0.9
低危
DACN
0.12
FACILE
1.00
IMCLNet
0.71
MFGraph
0.00
反病毒引擎
| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| Alibaba | TrojanDownloader:Win32/Upatre.5097ca31 | 20190527 | 0.3.0.5 |
| Avast | MSIL:Crypt-SP [Trj] | 20190911 | 18.4.3895.0 |
| Baidu | None | 20190318 | 1.0.0.2 |
| CrowdStrike | win/malicious_confidence_100% (W) | 20190702 | 1.0 |
| Kingsoft | None | 20190911 | 2013.8.14.323 |
| McAfee | Generic-FANY!BB8259A8C6BB | 20190911 | 6.0.6.653 |
| Tencent | None | 20190911 | 1.0.0.1 |
静态指标
动态指标
网络通信
与未执行 DNS 查询的主机进行通信
(2 个事件)
| host | 114.114.114.114 | |||
| host | 8.8.8.8 | |||
文件已被 VirusTotal 上 56 个反病毒引擎识别为恶意
(50 out of 56 个事件)
| ALYac | Gen:Variant.Ulise.45106 |
| APEX | Malicious |
| AVG | MSIL:Crypt-SP [Trj] |
| Acronis | suspicious |
| Ad-Aware | Gen:Variant.Ulise.45106 |
| AhnLab-V3 | Trojan/Win32.ZBot.R120530 |
| Alibaba | TrojanDownloader:Win32/Upatre.5097ca31 |
| Antiy-AVL | Trojan/Win32.Bublik |
| Arcabit | Trojan.Ulise.DB032 |
| Avast | MSIL:Crypt-SP [Trj] |
| Avira | TR/Downloader.Gen7 |
| BitDefender | Gen:Variant.Ulise.45106 |
| CAT-QuickHeal | TrojanPWS.Zbot.Gen |
| ClamAV | Win.Downloader.Upatre-5744087-0 |
| Comodo | TrojWare.Win32.TrojanDownloader.Waski.EA@5ixvig |
| CrowdStrike | win/malicious_confidence_100% (W) |
| Cybereason | malicious.8c6bb2 |
| Cylance | Unsafe |
| Cyren | W32/A-5ce1ad06!Eldorado |
| DrWeb | Trojan.DownLoad3.30891 |
| ESET-NOD32 | Win32/TrojanDownloader.Waski.A |
| Emsisoft | Gen:Variant.Ulise.45106 (B) |
| Endgame | malicious (high confidence) |
| F-Prot | W32/A-5ce1ad06!Eldorado |
| FireEye | Generic.mg.bb8259a8c6bb2585 |
| Fortinet | W32/Krptik.AIX!tr |
| GData | Gen:Variant.Ulise.45106 |
| Ikarus | Trojan-Spy.Zbot |
| Invincea | heuristic |
| Jiangmin | Trojan/Bublik.ghx |
| K7AntiVirus | Trojan-Downloader ( 0048f6391 ) |
| K7GW | Trojan-Downloader ( 0048f6391 ) |
| Kaspersky | HEUR:Trojan.Win32.Generic |
| Lionic | Trojan.Win32.Generic.4!c |
| MAX | malware (ai score=81) |
| McAfee | Generic-FANY!BB8259A8C6BB |
| McAfee-GW-Edition | Artemis!Trojan |
| MicroWorld-eScan | Gen:Variant.Ulise.45106 |
| Microsoft | TrojanDownloader:Win32/Upatre.A |
| NANO-Antivirus | Trojan.Win32.DownLoad3.cqkedt |
| Paloalto | generic.ml |
| Panda | Generic Malware |
| Qihoo-360 | HEUR/QVM08.0.CFF9.Malware.Gen |
| Rising | Downloader.Waski!8.184 (TFE:5:jaYWn8408dM) |
| SentinelOne | DFI - Malicious PE |
| Sophos | Troj/Agent-AEYI |
| Symantec | Downloader |
| Trapmine | malicious.high.ml.score |
| TrendMicro | TROJ_UPATRE.SM37 |
| TrendMicro-HouseCall | TROJ_UPATRE.SM37 |
二进制图像
288x288
224x224
192x192
160x160
128x128
96x96
64x64
32x32
