#C~a(D/2
1U>RC%
h8Kf~wWn%}:
{dy[,"
"S#j<){
/FP( 4TQ
0|6a7kk
2VPIg7#
4Gu=Ddcqs$H
JwA6f6bI
]2_<n$q]B
dhI(r*%
*7V-uK
8f_zHb^w
PFzO6v`
Ew$U,_[M_
r/xnGt_ff
[\zv-
!'x'$R
;s"QwW;E
DvH(L4vU/ S`l
p*t8fNR
,8vL<
"=#haIBS{z
)`Sp9J_
|{A!==IvW7%{si `
9:qR\oY$
+Po3+n
mJGx,U
\R.E;frTv!5]p]
A=7_;T
skN!'b
[EM'(.~
J?8){.BA
KpXOke
)m2#.C'
-\_Sewq
ErZ>@&Mg
0z#F&}H
G'Eg$9
9~2;(p}9
O4QYJK9
f4BeFY
"8G!qIBgA
Re} $(
"[{vGAb%Ru
8&2y'R
hMwpKy7xM
q'hQ}h*'Z
j"GlPA
)a/w 8RO6?7
D!}<0#
'C&ul#7
gk>^t0my]A
|8[Uj\U (
_*MjF0
]/4Ux0NT
HY G+Eh
\rWt%]X>hYg ~
j7&3O"
mf_k6TrOQj&Ts2
Vi/_Ih
9 b@hwo0yNf5k
r5SBu(D
G04`C&<g
36\4n|-
)cVY?J{P
B_`bwVok[><
#6N?\6/W6
%TRo^Y(
*I^||dy
C^!u5;7U'm
Hv|G_ks}
vymqzK
;-V;mE
#Tnm_xx
XPMrK"#=
{>1\pxO
s\b/Ty
w4R&WL
?zIE~t=e
bosQv_
&.F"/T
!]4U7V
OL-(.WbIM
@?YW oA
&~oFMbM@
% <S!
^@AKSiZ|U
"M`Ivy
2^I%Z'a1
\_Z8my
X{'xa2
D#jr)(
xG.cYxp\>;Ob
%H_DQ5
'dEr4PZ :{lk
s3KtQj
Z[cAjl W9)kx
=(TaT>dxL!loH_
0d4V/}4a 5M
6NYZ+B{x9
%w3wtah
Y*r#`un5i
{!!")"
3|R:i-vQgk
4Dcx9i
3^Wo=kb
s4 hf1On|
7hkJ_G_
,w&X^q
!UkxE?g[i#
WN*<TT
wW:?m
aHyvX
TA(j#u
No(HHQIE
SG/*(&.c
a]nR<Q
@ZXo"z_ki+>`
O!|i5Mb{
&L:Fv1q
.`f{Yc
n:a6}~F]c
#zMq=oc]2
@)EbIl
gVg<~3\hl
^`gzW}bQ
Igz|e3A)53JK_|
.( VLJ'D
O#"WljMQ(U
EpW5xSnu
|5-#wr5v
}XsINA-Ge
"AT&MbbNP
>h<*""
DewN>w
^f~(E.m
+rew>^v
oY^ WL^/;C0uS@
n<NnH(;2
YZ{w,{U,G.v
mCo>a:v
|4bSRA
IF3J-2
-z$vo>g
vt/c&cWoZK
.s|Md^A
@:?eIvz;Foo>
Icisv6H
b#Kk;N
MY-YeN
2[U(67
P)C:D=F
Sws9(S
km?+ff c6
H1$`zJ
F2xSs`;
2w1Z+G
$/$yHO
J = i;
!w2oXH4
'U:b,u
Nz+T/|
/O]2r+ K
K:AQ1D
3<^U!B
Go&1_e
f2 lk_d
&7@*y$'[^
Ie* P_U
,4@)1d
1k4fgQlp
%-?1dT))
B2AVoSFY2$`+)0
m^*R!jkzz
:}Sg)1H
=#gCZw
h*lRz+B}hG
vs~=rf
0$<K7:7%O
Id( %Ujw(XB
2a|KX$
#[^&^.2H
{Z,`0kO^
\aynQ?9
:: Y9%Cufr
d*Z`7f7U
D9*q60z"l
_ O%q}
c2DdA3
3xzIcP
{(s"Xu
KDEiEDn@L2
2Ne&]eZT
'l`YF-
h[DQE|9in}0:
zVnR9d
b^ ;Q_
L>H9wG*m
{0PJB!Jr,?*}J
Wr{i.?*FQ
Vw80k4s,L
}hgu9zJ`z
41NhLc6VeKY%
Z' 5olpap
EJw`o]4o8G1
8YRH;t`_
<oSmk&Nd4?
vjL@!Y'Ej#
71#.mk&EU@dIi
HWJ?E'
fNK~|L
>^}dON@
(MU0drx
+@)V?\
#j^rFb&tU
-=T@H>)
%JT>M#
.1v\0_
<9 i8N7
PNDMoGr7
ND]TBj8BQJF^
#E`@S3p
+?;o&!IMg3
naL'yC
wZWLU*u
T{VLt[0
PEDKZ
#]RS+OO/g|_
@X5!$6
-vTmV1
V=Y,a- j*
?a;%8t
f<ez &2(ARn<
b>{n?:
$_A2 F
|Fet(k
tP0},]
k7g:#u
0]OA('
\h'_*#}i]q9tn
ee3^az]Zc
As7\D,'
NOQVz[^{\i(t*+
<i{P HL/Q
NUxShJq#Fq
Ps1Ba67_w
Kpz#Aj
jMJRCnN
iYD +E-
tia"}
T&7z 28H
%B8BU*
0TGjTq@\.
kC+aHz4wJkI
1IpNm5JV
:qA\/d
wA^E@p!
