SmartHawk

2.6

中危

51 个模型检测该样本为恶意！

重新分析

下载样本

0bb30f0e8db80421f1adadad88c4abc42cdabd3b0bf64bab8b1a507eb536b425

be3bd102f6ac2ca6af07e480e32e1ef6.exe

分析耗时

34s

最近分析

文件大小

956.0KB

静态报毒动态报毒 100% 7Q0@AYQGWJAB AFNK AG@8443Z3 AGEN AI SCORE=81 AIDETECT ATTRIBUTE BLACKMOON CERBU CLOUD COINMINER CONFIDENCE ELDORADO ENKDES FLYSTUDIO GENERICRXEQ GENETIC HACKTOOL HACKTOOLX HGIASOOA HIGH CONFIDENCE HIGHCONFIDENCE MALICIOUS PE MALWARE1 MAUVAISE OCCAMY POTENTIALLY UNWANTED SOFTWARE R203236 SAVE SCORE STATIC AI TOOL UNSAFE ZEXAF 更多

未检测暂无鹰眼引擎检测结果

查杀引擎	查杀结果	查杀时间	查杀版本
CrowdStrike	win/malicious_confidence_60% (D)	20210203	1.0
Baidu		20190318	1.0.0.2
Avast	Win32:HacktoolX-gen [Trj]	20210409	21.1.5827.0
Alibaba	HackTool:Win32/FlyStudio.53bc8ce3	20190527	0.3.0.5
Tencent	WG.Win32.Agent.aap	20210408	1.0.0.1
Kingsoft		20210409	2017.9.26.565
McAfee	GenericRXEQ-UM!BE3BD102F6AC	20210409	6.0.6.653

The executable uses a known packer (1 个事件)

packer

Armadillo v1.71

One or more processes crashed (1 个事件)

Time & API	Arguments	Status	Return	Repeated
1620991700.530251 __exception__	stacktrace: cs_strdup+0x670 decodeInstruction-0x969 @ 0x752164da decodeInstruction+0x6d SHA1Reset-0xe54 @ 0x75216eb0 X86_getInstruction+0x104 printSrcIdx8-0x2874 @ 0x75211495 cs_disasm_ex+0x168 cs_free-0x55d @ 0x75210571 disasm+0x68 hook_create_stub-0x8e @ 0x751e4028 log_exception+0x2bd log_action-0x360 @ 0x751e355f New_ntdll_RtlDispatchException@8+0xd7 New_ntdll_RtlRemoveVectoredContinueHandler@4-0x42 @ 0x7520480c KiUserExceptionDispatcher+0xf KiRaiseUserExceptionDispatcher-0x41 ntdll+0x10143 @ 0x77d40143 registers.esp: 1630364 registers.edi: 0 registers.eax: 0 registers.ebp: 1630388 registers.edx: 4294967295 registers.ebx: 0 registers.esi: 4294967295 registers.ecx: 0 exception.instruction_r: 8a 14 02 8b 45 0c 88 10 31 c0 eb 03 83 c8 ff 83 exception.symbol: MCOperand_CreateImm0+0x6e X86_getInstruction-0x52 exception.instruction: mov dl, byte ptr [edx + eax] exception.module: monitor-x86.dll exception.exception_code: 0xc0000005 exception.offset: 201535 exception.address: 0x7521133f	success	0	0

Foreign language identified in PE resource (7 个事件)

name

RT_ICON

language

LANG_CHINESE

offset

0x001153b0

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

offset

0x001153b0

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

offset

0x001153b0

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

offset

0x001153b0

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

offset

0x001153b0

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000468

name

RT_GROUP_ICON

language

LANG_CHINESE

offset

0x00115818

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x0000004c

name

RT_VERSION

language

LANG_CHINESE

offset

0x00115868

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x0000021c

Communicates with host for which no DNS query was performed (1 个事件)

host

172.217.24.14

File has been identified by 51 AntiVirus engines on VirusTotal as malicious (50 out of 51 个事件)