运行截图
暂无运行截图
该样本运行过程中未生成截图
PE Compile Time
2013-11-26 05:43:22
PE Imphash
3c3860f73173dbf372ef20d69edbdd5c
Sections
| Name | Virtual Address | Virtual Size | Size of Raw Data | Entropy |
|---|---|---|---|---|
| .text | 0x00001000 | 0x00004ace | 0x00004c00 | 6.553504878987927 |
| .rdata | 0x00006000 | 0x0000260c | 0x00002800 | 5.611754225350586 |
| .data | 0x00009000 | 0x00000918 | 0x00000400 | 2.4213582238164157 |
| .rsrc | 0x0000a000 | 0x00001104 | 0x00001200 | 5.568891993515904 |
Resources
| Name | Offset | Size | Language | Sub-language | File type |
|---|---|---|---|---|---|
| RT_ICON | 0x0000a0ec | 0x00000ea8 | LANG_ENGLISH | SUBLANG_ENGLISH_US | None |
| RT_GROUP_ICON | 0x0000af94 | 0x00000014 | LANG_ENGLISH | SUBLANG_ENGLISH_US | None |
| RT_MANIFEST | 0x0000afa8 | 0x0000015a | LANG_ENGLISH | SUBLANG_ENGLISH_US | None |
Imports
Library KERNEL32.DLL:
• 0x406008 GetModuleHandleA
• 0x40600c GetStartupInfoA
• 0x406010 GetCommandLineA
• 0x406014 GetVersionExA
• 0x406018 GetProcAddress
• 0x40601c TerminateProcess
• 0x406020 GetCurrentProcess
• 0x406024 WriteFile
• 0x406028 GetStdHandle
• 0x40602c GetModuleFileNameA
• 0x406030 UnhandledExceptionFilter
• 0x406034 FreeEnvironmentStringsA
• 0x406038 GetEnvironmentStrings
• 0x40603c FreeEnvironmentStringsW
• 0x406040 WideCharToMultiByte
• 0x406044 GetLastError
• 0x406048 GetEnvironmentStringsW
• 0x40604c SetHandleCount
• 0x406050 GetFileType
• 0x406054 HeapDestroy
• 0x406058 HeapCreate
• 0x40605c VirtualFree
• 0x406060 HeapFree
• 0x406064 LoadLibraryA
• 0x406068 GetSystemPowerStatus
• 0x40606c GetOEMCP
• 0x406070 GetCPInfo
• 0x406074 HeapAlloc
• 0x406078 VirtualAlloc
• 0x40607c HeapReAlloc
• 0x406080 RtlUnwind
• 0x406084 InterlockedExchange
• 0x406088 VirtualQuery
• 0x40608c HeapSize
• 0x406090 QueryPerformanceCounter
• 0x406094 GetTickCount
• 0x406098 GetCurrentThreadId
• 0x40609c GetCurrentProcessId
• 0x4060a0 GetSystemTimeAsFileTime
• 0x4060a4 LCMapStringA
• 0x4060a8 MultiByteToWideChar
• 0x4060ac LCMapStringW
• 0x4060b0 GetStringTypeA
• 0x4060b4 GetStringTypeW
• 0x4060b8 GetLocaleInfoA
• 0x4060bc VirtualProtect
• 0x4060c0 GetSystemInfo
• 0x4060c4 GetACP
• 0x4060c8 ExitProcess
Library GDI32.dll:
• 0x406000 TextOutW
Library USER32.dll:
• 0x4060d0 CharLowerW
• 0x4060d4 CreateWindowExW
• 0x4060d8 DefWindowProcW
• 0x4060dc DispatchMessageW
• 0x4060e0 DrawTextW
• 0x4060e4 EndPaint
• 0x4060e8 GetMessageW
• 0x4060ec GetSystemMetrics
• 0x4060f0 GetWindowRect
• 0x4060f4 PostQuitMessage
• 0x4060f8 RegisterClassExW
• 0x4060fc TranslateMessage
• 0x406100 BeginPaint
• 0x406104 BringWindowToTop
L!This program cannot be run in DOS mode.