$A?;21
jMxIPqh
&OR@BM
W@5s!c
DOq+ym:
({TqI/
#M93sC
g-bP+M
\s2dC3p
6PSh,\
Ud sv$.]
snHE-Q`
ZyFdh;l
z p&#>w
#>z]I
g>&6rA;\
$ud4vg
1H-u#V\E
Wlkn}2
H.j#e@UI>
%2>*WVZ
4>!Gvqo7"5
|'\4` ;
7gSjf-mA@FU
K0zw Yu
MW`?HM
XbNQMF
}"m.1@
L(Aq9B#<`r\
e/r!Q}:
=xzpAKjh`P
f}d9{V\
%YJq,|
D?Fx2~pSn?/
@?`va@jY
fF(#2p
8a'Cjz#
&mZ27AY0MMq
Fv}_BF~
AR*MN+lt3
6UbcK@V
vgE(5V]JL
i?3xE^
sV!UD#
bTM08Fi|GFu
-L(2,!Uo
SR(VpYa
NO Ty8hD\/#
[q6 Cr}{r
r3UqVC,
}RrYI\NN2
muM1b7
Iy:}ucY
d:liO0Qf
Ncuo3m@m
zIvD8,
4e?"N+
H?3_6.,8daI
aAJP-$;
z^}bYS-
j{:672
@Rx8G3w
]C#%@+
2&F)b:sTbNh'N
m@3'5qLt!G@>Ji
*A]Q$W
DUK&A
OOiZt?
Is?CUIM,yzmCq\
_"GkS%N/
%hbZ4J#
6K sTwp
PJ@*F{k
kXefB^
=<=?qi
31kKD9KuRin
C+5mb<t
2/<E?>`
g-b*UX7
f{LN|VGNV2YB|+p
/{[W,1
zABAHb
C/DQ,rEa7
t'#CU4
^0Gc:y
HDsK w:X
Jf`e"@
,!?g2i#-BR
0o2A#y
q2xDm/fF5%N
eR!kbu
A v@q 71i
tu$trN
j$.A3e
2xh[`zU(
W8KHudWL
RqMxPb'"S`"
{Q(Fe?
_!l3q5I*BnR
y4>Qnd-
K'=4'4
A1/=gP6d
/c<CP"4%
bpME?{PW
PkA Nb];cR
|:f$8%C
zy*";jX
W"+Q=G7u
>$wa8o8
iHC#S$ZWi
KX!#JypyT
5*(B*[T(?
ic(q;L>f
#1'T+N>
C2@>|G
[Q:ux~P
/sw#&n
+HhJd+
P^&'{yc<kV
7MCvO%
_w9y_.A
A^C8@9W#
/e~hD[u
IV`[:cNN
MQIj*ek
g1ugH`
F.4:8I
y9c+c Ov(q&#-S Q`
9&V)Pg*
/,S+M# M%t
1':sI~b_
M~8quxz{
~/tm%t'{
tF:@-3OH6
FcvSQ%vMy
*`M&5d\
H.OZqa^c
k5N# m
rY4(7z
r;Xf3-[
PKp-tb.0wZS,
F0g|mF
-0}lQ>@
X|;%XPc|
Fy[|XxJE
WtC|E9
]eYO4R
Ll&8fV/MzNJ!X
Ed|6!* h
>ZDn?G.%uGc
7kdQU(31
P<Secb
y)*>9;Z,
j[=4*4
%U[,&b5
^<'$\$
|$8c*-
5_9~QV]MsZW
glst[.[
g[QwVE
u:k{laq/
D'ryGl
el8/@KGL9SO
FBoaGKa
D7y&RN
>6#WN$
8m JR\:y>5QW
$OH%+i
~K-<Sr
n"W*ripB))
Gyyw@X:w
|dJrA|'
: UbT
x_K$3s/
uXPk4a
.a ^GT
|;a<ieb
c/"6? 3Vu)FM
"p^%#T'
ssH=OYvvK
Yt%Cn [>
I&s_6f2L%~|{
8\UQC!S
s w9P2
qc}VC9
jhlOUrE,
.a*U8Qk
EBFb=iH
T,!w4tpc
BO~q?6fCTtUc+p'
^w{=Zb
N"Nj *-z-bi
es%dUk
1H`;r'
8RJn'Wg&
`DE&i9"c
lu=pQV
%OP|v)'
d:,_]:
D;M_^P
E\\- 5
G})!|XW
[|_VsxWA5
il4hlm
ga?\vD
Jz/->7
1$,hVWbJ:
D3xUKZ
QNdno9
hALnS<xXn
@p/|WPq;w
b0x`Zhx
J&/XNcTpP5QXME,#E
&UM|jr
EbkO5k
xYl(&:
(,}7j.R
(f fhYtue
ZT1n-4
<k<> s
K 3"P7df ;7Uy
%rJ,#7
lRje-W
]MG_0oy
$&>|e^
*<^gWb^-U
zM<Az7?
$d7z0UUm9r_,cuP@1.