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Cerbu.2246
CAT-QuickHeal	Trojan.Mauvaise.SL1
ALYac	Gen:Variant.Cerbu.2246
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_60% (D)
BitDefender	Gen:Variant.Cerbu.2246
K7GW	Trojan ( 005328801 )
K7AntiVirus	Trojan ( 005328801 )
Cyren	W32/BlackMoon.J.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Packed.BlackMoon.A potentially unwanted
APEX	Malicious
Avast	Win32:HacktoolX-gen [Trj]
ClamAV	Win.Trojan.Agent-7785429-0
Kaspersky	HackTool.Win32.FlyStudio.afnk
Alibaba	HackTool:Win32/FlyStudio.53bc8ce3
NANO-Antivirus	Trojan.Win32.FlyStudio.enkdes
Tencent	WG.Win32.Agent.aap
Ad-Aware	Gen:Variant.Cerbu.2246
Emsisoft	Gen:Variant.Cerbu.2246 (B)
Comodo	Application.Win32.BlackMoon.AG@8443z3
Zillya	Tool.FlyStudio.Win32.1639
McAfee-GW-Edition	BehavesLike.Win32.CoinMiner.dh
FireEye	Generic.mg.be3bd102f6ac2ca6
Sophos	Potentially Unwanted Software (PUA)
SentinelOne	Static AI - Malicious PE
Jiangmin	HackTool.FlyStudio.dqw
Webroot	W32.Malware.Gen
Avira	HEUR/AGEN.1101572
eGambit	Unsafe.AI_Score_100%
MAX	malware (ai score=81)
Microsoft	Trojan:Win32/Occamy.C0B
Gridinsoft	Malware.Win32.Gen.sm!s1
Arcabit	Trojan.Cerbu.D8C6
GData	Gen:Variant.Cerbu.2246
Cynet	Malicious (score: 100)
AhnLab-V3	Unwanted/Win32.HackTool.R203236
McAfee	GenericRXEQ-UM!BE3BD102F6AC
Malwarebytes	RiskWare.BlackMoon
Panda	Trj/Genetic.gen
Rising	Trojan.Injector!1.A1C3 (CLOUD)
Ikarus	Trojan.Win32.HackTool
Fortinet	W32/CoinMiner.WP!tr
BitDefenderTheta	Gen:NN.ZexaF.34670.7q0@ayQgWJab
AVG	Win32:HacktoolX-gen [Trj]
Paloalto	generic.ml

暂无二进制图像该样本未生成二进制可视化图像

暂无运行截图该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手，可以帮您分析和解读恶意软件报告。请随时向我提问！

🔍 主要威胁分析

⚡ 行为特征

🛡️ 防护建议

🔧 技术手段

🎯 检测方法

🤖

Static Analysis
Strings

PE Compile Time

2017-03-30 10:06:33

Imports

Library KERNEL32.dll:

• 0x4cb0d4 GetVersionExA

• 0x4cb0d8 LCMapStringA

• 0x4cb0dc FreeLibrary

• 0x4cb0e0 SetEndOfFile

• 0x4cb0e4 RemoveDirectoryA

• 0x4cb0e8 DeleteFileA

• 0x4cb0ec FindClose

• 0x4cb0f0 FindFirstFileA

• 0x4cb0f4 FindNextFileA

• 0x4cb0f8 FormatMessageA

• 0x4cb0fc GlobalAlloc

• 0x4cb100 GlobalLock

• 0x4cb104 GlobalUnlock

• 0x4cb108 GlobalFree

• 0x4cb10c GetUserDefaultLCID

• 0x4cb110 Sleep

• 0x4cb114 WritePrivateProfileStringA

• 0x4cb118 GetPrivateProfileStringA

• 0x4cb11c GetCurrentDirectoryA

• 0x4cb120 SetFilePointer

• 0x4cb124 WriteFile

• 0x4cb128 SetCurrentDirectoryA

• 0x4cb12c GetCommandLineA

• 0x4cb130 GetFileSize

• 0x4cb134 ReadFile

• 0x4cb138 GetModuleFileNameA

• 0x4cb13c GetTickCount

• 0x4cb140 IsBadReadPtr

• 0x4cb144 HeapFree

• 0x4cb148 HeapReAlloc

• 0x4cb14c HeapAlloc

• 0x4cb150 ExitProcess

• 0x4cb154 GetProcessHeap

• 0x4cb158 VirtualProtect

• 0x4cb15c lstrlenA

• 0x4cb160 ReadProcessMemory

• 0x4cb164 LocalFree

• 0x4cb168 RtlFillMemory

• 0x4cb16c LocalAlloc

• 0x4cb170 Module32Next

• 0x4cb174 GetProcessTimes

• 0x4cb178 GetCurrentProcess

• 0x4cb17c CreateThread

• 0x4cb180 CreateRemoteThread

• 0x4cb184 OpenProcess

• 0x4cb188 QueryDosDeviceA

• 0x4cb18c GetLogicalDriveStringsA

• 0x4cb190 VirtualFree

• 0x4cb194 VirtualAlloc

• 0x4cb198 Module32First

• 0x4cb19c Process32Next

• 0x4cb1a0 Process32First

• 0x4cb1a4 CreateToolhelp32Snapshot

• 0x4cb1a8 CloseHandle

• 0x4cb1ac DeviceIoControl

• 0x4cb1b0 CreateFileA

• 0x4cb1b4 GetShortPathNameA

• 0x4cb1b8 MultiByteToWideChar

• 0x4cb1bc LoadLibraryA

• 0x4cb1c0 lstrcpynA

• 0x4cb1c4 GetTimeFormatA

• 0x4cb1c8 GetDateFormatA

• 0x4cb1cc GetLocalTime

• 0x4cb1d0 SetErrorMode

• 0x4cb1d4 WideCharToMultiByte

• 0x4cb1d8 GetProcAddress

• 0x4cb1dc GetModuleHandleA

• 0x4cb1e0 GetSystemDirectoryA

• 0x4cb1e4 GetWindowsDirectoryA

• 0x4cb1e8 RtlMoveMemory

• 0x4cb1ec lstrcpyn

• 0x4cb1f0 LocalSize

• 0x4cb1f4 InterlockedExchange

• 0x4cb1f8 GetProcessVersion

• 0x4cb1fc GlobalGetAtomNameA

• 0x4cb200 InitializeCriticalSection

• 0x4cb204 DeleteCriticalSection

• 0x4cb208 EnterCriticalSection

• 0x4cb20c LeaveCriticalSection

• 0x4cb210 TerminateThread

• 0x4cb214 GetLastError

• 0x4cb218 TerminateProcess

• 0x4cb21c GetTempPathA

• 0x4cb220 lstrcpyA

• 0x4cb224 SetLastError

• 0x4cb228 lstrcatA

• 0x4cb22c GetVersion

• 0x4cb230 lstrlenW

• 0x4cb234 MulDiv

• 0x4cb238 GetStartupInfoA

• 0x4cb23c InterlockedDecrement

• 0x4cb240 InterlockedIncrement

• 0x4cb244 RtlUnwind

• 0x4cb248 RaiseException

• 0x4cb24c UnhandledExceptionFilter

• 0x4cb250 FreeEnvironmentStringsA

• 0x4cb254 FreeEnvironmentStringsW

• 0x4cb258 GetEnvironmentStrings

• 0x4cb25c GetEnvironmentStringsW

• 0x4cb260 SetHandleCount

• 0x4cb264 GetStdHandle

• 0x4cb268 GetFileType

• 0x4cb26c GetCurrentThreadId

• 0x4cb270 TlsSetValue

• 0x4cb274 TlsAlloc

• 0x4cb278 TlsGetValue

• 0x4cb27c GetEnvironmentVariableA

• 0x4cb280 HeapDestroy

• 0x4cb284 HeapCreate

• 0x4cb288 IsBadWritePtr

• 0x4cb28c LCMapStringW

• 0x4cb290 HeapSize

• 0x4cb294 GetCPInfo

• 0x4cb298 GetACP

• 0x4cb29c GetOEMCP

• 0x4cb2a0 SetUnhandledExceptionFilter

• 0x4cb2a4 GetStringTypeA

• 0x4cb2a8 GetStringTypeW

• 0x4cb2ac IsBadCodePtr

• 0x4cb2b0 SetStdHandle

• 0x4cb2b4 FlushFileBuffers

• 0x4cb2b8 lstrcmpiA

• 0x4cb2bc lstrcmpA

• 0x4cb2c0 GlobalDeleteAtom

• 0x4cb2c4 GlobalHandle

• 0x4cb2c8 GlobalReAlloc

• 0x4cb2cc LocalReAlloc

• 0x4cb2d0 GlobalFlags

• 0x4cb2d4 GlobalFindAtomA

• 0x4cb2d8 GlobalAddAtomA

Library USER32.dll:

• 0x4cb374 TabbedTextOutA

• 0x4cb378 DrawTextA

• 0x4cb37c GrayStringA

• 0x4cb380 UnhookWindowsHookEx

• 0x4cb384 GetDlgCtrlID

• 0x4cb388 SetWindowTextA

• 0x4cb38c GetMenuItemCount

• 0x4cb390 SetFocus

• 0x4cb394 GetWindowPlacement

• 0x4cb398 IsIconic

• 0x4cb39c GetMessagePos

• 0x4cb3a0 GetMessageTime

• 0x4cb3a4 DefWindowProcA

• 0x4cb3a8 RemovePropA

• 0x4cb3ac GetPropA

• 0x4cb3b0 SetPropA

• 0x4cb3b4 GetClassLongA

• 0x4cb3b8 GetMenuItemID

• 0x4cb3bc GetSubMenu

• 0x4cb3c0 GetMenu

• 0x4cb3c4 RegisterClassA

• 0x4cb3c8 GetClassInfoA

• 0x4cb3cc WinHelpA

• 0x4cb3d0 GetCapture

• 0x4cb3d4 GetTopWindow

• 0x4cb3d8 CopyRect

• 0x4cb3dc GetClientRect

• 0x4cb3e0 AdjustWindowRectEx

• 0x4cb3e4 MapWindowPoints

• 0x4cb3e8 LoadIconA

• 0x4cb3ec LoadCursorA

• 0x4cb3f0 GetSysColorBrush

• 0x4cb3f4 LoadStringA

• 0x4cb3f8 DestroyMenu

• 0x4cb3fc DestroyWindow

• 0x4cb400 SetWindowRgn

• 0x4cb404 wsprintfA

• 0x4cb408 GetSystemMetrics

• 0x4cb40c EqualRect

• 0x4cb410 IntersectRect

• 0x4cb414 CreateWindowExA

• 0x4cb418 GetWindowTextLengthA

• 0x4cb41c GetClassInfoExA

• 0x4cb420 MoveWindow

• 0x4cb424 BeginPaint

• 0x4cb428 EndPaint

• 0x4cb42c InvalidateRect

• 0x4cb430 TrackMouseEvent

• 0x4cb434 FillRect

• 0x4cb438 CallWindowProcA

• 0x4cb43c GetWindowLongA

• 0x4cb440 SetTimer

• 0x4cb444 SetWindowLongA

• 0x4cb448 ClientToScreen

• 0x4cb44c GetMenuCheckMarkDimensions

• 0x4cb450 EnableWindow

• 0x4cb454 SendMessageTimeoutA

• 0x4cb458 wvsprintfA

• 0x4cb45c RegisterWindowMessageA

• 0x4cb460 PostMessageA

• 0x4cb464 GetMenuState

• 0x4cb468 ModifyMenuA

• 0x4cb46c SetMenuItemBitmaps

• 0x4cb470 CheckMenuItem

• 0x4cb474 EnableMenuItem

• 0x4cb478 GetFocus

• 0x4cb47c GetNextDlgTabItem

• 0x4cb480 GetKeyState

• 0x4cb484 CallNextHookEx

• 0x4cb488 SetWindowsHookExA

• 0x4cb48c GetLastActivePopup

• 0x4cb490 PostQuitMessage

• 0x4cb494 ScreenToClient

• 0x4cb498 LoadBitmapA

• 0x4cb49c GetSysColor

• 0x4cb4a0 SetForegroundWindow

• 0x4cb4a4 GetForegroundWindow

• 0x4cb4a8 IsWindowEnabled

• 0x4cb4ac GetParent

• 0x4cb4b0 PtInRect

• 0x4cb4b4 GetDlgItem

• 0x4cb4b8 SystemParametersInfoA

• 0x4cb4bc GetDC

• 0x4cb4c0 ReleaseDC

• 0x4cb4c4 SendMessageA

• 0x4cb4c8 EnumDisplaySettingsA

• 0x4cb4cc ChangeDisplaySettingsA

• 0x4cb4d0 GetWindowRect

• 0x4cb4d4 ReleaseCapture