lOlOlO6
OlOmOlO
OlO3OlOcOlOOlOOlOOlORichlO
`.rdata
@.data
tMAMd5
WWQQQQh
3RRRWiF
cWZ3@#
E4SZ8@
um4VZdh
WY3Hmh0
RQPUVMAMdH
sSY3NM`@
;d5MAMI
QPVSW}
R?WYZ+
5MAMdSY
Q@55MAMd+WZ
UtEhVZU
E06PLMo|EhWZM
D^[_Q;
+#O;u<
YYj`h@t@
f8MZu H<
XPuVVP
;ru,hd+@
;r3_^UV3F95
@<Yv"P
^[]VW39=
t.t$<"u
u_^S39
3Y]_^[5@
@B8\t8"u&
_[UQQSVW39=
3_^[QQ@
SUVW=H`@
SSS+S@PVSSD$4
t#SSUPt$$VSS
_^][YY
;rSVWD$
_^3[Dj
33@hh,@
+SVWEePEEEEd
Y_^[QVC20XC00U
33333]^]
]_^[]UL$
VWumhx@
_^[W|$
tAt2t$
Wj@3Y@
t6SUW
VPVPV5@
@;rD3Ar
@;rM^U
@;vAAy
YYUWVu
DDDDDDDDDDDDDD
W3;u4DP
^_UQQM
MOI;|9 M
3@_^[U
WI <}}
MLD3#um
#Mj _^{
;]r;]u&
]#\D\D
_^[USVWUj
t.;t$$t(4v
EtVMf9MZ
_^[S\$
1VtYt(CH;r
PSWSvSU
PSWSUX
Yu3^_][
=N@uNVEP
E3E35@@
3;t Mu
eWV8x@
VSVWVV|h
u8SS3FVh
?P4YE;t@E
t!SS9]
u5Y9]t
E;tSSu
me}VSW
33M;u#u
Y;t1uSW
EPWu u
u9]t#WY
u5EP3GWh
V~YEn]
3@3UWVu
DDDDDDDDDDDDDD
MQP5p`@
WWWWVSWu
YYE;t2WWVPVSWu
ULSVWj
MQ@Puu
e_^[SVt$
F3w9=@
SNYu+Vj
_^[Vt$
SVEuuPE
SVWVhEP|}D$
3Pj MS
uVV^@[}
;Et39D
EVVhu}uPPEu38
leteiteF
CreaoduleSiztCurll
KEadFig
DireGetM
ShSHELg
adFiteW
terntModn
ClositPrf
Rexecu
trcmdleW`$
tpQuternUEtpOpSendAQetQu
nnecptio
SetOEestW
MternInteetOpRequ
MenReNET.nW
AUeryOEHttpptioenW
nfoWnW
eryIQrnetjEx
3D3g0s0
0f2n2C1k10000
31162?2L0Y0t1100d
10>033
221111
MjMtt?E
3QQVE-UU-|E
SWVuEU
SYMEUUUM
VUM>?E
j MQ5Aj
u>tt+#5AE;
t|\^_[33
]`2EL3UDM
6UIQQUMQQ
E0uttttt
BQE-EjP
EUE[^_
l+J;uJ
WVSdwt
U]VYM?
qeUM.?E
CorExitProcess
mscoree.dll
runtime error
TLOSS error
SING error
DOMAIN error
- This application cannot run using the active version of the Microsoft .NET Runtime
Please contact the application's support team for more information.
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
This application has requested the Runtime to terminate it in an unusual way.
Please contact the application's support team for more information.
- not enough space for environment
- not enough space for arguments
- floating point not loaded
Microsoft Visual C++ Runtime Library
Runtime Error!
Program:
<program name unknown>
GetProcessWindowStation
GetUserObjectInformationA
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
Program:
A buffer overrun has been detected which has corrupted the program's
internal state. The program cannot safely continue execution and must
now be terminated.
Buffer overrun detected!
A security error of unknown cause has been detected which has
corrupted the program's internal state. The program cannot safely
continue execution and must now be terminated.
Unknown security failure detected!
KERNEL32.DLL
GDI32.dll
USER32.dll
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LoadLibraryA
GetSystemPowerStatus
GetOEMCP
GetCPInfo
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
GetACP
ExitProcess
TextOutW
CharLowerW
CreateWindowExW
DefWindowProcW
DispatchMessageW
DrawTextW
EndPaint
GetMessageW
GetSystemMetrics
GetWindowRect
PostQuitMessage
RegisterClassExW
TranslateMessage
BeginPaint
BringWindowToTop
%%%%%%%%%|]O-++%
~810000++++%
zmK??>>~\000--0+-+%
}zoXEDC????>m]100-0---+%
[gYYWWWRRxmEEDC???>_~101-/---+%
*YYYYWRRRW~FCD???>>@~1011-/--+|%
`YYYYWRWMEECDD??>>>000-/-NO%
gZYYWYRRREEDD@??>>_~%
}ZYYYWRWREEXmz%
[ZYYYWgx]r%
)r\1321---3%
p;_11300----%
r1131-0---%
}x^ME@
11123-/-,%
a`ZZWWWRMKE
>r>13322-/-%!!!F`YZWXRMM#
>>>141332/JP%"##6xWWWMR?