DNBF|oH
>nP}l(
"!ibA&8
t_Sq/n)
L Hjh>/i#3
m83$ 4]E
UU#}vh
G''6U.
.g9_@}~6
Caf /O
iB~'D1D\$
+.+^Ja(C
Z1,msv
pbLSY@Z?
K .KQ9
=$lp49
S6OPk3N
1#/P8QS
5z\#I!
eJo6M0}brM`WYY(|
As#RHQ(
)#"O,EyA/7
GG=8M:
6igrl$
D]$+=b
hOz kw,
#,LE)x
,Jo~aC/
[:56b%
N9iy#T maReq;
BV|D#s
zo3Noe8x
?('{]m<
\@$r+L
A7|4t+
p:z:Q6
"s~/4V6
9H`rjc|R
.Tj]a]\?5
p<\WA% d
Bzveu+GkjAeM
m*-\8[c
A!H|V5]G,
YXPR<4OP&WlcNM
)3m1\znrKl
BXnlIigbM
0~w'9:B
c:g\Pec~v.
]%q-Pvu
\n+ip%
1A>w _:P(m
E_qi8`D
p]"j7R3`!
Pq|A\$
/'!O-z;raX
TGHl#I
N<:8BL
&E ut'}'1
E;XQ*!
Av@=M!lbJ@
w48K'<
&su&yGMj5^
y(o{a8N;U3
zL6te1k8gP
?-Z0K1!k
$]L&9-%)!D-
4p~/6$
ymIa7xj
PohbZ"
@U2Mms
Ev|u@O
-j<33@znb
/3Q)fDSb$/
U6S4jTp
ygW"2}5`CmijzP(
g)PKXH@Y
M}$o<' fk
4cZkP*
[k-EO 14vz/ovi#D]u
a&*|?|
Bk; &=]4I
|NX7Pb
V"*Gg"
oPw+Qy7
1' {E]fB=
@>8.p9
r~<gkRn(=
sjM,ymOW~
L2Yy:[l9
q %~e"
G4+?Em
0&rO_D
Tg0awl
|3BDwF
&Gwe[i
bQ`RreG
\tDM5Bu
!-8lM}7
/?tL$b Otb.*vO{
6_~ev^
e[h-8'
hd&7E:
N8h|>,/n
c!fyG
4SNfod
EM%[`:yui
U$~,=hw
Ha h>Sr[/u
>5SSgb(g[xuX
VId]R;R:
~<qc6XD[J
(JTPWvArOcM
*h(v9)
ueT:psd}=
,aC@h8
,7w=J) rqsw]:]/
Z9}SQw
a~fx?X%
[2L@&x
S%Tk pR\<
pI,r"xfjeiFK
YQ{\0R3)S-Lmhg
FLH Ut
2V4x B#}=L
JDnbNWz[:
Ma(f<u
9a#urzi
\DQw%=
g4~m}Mp#Fb
[pj@eV
*va/\qZ
;okn%I
MwJVaY
@1_/1-D
(!vu2xt
'LJhS t.
3r3rze_%|x
L:rlxD
]%&ec'df
JsIPiF
[6mhQ>jo
VpuDqz@):\
[{G|LY
P4112VPIZU,
u~}q"C
-Qu)4K
Mdz`vOXo
*ATh.LT8@
@yf~|da!9h
X\'M@M
deM5bd-,
ZXm`T!e@5
Z*H$*c$*HxQF8YWcD
r2\QT"!c
rS$ oS/
SFvBP+#
<yRUjc
`\cf"%i}
.o0#WY
.9lWv>1
E-8omL:2
Qs{n+svY
VYjP@t
WaY2HmWR
J>3H"u-
V{`l*"=7
E$?%-G"QG?@
^]&Oyh
LAZ9Ih+
S1P}|(\l8s
@8d2R-W
-a]Nap
MZl- LArS{
zV$=<UUD}
*]a)Lm
g&/tiI@VtK
^LM8P<]0+'e
bR%o9~@
J,BnG4
sp>4* 6
-T1X5@
DyW=F/X
>";=8k
[5p-HP
qZ[FZs
5;;42v!;s>>1+n+9%)=!((
&BN@Jc
@FDDH#e
1*3k4@n
Sc"GjKZ:
r=c,}<7
)CT'nD
4T^i,2R9J
U&##2.+
V48^XXXX]
MessageBoxA
wsprintfA
ExitProcess
GetModuleHandleA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
LoadLibraryA
user32.dll
kernel32.dll
28444664222044486664444860004866484622666606206888228422064688428286204808428822828866862068808604086626486260422606860626004808248244404602668022200680808004028480084666268442648752gx899hbrd1n2l7fim16oi4h2skb8826482262062662400446820804062808400264662860226482400840606208662628206844686000620824842686682266480220262622400dthdttdxpldhhxlltlxxttdptrnrjrfbvnvbvvfvbnnmb919jn831bp618o57a0paoon6u76xs8os8nir30865dedw80866hi21m35vv6aos6xo4679l6b7ajqpa033t3x4wn8rh10c81g08bfoxeicvuk3ro4s403319i0x84j94r57g185msws2435lc2575t2gv217bb0bfan6e158n302744beqsj4sj733vpvgvspd55pd53a2asr8uil68687ci267o7fx0u11fo187l7l279o94ma286pmvggo49r9lr38o92467we81tt903806b40m6dgs27665oc6200rl9ur7l544fo3663uilgs8sv9d0ga0l71f5iouu846irrx836j8js06d0835tx873jo4j65n91cl7sd3rmm6uu8a21341799x3neoo9u227l65b6rka36n8j832k57x8i58t275r9vbk62xercd40lci2mc6605blvkk15575lb091ftx0e8po96vdbg54dq4jov46lw7fckhgeb09a8ih721d0n641eu169x9dr199sb38b158i6f20il4w2hg159lif37c7e31dv016gm9gv95jnn5255q2etwb7b66ev3pmmammv549j5m8a0gjv8749p5aj6d09g739w5n4wbnw2tntr850xlrfri8ll907x1uoi3661f7906e88q5e1ehn233hn69q34q5en6e15heh78nh85h5w7nqbnnn02tbe9h7nr6rxil30x6ou4xo47802fx9oi8uil6u7iflfifuo13lxulr2u9x81b66wbh3q6871qed3m1apm6dm87pa9p3g15dgmd94pd94hbnbhqwtqnbee6378qbnb11ehd0ppva7gv3p7pvdg9d8eetb31h20qw0e80ebpgjgmvjp7v3jp17gaammurui1lxl91x21i2lo185f2oofo7roon898tw1e1t4hbebht7b6i5637l2oo65b0943b955qb8t9etb051ew9t1n2hn55j5pg5d9ja0g1p335x3l51fli614rht04h55730t7qvm3pj65jm868m0a519we0e73tqwh3960qq5173q319qqwh56b8t090t12ttbqbe02n61n19nn2ne1973b6454t9wu70xxuui4lnnhq73n84bbtqw91vjmjmg1mm6gm6ath1nq2btt9nt124e4tga71vm2vv1d3053a7mv1dajpm6w66hetnbt882n3pdm5jjmm765d6d1u6oo5ooxiof87xflr1ntqtnbn4w11521w6bwteen657q36qe78hba4vp6d6d5875plxrii6rx2x7f1u9ir0iuiuu6fuutwnwnthe43q9180m4m2j1mvm12gv33845iluuurur7u33ox0irf2fiu314fr0f3u6r9d13dd5095pp3g991v1jp9m78w43hqhw73hw334wtb9gpmdpdpgd0jm2pjj909mg1j8ja99a0v7of2r8loxu95659d9a6ajmg2jmdjg291x93oulu0r337uuupva48g6d7vpv70g6ja5oxo94iurfor0ilrn0t04n8wehww1be88n5nqqq2wb0nv6dv52v97v71gdd7jggj00f4uulfuf6xiri9ox6tennbw8twegmpdaj67vp5j84mdag98a7pma64malro2o5o4u2rf4iftw31371wwee4qtt9tnqnqh5wt41qqt613w8ed0aa6pd395jjpjv75f06ui7xf8xuw48qt1q10w82v8mm77jag5rul6ru2luulf3wq53enn3bb6e1we8ewd9pjdj6mva5dpe8qen8qtn16h15ufou61u563x6uo7rux0aga7mj2gpmmj6pmj1l587i5rrxulf26xlu969bwb8nqe2t6ne5mg8d0aampa6dmmd919964frrx9f4rilr32614f073or0l7xirt447eqnb8033151wn84mpmj96d5v116i00xoi50ru21l5l1618urf791102x851rofo7rn7e47e3t8468h3qhqbq5gma73m6mmdf71lf28fl627o0i97l7eehteetnwewe18n6tt93bt0q36qqqn6q9973a46ggg7dmvpvav6ilx37976ix9ilixlfffuu46iffo8filwwhb1n6wq1b7enqh3m3am8v4j1j6dm1m3olr9uxiu5fxlluoxl9ofu144ur91uulur85b4h0e2nq9qhdj285pj4majd1f65ulrffrxue6wh6b4nnbm11gpavpm733iluu8i1rf5qw54b3hqhee2tt38308pmmg48mgvdv55gjjpvm7m56v1p589473wq3nw6e80n0n8nq709m4ddmd6dan9t112n1n983w5w83we3gg4vgpg4a3j2va59r48ilf70i12ullff54d2pmgvmpj7j3p6gvpv8gj4g1gpgdmd5m03au86i7091796il0oetqqwne9eq6mpampa817ajvgm3m29aqn1te7b7t85w6bw4nw74th2twbnee37w89n8n7n5bt459thn9tneb5bw1qe17nb2h1tq8we81qnteq1wt7xx6uri3f52o3u36roi83d594vapmja0gppj9jg10va0vdag9p19p5g1d350b3qn2wth85be1q2bb5157q6b9n6601pa026ga8agd04v021pgjd2a0m0g1m6118b3bn70bqh0vm9a730a4d4pag9jbn4tt7een0eq7n7eeh08107hqb08904d0vmm20djpgmm997f262xi3ouf61iuif35uourf3fiifxrol9rrulii6r5o0o3lu9590iffor23706p52gpj6aj6avp3v87vag9btbnbnewn4eqw6eeh5b7qt89nbb99hhntb2q96t9he7wwwhn9xux7illrl54rf4o80lr3133ou99ir11wqw29ht4e6700nn1wq5mdmd5j453p953if10oxf0forrxuo5x5p737198vmmdm886pmp2d8d3v59a6d77j179da71avd020am80j3340234pda0257p3a8am5gvgg4j5803v49pm6m23jg1v6mv22tw3t3tnb78t502e18bhqwnn219htne6wn53wn1qq605i2o3uiu49luuuil7fuof28l6i0iu7398o379u5oilo3o81v5455129j4a89adg24jnnn03e2hbt6152l3ux03frx8uu79m2mm40v1gvm31vg9062p5va166agvar1xxfl3iur07fou71etb31b8b853etq94l36uf1f7uru993nnwtne7t437qqb8bn9tt42b8qee0b4w0tw1ewu4l4594r9l8loo7986xlll60i7u607u6811rx8fr2945iibw9nbent8w16ebet9qen788wntqett8til1fuxuro2l3l25iu1u6rofr9frofou1f43ri1rolr1434o2fl646oliuf16adampjmj0jm9a1m939ggvmja1v115gd9jmdd39jdpm1a2609dv0gv0792pvpdj7v07vm3gj8pdjdd240qq4nehe8wnq1t2gva19623v8jdg41o3li8xu4r2rliu11ueqw5w1w6nbw35b842whqnw717hh342nbb1wtqq2e4b7en478wn35qu37ii3iul9i2oio08ooirfol3ul9ruu65155uuur8ul4oif6f31f2jmmp4p8jd67pmmvgn5wb0wq5tene8nt3qht46w355515we5louflfr4fu9u374o9o5335i3151u83928r609u99u5i0orf8xlu75i641f6l41l7u2rdp7vv95126jm9gp27tbe2q381w2n6xlfu2xlx5l9u21u8x91uu1lrr0f886ui6iii44r74rir9d3j8jamdvv22aav080v373pa37q975be516n6nwee2he77r5f2r8fu1l009xuufrrlr901u2ivjvd6v9gvmjmm7557aamjd6j981p8adg0amd22j0a469096vdv8mdaja16800p97v9vgmm40jv286gad83q3q6qh6w0qe9t25eenqeqhqtqe16b4bqe65w878i3i7857u88o3877ulfri2rlrr6i9lu3fx6u30i7o40f49am2jgmd9d1jae5326qq6q54bqq3bhq175eeb0478t1bheee50ne0hbb5ilulu9u93i9rx089x6f27lo91rxl5l2uio24j54d191jd15wewte1t5htnteqwe0n25053whtwbh93a757m9jgp3a8ga0x593iu489o9rr5ri54if8ufo705o25f867h55b5ne675t9h9000e3pdj6vjaj5m1p9jav8a9vjd4ddva3ajjgvmpjg38iiu38i7i5oiuf25uuu6e4qbn312534ewtt9whew7hee469w8jj6d0m1vg6vio9f6ii6f618i0530ir8026l9rl2xu0r6r9t2bn2w6eqb1eeb5pgj2dp9952m437mj433l95i6liilu1l7fix9ulrr3iu37oi8uil0b437nq1e6tq5nw3gj1jvm6dgpdvdm35aampma50da60vau61xoolof56u3f6ulrfht89q396n83te7nqwb66q25489hw2btwneth4jddvdpgav3admamp0jd9vp8337a8oi4iuf745fff738in5tehbh7ete6whhewee9vj86jdjvadurx1ou38roi5lofxo54qw37thweb5b9v0ddvj60vj1j7tn588q5n6hehhq9pj8g5vgmg9vp1m577m5r7oi91i45826qebtq7nbo2if3u0l69o0fii1bet0e8h5tb467tqwaamjvp9vmmjjpp32g8v7vg8m7mm3dpvfr3orx27iff0luruu791tbqqheh02760wen8115eeqe013ne5e8gg7vdggg916x279lxrof2iriuo26ob44n9bqt2en9et1w49b9hn838h1pjm57dapaj8dvmj375x11u3u1u7of58iu3ii3o6925hb38t8n96507qqn8w505h8bqq2b7wm3jpj459p82gv5pp9dgfo39io8roouo6lr97ux926rfur7ewewwe02nq7bt4g2057114m00d41pam3jjva5m3pgj8534iff0lx8i3813l7uo03ifulul8r8fbqq9009n04n8jjp91j0mmg89a22am4j9vggm2717l5oii16bteb28b0w73wh4h243t4ew9b9325g2a9596vddf7i31o9if1l7flu31qebhn7n0nqw4n5n3av776j181j77uolurl8lr662151be2qnt921h4wb1q9wn197q62qqe8gj8gpjgg8gmm18lo92iur5441iiiurri3i2lo1ou2xf1b5tte0tq59na5mp3a48ap623xo9ofoil1oi94urx88e7h35n44ewwep24635v7v33g56tqww7239q9wqeet2v2jj53mpvja11vmpdv73191av77r377r9ror6u7u140otqn54q8hqn6bbh7564h413p1975gjp5pvj5v9m4f9rio9rfrfr4i1n56qqete6h316h1h199n4wn7mm1919j8mp7o6x40671ux8ouf7u99i1o8l585fi857xufr73h66q014t68te5q4q5mvpd5777050vja48m0pg8dp8m652501goorrrf2orl5ll1qb0qnw5e2h5wntntew67j7dvd6dmmv8m7ma1fi201uurfi1xr5b23wh2nqb358hh7e8tbqnh79d60mdma0mvv9oo5f9of8rul14o132tbbe837bw7n75eb57w80q882tq0eg9dmj3jm60lfr5ui07o5f5244839twe736e7h6nw6hnb53bnt2ehw7dif289h05k8v21p35m67681cc788ff192c922j4psma65p5a37915cl880ll81227gs1sa7766d38vv3j196j348321mp8d5maf68f24l5156ur86cr8cx2f029o66f1l17ro7fjga31500pj82d6p1522at336bfd14853ans3kh05887k78h1lf4o1m1035c0wpl43inv34tp74qctw7r10l7sv1hs5ha17l817w0j35w49l8h7l441186v43nan2xm5087p4v59k9f24d4f262b4xn21583min930l6ra1026640040882604222464288084406646864468628086022004888244280040466020404244446482062848466420644446242646642468048800840266022424804624046868242084002448062426220000626400666444886844244264288088646848206424240062224680884284468820460484622086668cqrg3071c3967ed5cr76ig80cne0k9f6i11e33ben476e6bqtnqhn9k953no4lu05u8884cl8xx072u9o295i9xl0l59r19196l3r9u618c75c06iol5cxx507lvm151a916s14gm5363p6apsg78mp7p7xcr74ixf918gvda38d3jjd74m635x90209c52520u4x72880gm95g0g3886tq2tnb