%...5WXWM
%6666[R#
7hO%779:M
D]]114220-/P%9:::k
@D@I_843122//P%<<<<U:
6DD@@@|443332/2J%==LLL
.KID@@@8n444433/22%SSSSU
!EI@@@88O4843332,,%TTVVVB
MDD8888H44]]h|%viiii{$
(ljlls
}bpppppycvsssstpq%&vvvvvvvvvvvvvvvuuuut%yevvwvwvw%&%eA%eG%dQ%eA%y&f%y&d%yb'%%%%%%%%%%%%%%%%%%%%%%%%%%%
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PA
t�e�l�i�g�e�
x�t�i�v�.�e�#�
n�.�a�t�o�m�
h�t�x�e�0�/�#�
%�s�h�t�s�a�l�o�
\�%�n�d�a�d�
l�e�d�o�c�o�
s�/�a�d�n�o�f�e�
e�r�U�p�a�p�e�n�
W�s�/�o�p�g�a�
d�o�n�.�t�e�
� � � � � � � � �(�(�(�(�(� � � � � � � � � � � � � � � � � � �H�
� � � � � � � � �h�(�(�(�(� � � � � � � � � � � � � � � � � � �H�
� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � �H�
Y�t�o�z�m�u�q�d�a�
H�a�w�u�q�y�i�q�o�
z�`�s�z�t�{�c�l�e�f�i�u�}�s�|�p�|�
C�:�\�6�4�2�a�b�9�3�8�0�f�4�4�9�2�0�8�4�0�3�1�9�6�2�6�e�7�5�9�c�e�5�4�8�d�b�4�7�c�9�f�6�1�b�1�6�4�a�a�3�7�a�d�6�0�9�7�d�6�8�0�1�d�7�b�
C�:�\�D�8�r�B�e�H�L�Y�.�e�x�e�
C�:�\�2�d�b�9�0�7�9�8�8�5�d�9�2�9�0�b�1�e�f�5�6�1�f�f�7�d�3�4�f�6�7�9�c�5�d�9�b�1�f�8�9�f�6�1�f�2�a�e�3�e�f�8�b�3�6�9�6�b�5�1�0�8�1�0�
C�:�\�b�8�7�3�b�d�4�e�8�f�0�9�8�8�9�6�8�b�5�7�2�4�2�c�5�e�4�2�f�f�2�a�8�b�c�1�3�0�d�9�2�6�4�8�9�1�7�c�5�a�c�1�8�f�a�e�4�e�5�b�f�3�7�2�
C�:�\�J�r�U�2�2�U�U�l�.�e�x�e�
C�:�\�q�_�a�N�Z�b�i�B�.�e�x�e�
C�:�\�f�8�d�5�d�f�7�c�0�7�7�1�d�7�5�e�1�a�5�f�9�6�8�8�2�3�0�f�1�b�d�c�0�7�8�2�8�c�2�7�a�d�d�3�8�4�d�d�a�0�9�4�a�c�3�b�8�6�6�6�3�3�5�d�
C�:�\�k�5�T�7�M�1�P�o�.�e�x�e�
C�:�\�u�F�6�s�A�B�4�K�.�e�x�e�
C�:�\�F�T�L�Q�y�o�o�B�.�e�x�e�
C�:�\�1�4�e�8�e�4�0�4�5�a�a�d�1�6�7�f�b�b�8�5�1�d�a�5�d�1�6�7�6�b�6�e�7�3�9�9�b�6�c�f�8�e�1�f�2�f�3�0�4�e�d�0�6�7�6�5�7�5�f�f�b�5�4�3�
C�:�\�8�f�e�d�3�d�1�1�d�3�e�9�a�7�9�2�4�4�f�d�3�d�3�2�f�5�a�3�d�b�f�2�4�f�5�5�1�5�5�7�f�b�6�9�6�8�3�c�c�a�3�2�4�3�0�4�a�7�c�6�f�4�d�e�
C�:�\�0�S�u�I�T�B�I�L�.�e�x�e�
C�:�\�0�b�a�8�c�6�4�3�2�4�9�6�3�3�e�9�6�f�8�9�7�e�a�b�8�3�f�2�b�a�9�3�d�2�e�c�a�5�7�9�e�c�f�a�9�3�8�6�b�9�0�4�d�4�1�2�d�7�5�4�b�6�e�f�
C�:�\�a�6�6�8�b�b�c�1�a�a�8�1�0�a�f�0�1�1�5�5�e�c�3�c�0�2�1�0�4�4�4�0�7�4�a�4�b�3�c�b�2�c�b�9�a�f�9�1�c�5�a�2�6�7�9�4�a�f�1�c�9�b�6�5�
C�:�\�W�j�1�k�E�K�k�M�.�e�x�e�
C�:�\�s�r�F�g�C�l�F�N�.�e�x�e�
C�:�\�a�d�e�c�a�1�a�9�3�f�9�9�4�a�d�6�5�4�c�6�3�1�7�1�8�6�2�6�1�d�8�4�6�3�8�4�c�3�9�8�b�8�6�8�e�2�9�7�5�2�c�e�d�5�7�7�e�1�6�a�e�2�4�2�
C�:�\�d�f�2�8�9�d�c�5�0�d�d�2�4�6�1�2�c�6�2�6�d�7�b�9�4�1�1�e�5�4�7�8�0�c�6�f�6�1�e�8�b�c�8�8�f�5�8�7�a�1�b�7�5�8�2�a�c�7�a�d�3�5�d�e�
c�:�\�7�t�p�r�i�c�\�b�r�2�x�0�j�.�e�x�e�
C�:�\�t�i�d�b�c�8�\�a�u�k�h�v�t�.�e�x�e�
C�:�\�c�0�a�4�a�f�d�4�0�5�f�0�9�a�2�4�7�9�1�6�f�d�b�8�1�8�1�1�b�5�1�2�b�5�8�e�a�9�9�2�6�8�e�1�8�6�7�0�f�d�0�f�6�3�5�5�7�0�3�e�1�f�d�1�
C�:�\�1�0�0�3�d�4�d�6�c�0�c�0�3�7�c�f�8�7�8�b�f�3�9�2�c�7�b�c�8�7�d�b�f�9�2�9�9�c�2�d�a�3�d�2�a�6�7�1�a�d�7�d�b�3�c�4�4�d�6�7�8�1�9�d�
C�:�\�3�a�e�2�2�1�9�6�1�a�6�8�c�6�d�2�8�d�6�7�c�1�b�e�3�5�a�5�c�f�f�9�4�5�4�c�a�8�0�d�1�c�4�7�b�1�3�d�b�5�6�d�0�0�4�7�a�5�c�6�2�d�5�b�
C�:�\�N�j�q�o�Q�x�0�u�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�i�m�p�o�r�t�a�n�t�_�d�o�c�u�m�e�n�t�.�e�x�e�
C�:�\�l�T�U�0�X�N�e�j�.�e�x�e�
C�:�\�9�5�7�7�9�0�e�4�8�f�6�b�9�0�4�d�f�e�4�b�7�2�d�b�2�9�0�9�3�3�4�1�b�6�f�0�c�0�0�7�9�9�d�4�6�0�1�3�6�7�9�b�7�6�3�c�b�1�f�1�d�1�6�b�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�i�m�p�o�r�t�a�n�t�_�d�o�c�u�m�e�n�t�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�i�m�p�o�r�t�a�n�t�_�d�o�c�u�m�e�n�t�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�s�a�m�p�l�e�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�f�a�c�t�u�r�a�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�i�n�v�o�i�c�e�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�i�n�v�o�i�c�e�.�e�x�e�
C�:�\�8�f�d�e�c�1�9�7�5�e�6�f�2�d�0�2�e�5�b�f�f�4�e�7�8�3�a�1�d�e�9�6�3�5�c�0�3�a�b�d�c�6�0�f�c�7�2�c�2�4�a�3�d�6�3�6�2�3�7�f�c�c�0�a�
C�:�\�k�i�k�Q�c�Q�s�U�.�e�x�e�
C�:�\�9�3�5�7�9�6�e�5�8�6�a�0�6�8�9�8�9�8�5�4�f�d�9�e�f�7�8�0�5�c�9�d�6�c�e�d�9�b�a�d�d�7�0�5�3�4�4�b�d�8�9�6�2�d�1�5�2�d�9�c�4�f�e�1�
C�:�\�k�D�L�Q�S�J�y�e�.�e�x�e�
Hosts
| IP |
|---|
| 114.114.114.114 |
| 8.8.8.8 |
DNS
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| dns.msftncsi.com | A 131.107.255.255 | 131.107.255.255 |
| dns.msftncsi.com | 131.107.255.255 |
TCP
No TCP connections recorded.
UDP
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 53179 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 49642 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 61714 | 114.114.114.114 | 53 |
| 192.168.56.101 | 61714 | 8.8.8.8 | 53 |
| 192.168.56.101 | 56933 | 8.8.8.8 | 53 |
| 192.168.56.101 | 138 | 192.168.56.255 | 138 |
| 192.168.56.101 | 58485 | 114.114.114.114 | 53 |
| 192.168.56.101 | 58485 | 8.8.8.8 | 53 |
HTTP & HTTPS Requests
No HTTP requests performed.
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts
Sorry! No dropped files.
Sorry! No dropped buffers.