8tqkl381xts80v49pfehu2i4o5453v5ddhcgkk24dsee647d657835ff83719npu1vm72b3191h1353jjouc1a7jx2f6tte8435vboo3j2j9wc8bf43j677f2l4272xd43vaae8je28753f0ta0jkf1d5x573hr09791p53irqb591pp8p6busrw4dw20buai6c48p861xao28xse4e62diwe464kv2108ejes4w6clu76l2lu464j1p3xeir23lponrhq7j8tj06798r917vb64chv46757j9q58qbqwmw00jji2c281hb36p5lpf8457j5325baea146x35kj8n2hh4k8enwvgb701d3d98h5bf8v46ota6g6pp6686seaf08097v5v32cvg3u4g65319d1d3v7l789f31rrgus576r5hwcq25316n7h54l13klqg4oo237eex019h90jj6d33l8hm2k28v7cc09l3b578xte0i085gb0319sn8d6r1qlg668vv0bplpts0fd859u0f2aoeeeihe0sa2l2l5cga2o6d2cvwlq8ko0615316o391v7ul46t391g5q65h8vh21973ftaqk28r4h8vg023x75dnh14n6n05llae463vw0mwv9h0h919bp273fx565gb2127591f51i97n68nn49v3bp7hh65xxrwm84hcut6m0os06tkton287mh25vlu62oe0m8tnqm0m61l1397ta8ta4ae5454920wj2j05nm1343pfk00j0m735v6pt20x1d556dx4nwhm4k06l61f7bbg7k40t8200rwc467cv66966l4hm40l2c1dx0im6c4gt3t2b7u846jbxa4vq97bg1u1s99623vh497f838rrmqq6lqq2u0ka24094h95p997b57ox2331fp019n9h32b82dt9i51tfo40xn06di68j80hr91134v91p27o7w463i9573x0xni23to621j69x3xdc0q8wbcl7h0hhcqfa5kt4to70b1ga402485j2bp490k6895769lr4n4dke519r7531937vu6fasfes0316167f0xx2483na8xdmc021b86ch68v135v94vc68quuf027ml1439vl219q9b7a763jri9xi6q24p27tj619b4umm2491ppoe8s283xp98939upa4e46a97t2f8t65j9dn2vr4cw25r395vufoei8dihmw941l09l610t7ndod76s2jd461lrxje3952l53b45p7lk65x61h1bd4gmu6f84201tkb257f79xjfo1ta8t2tiv412j2727clg9uk0s0w6u6o9op4ug706ff6jf106ub643p0j2ots4kcew1871f917x8g5qrm2457l53x796631rx67l3btsimgk4i7i89b9ffj2m9gd87f66hm4gug28p6feno85s217r7w1crcuuuob8m635d945b7pfo7in51af17ii2ktn4as3i9088082262226444060468442822442666022062620868686688442004602628862046866802468066666020usps2nn523vk89c1nhh8qilh58468l1b7bhkp920a8n8xok77m50t226fqxha400iwkf736f76s39f3bis82v1e2rkj9i9e612kvhaldm0k9akox82ba4xqismf7apcbiurt0n2aln0ixu1t797l401554b155e047hl2wqgv9t7h93he7mc7ob56v2b6v30hke943x90g7u1697t823ajjnc0tn6o70nm06p8h9783bm38jrp1nd0rorb5e08ba298v8lpctt421tnkb774og94p9892g5p84foajrxp84bqt57bpmev6p0378g30cxr973n5334591173q602qknqqe104t2m40a0gaadpjd26v90341d9a1jdmappp1f7fxlic8lo30g6t846mkm3jk85p894cfeh97rj7r2bhd1d498l61ot5u71cf02xcool3u5li9i95uu5i530olr0fr04o467fc33lxu3i28r4x9js0v3p73g96gsjd57jv7gjs88jv77jspuk6m4ko6tfhsjve3q1815sw6imn8dw10e7adtmhprc4u3l91e9n148435unrf68noc155nb3bwe624hetwkw5khb2h7318bkk3457q2u7uxi44757a51907pdvps7aj0p7j8mjv263b7eebb06w7hbkkt4ir9f9x68c9xf58cfof617oa31349a3555jm8va20362t5twke03wnrbjbjnrrnphdtxplx4022448840dpsmmd2sd9a20lr1ic20oiix31l7l13il1xouoil4xixu86x732416qweq920e0w7etnk3bbkb5ek785wf53xrxxr4r9fu5n6h7wen1333ttnhtb8q37vjda71jj3gp67m4m16if9r0960uxr7lr2c6x56nwttek0tn2ettbt6r472rlcro496i34746cuc4ulc4o40l1th7kk2hknkpsd3d30513bnb328b4wt2wq5h35l0v760str7548ffcc36x5c18o439i0u70x1ucof4o2xc0f6l691io9fi857o0x8f6o30loc51i677v389p935gd3vvj6hrh9pwqdvatdg3x9tqt9t3n3btbqen40gbi90mbr85iq6x5l4njheh4229og35rdr40v014ww58cgre8dp21bm2lx68jo94s716m2r4ph82393q7v0qfc63ib12485g1gp1n77h74ed12l4a2jnn119l61x2v24687998gcicufgk6n487wf28la1hd09l0fgfnu3ij6n36deseh33lq1k75xak14d8m314297p25pj890qa4fox1p672ju346td1llxhmc577s707m84210sw21j62tg2t4tvj21tg266s400890x52u05usnvba7vh273epmi20k1d954pg4j7oajq8p209046qpo2b09s057gm23u729im9jd644404622622248662488402028082444824082402048680488hhxtttphhdppdxhxddldddlhxdxhhphdtxplthhdxxdhdhldpxtdtpdhxhhlhhppxdd628222884808jfffbjrvrfnfnrfvbjvfrbf4qo3fe24e702ppo955xs4n62608ohcr7ia7338bfwk9d659a9msvm5812ujr52bf4f2u7e3n97molj250di68m1m25go015gcsv64308e653d25t95aih75eg0e30k821x56xk09v40hs43f8ena3488w86092riv615mu26luuf0doa1u147n9qpd932n60u5p8693187iv41hxjsul7j5px66fi862x7br6w05j4mv66va1r064v22237gwd7w76j02o0h69r78kf6g317c80p7b76772d9b57x1xlbb0c32922n2sop44ec4as943x84ju87h28re21pc1c3ksfosj58m8e92b22xj2x98b4rn4denf15t669xm1psq04f5962952214pc0bn43xk456963p38dns60lro4ax9umhj53j7i024lw1gv61p74377s1ccrruxfu0cuc0lva2bdt53uugosp23415fa8x8lq3c2tw9i4t65do8aw113gqaw449682i5glow05p52nk7fwc8fcu647gepdhpat2883frq9r2r508026228868208280000842064648208206268226000868620240622822648084068448006468864486624008044088846080424646040860446406640046886060408022646446468248844204260262442644224264045qciqupj617j0i03nqi60blgm95226u2eev352gcn2qsj06qpp6thr3700p2vibbh4b475lj704mc43n37ttl7jc9nirhbq78xn226v9p8p221696025c9l5ns2g21ni84k8385f8k5hg8v6m3rwq63i53s8oje40aba68nbq57052h8mqbnk5521i52d9i3ds6m03r7o9fh1s6wevnbbc691h8p5n2w6081jn010hf1a979vmuv28517xw1329uh6307eg94i2148782c33hp2orx6we6p4ps4o3tdo42sqne94e6r7t7skr7217wp523c8fl5b36cq5m5k5eh40u1do768iaoo8xbl4f0ttqncu611fq020q8k40sp5q710k05e766d9r7u2351s09df7m9dv4jt8xdg751xit90g7m46vsq72h709i2taf7qbdv5gd1415823499m9r86cn30mmb32gnfsq4l19t5jgw72wd453hxx6u7j2mn9lwc2rq7ld7796webe133149ses8fb1259hqckpc7fmw2uat2annuhcjsk8jq659c129k0d15dwt2n470p2a0q1m82qlrt7a770526fbbffrrrbjvbnjbvfjfjvnjbfbfbbvffnvb2d947q9i3719u892p71g29g4k29835287147m51r930b4l0qbdl5c028l20gj407hi9774aq9g46lpkdq3np476l16689whh4x90730ld0cgldc4lrlt90e64a63ov914mq4189140s9dp3npd36d0wq2i782410t7q05edr807x48406r9ontafkw75r2863f396k6gw4910a868k4ht29ksi525qd183lnp1p872jg565u9a1ej0kn39ssrhdgd00dc3x8m09sqes416k864277q62a809222779s4m313qq2aiw916446x81h2n65666o8o1fstsg3412bh1u859q4h897r1s3trcobja4jx7oho85j494p18248qpc3f7dx50t024t6tfbb50p6k1cq2ne3a4e529834od50nc8bu4651dax9q95o434se253254466w43pr6og32tun68ds083j6gl0s39skwlnw72t1jeb8j8509w2628b2lx0ixf90cq38gpx629si647ivu90u38f1ok5147bucr1t315a6sojfl9xsfwtg7fh11185n8gto56n6bq121opg08p2vlbg3kitqmx7hc154cmf948585cdfp56733wbmquqwk0tu2rm4j9kwuuqtj50igogav5r41j3a1qv44do69c25q1617wkcnk381ba5s0600088806688020266200648086028480868222000884802088046028204884464606808082640880802428860606684480282202682pss1sp6343gsm043v05j16g5g628642442660646446406024266606464622288008006260640244048640848486282200022060842j30g41e934l3lqf9oknbw8q31s50p3doc9j100rgs34g907h0kc90uuqurag5bf8cqi4k3o4xp4o9hf9b1t049jr3k2772ff82v1668kig0c892354og8n22oe7uq22w4on545uri29rg56wa94wr044n18pro13470g2rkk5j226f8br199st2c582p3khraip627ujahdvx43ep8c1cic49cp5fap0s3071p10i0q1ok1635e22u9c915691r2km9pjpgh3k3l17w3alqaa6k95ew1gt7ajqt10x7c6u2k98d5i2r58lvn65qxju71cvf3jh2e286cg5g35405035476bpvh2nu24a182ii41k2w75fh395s2siu171v5881wr5qm6r65f0vmn971b13qs7jb83c4qg0ju6ls77m25k995d8vq2dj71345e4r7un93576qbg75cj4je7gde5l0k5523e1o8p0167u6uga2eb76h3gxnwal3v604of35mkn41it51c21gqw1xv9x9l5d1d9ibi5r15f75622wm2d67f1311ld0sum9d3s7rjk5t59fg2b7ve31sxc5gn5q1h53wt01716tn1ex0qb5m7drbohd23o876tdxs9ax2cr295w50bilo8n657nxx637ew05w45hw760uul37659742ir07c408048t203w78bc94p3teg07j7a8i8x2ir4eq8a8bu645r79s78qlkta8r636on2w8s20m957pu084e3o05t5004ud236v6bjr474505hj24kpb767v9sk29k160qtxecg60o2og231cki0h90c5287jxg2j304k93ku6sm6246544dvmg9xk3mj61l2tuhkc9rw75841aj29aualk2f02390fs9vx23wi46131a14q85i9907nvqib8843b1l751knx2162u9lrhvmx6ll2m19o025r26sgqp1u63i9hjkxdh7999bw2s33hngrmb9fnpp0hkq4fc81v87x7ml2fw42982d6kgo02xm8tjftr28f0gxrs3mp6dd6apc3tsj593267i4ir6ahd6j471v419k9tn9d635m8ad93k1g9o1qhh3f6g248c55j82vt9t44f7697131m07gg8i1n0bgu761191w2kc7efq2u96mrim996fpjhop9vbjvjjfjnnjfrbbrjjvrnffbvrffvrvbnfbnfnrjnjvnfbjvfbbfrnbfvbrrfvjnjfjvbbvnbrnnnrrnrjrrnjnjvvrbbjjrbfvrfvbrnjjfvjfvjvbfnfvnjbjffbjvvfjnjfnvfbfffbbnrjbrjvrfvnfbbvn48480466822064400264088682048706p9sv83g7dd409j4456pjpso84oc092x9fuooc2frc15l2f5xo5c1fi64215vva85pag2p41pv79av4d744ma2dvg2uriolo157f7l3if73ox8rf47rl33li90998r12m655aap20gmdp008we3h309wb9w1tnww5hwq5051t9newb8hhnu2lr47xf94uf7l24fl9o4f0l64oui14d939sppdjvdvg54aj404240286804088ppppppppppppppppxxxxxxxxxxxxx24484886822624204u581k130959u5k46c153a86o4njc384q360j7qa31d1923vw7145h42028vk436tfgoccig35vwjlx2bw396tfkq806dk7p2uk98700566v1ou1w04fmk1511gjiq5mo5m5ci5rxc08a1x3kwrfvs23id1ewr8f3i91613v6kp52ahp766oa0umu6e8jux3272l0c37936ess17171s71b8p6459e73i98ls317uk4mpknekpis3j9r2ci3i13l3qaasckbt9174s5l4mh72wvq25521953rw861kxu330u08o0pr4s1ftkig24u567imko2b050d5413ipkc3u8gqg8rwnu3wc60xp773it89gpuqm289ec42e93lgq72286jiofhn34u977q47r714gq81ecwwu1l6i561q5bc05e02k0w4se6hccsb8cef99ae0ws7qqffmh40gb222x25ln4ftfl7t244gp799gfwxq3g2577faad18i4953vgcs78c237cc2bxo29dejj171nq415925l20mpqnoxo92cck7b3s801r1ibwx82949i71gnl5ot084xm5c5dv501e7h1emk04917mjq4gcdpb0u8gh942x62wl1w84f5u39708von71822i04sw6v570522m8usq572x50htb0dj0011im34e2m28nr5th8g30h9737g437ur2ft255o2q433s2687we70ncq7s27rc36dem2xk11e25179c6w61h7t1g79x51cj0629kn971gw11dmo173w7badg7t3x8550q055o2d3h3wbx9357d8j2r62rgsa83l6ss556ioxl1w4s76j9f7u0ohi
Hosts
| IP |
|---|
| 114.114.114.114 |
| 8.8.8.8 |
DNS
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| dns.msftncsi.com | A 131.107.255.255 | 131.107.255.255 |
| dns.msftncsi.com | 131.107.255.255 |
TCP
No TCP connections recorded.
UDP
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 53179 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 49642 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 61714 | 114.114.114.114 | 53 |
| 192.168.56.101 | 61714 | 8.8.8.8 | 53 |
| 192.168.56.101 | 56933 | 8.8.8.8 | 53 |
| 192.168.56.101 | 138 | 192.168.56.255 | 138 |
| 192.168.56.101 | 58485 | 114.114.114.114 | 53 |
| 192.168.56.101 | 58485 | 8.8.8.8 | 53 |
HTTP & HTTPS Requests
No HTTP requests performed.
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts
Sorry! No dropped files.
Sorry! No dropped buffers.