• 0x4cb4d8 SetCapture

• 0x4cb4dc RegisterHotKey

• 0x4cb4e0 UnregisterHotKey

• 0x4cb4e4 GetWindowThreadProcessId

• 0x4cb4e8 GetClassNameA

• 0x4cb4ec MessageBoxA

• 0x4cb4f0 SetWindowPos

• 0x4cb4f4 MessageBeep

• 0x4cb4f8 GetDesktopWindow

• 0x4cb4fc GetWindow

• 0x4cb500 IsWindowVisible

• 0x4cb504 GetWindowTextA

• 0x4cb508 PeekMessageA

• 0x4cb50c GetMessageA

• 0x4cb510 TranslateMessage

• 0x4cb514 DispatchMessageA

• 0x4cb518 GetClipboardData

• 0x4cb51c OpenClipboard

• 0x4cb520 EmptyClipboard

• 0x4cb524 SetClipboardData

• 0x4cb528 CloseClipboard

• 0x4cb52c GetCursorPos

Library WS2_32.dll:

• 0x4cb554 select

• 0x4cb558 getpeername

• 0x4cb55c ntohs

• 0x4cb560 connect

• 0x4cb564 htonl

• 0x4cb568 gethostbyname

• 0x4cb56c inet_addr

• 0x4cb570 WSACleanup

• 0x4cb574 WSAStartup

• 0x4cb578 listen

• 0x4cb57c closesocket

• 0x4cb580 bind

• 0x4cb584 htons

• 0x4cb588 socket

• 0x4cb58c accept

• 0x4cb590 __WSAFDIsSet

• 0x4cb594 inet_ntoa

• 0x4cb598 recv

• 0x4cb59c recvfrom

• 0x4cb5a0 send

• 0x4cb5a4 sendto

• 0x4cb5a8 gethostname

• 0x4cb5ac getsockname

Library iphlpapi.dll:

• 0x4cb5c4 GetAdaptersInfo

Library SHLWAPI.dll:

• 0x4cb36c PathFileExistsA

Library VERSION.dll:

• 0x4cb534 GetFileVersionInfoA

• 0x4cb538 VerQueryValueA

• 0x4cb53c GetFileVersionInfoSizeA

Library GDI32.dll:

• 0x4cb048 SetMapMode

• 0x4cb04c SetTextColor

• 0x4cb050 GetStockObject

• 0x4cb054 CreateFontA

• 0x4cb058 CombineRgn

• 0x4cb05c GetPixel

• 0x4cb060 CreateRectRgn

• 0x4cb064 CreateDIBitmap

• 0x4cb068 TextOutA

• 0x4cb06c SetBkColor

• 0x4cb070 ScaleViewportExtEx

• 0x4cb074 CreatePatternBrush

• 0x4cb078 StretchBlt

• 0x4cb07c CreateSolidBrush

• 0x4cb080 DeleteDC

• 0x4cb084 BitBlt

• 0x4cb088 SelectObject

• 0x4cb08c GetClipBox

• 0x4cb090 ScaleWindowExtEx

• 0x4cb094 SetWindowExtEx

• 0x4cb098 GetObjectA

• 0x4cb09c RestoreDC

• 0x4cb0a0 SaveDC

• 0x4cb0a4 CreateBitmap

• 0x4cb0a8 TranslateCharsetInfo

• 0x4cb0ac SetViewportExtEx

• 0x4cb0b0 OffsetViewportOrgEx

• 0x4cb0b4 DeleteObject

• 0x4cb0b8 GetDeviceCaps

• 0x4cb0bc SetViewportOrgEx

• 0x4cb0c0 Escape

• 0x4cb0c4 ExtTextOutA

• 0x4cb0c8 RectVisible

• 0x4cb0cc PtVisible

Library ADVAPI32.dll:

• 0x4cb000 RegCloseKey

• 0x4cb004 RegQueryValueExA

• 0x4cb008 RegOpenKeyA

Library SHELL32.dll:

• 0x4cb350 ShellExecuteA

• 0x4cb354 SHGetSpecialFolderPathA

• 0x4cb358 SHCreateDirectoryExA

• 0x4cb35c DragQueryFileA

• 0x4cb360 DragAcceptFiles

• 0x4cb364 DragFinish

Library ole32.dll:

• 0x4cb5cc CLSIDFromString

• 0x4cb5d0 OleRun

• 0x4cb5d4 CoUninitialize

• 0x4cb5d8 CoInitialize

• 0x4cb5dc CoCreateInstance

• 0x4cb5e0 CLSIDFromProgID

Library OLEAUT32.dll:

• 0x4cb2e8 VarR8FromCy

• 0x4cb2ec VarR8FromBool

• 0x4cb2f0 LoadTypeLib

• 0x4cb2f4 LHashValOfNameSys

• 0x4cb2f8 VariantTimeToSystemTime

• 0x4cb2fc SafeArrayGetElemsize

• 0x4cb300 SafeArrayUnaccessData

• 0x4cb304 SafeArrayAccessData

• 0x4cb308 SafeArrayGetUBound

• 0x4cb30c SafeArrayGetLBound

• 0x4cb310 SafeArrayGetDim

• 0x4cb314 VariantClear

• 0x4cb318 SysAllocString

• 0x4cb31c VariantCopy

• 0x4cb320 SafeArrayDestroy

• 0x4cb324 SafeArrayAllocData

• 0x4cb328 SafeArrayAllocDescriptor

• 0x4cb32c VariantInit

• 0x4cb330 VariantChangeType

• 0x4cb334 RegisterTypeLib

• 0x4cb338 SafeArrayCreate

• 0x4cb33c SysFreeString

Library PSAPI.DLL:

• 0x4cb344 GetProcessMemoryInfo

• 0x4cb348 GetProcessImageFileNameA

Library MSIMG32.dll:

• 0x4cb2e0 TransparentBlt

Library ATL.DLL:

• 0x4cb010

• 0x4cb014

Library icmp.dll:

• 0x4cb5b4 IcmpSendEcho

• 0x4cb5b8 IcmpCreateFile

• 0x4cb5bc IcmpCloseHandle

Library WINSPOOL.DRV:

• 0x4cb544 DocumentPropertiesA

• 0x4cb548 OpenPrinterA

• 0x4cb54c ClosePrinter

Library COMCTL32.dll:

• 0x4cb01c ImageList_Add

• 0x4cb020 ImageList_Create

• 0x4cb024 ImageList_Destroy

• 0x4cb028 ImageList_DragEnter

• 0x4cb02c ImageList_DragLeave

• 0x4cb030 ImageList_DragMove

• 0x4cb034 ImageList_DragShowNolock

• 0x4cb038 ImageList_EndDrag

• 0x4cb03c

• 0x4cb040 ImageList_BeginDrag

Hosts

No hosts contacted.

DNS

Name	Response	Post-Analysis Lookup
time.windows.com	A 20.189.79.72 CNAME time.microsoft.akadns.net
dns.msftncsi.com	AAAA fd3e:4f5a:5b81::1	131.107.255.255
dns.msftncsi.com	A 131.107.255.255	131.107.255.255
teredo.ipv6.microsoft.com

TCP

No TCP connections recorded.

UDP

Source	Source Port	Destination	Destination Port
192.168.56.101	49235	114.114.114.114	53
192.168.56.101	51808	114.114.114.114	53
192.168.56.101	55368	114.114.114.114	53
192.168.56.101	56539	114.114.114.114	53
192.168.56.101	63429	114.114.114.114	53
192.168.56.101	65004	114.114.114.114	53
192.168.56.101	137	192.168.56.255	137
192.168.56.101	138	192.168.56.255	138
192.168.56.101	123	20.189.79.72 time.windows.com	123
192.168.56.101	51963	224.0.0.252	5355
192.168.56.101	56804	224.0.0.252	5355
192.168.56.101	58367	224.0.0.252	5355
192.168.56.101	62191	224.0.0.252	5355
192.168.56.101	1900	239.255.255.250	1900
192.168.56.101	51809	239.255.255.250	3702
192.168.56.101	56540	239.255.255.250	3702
192.168.56.101	56807	239.255.255.250	1900
192.168.56.101	58707	239.255.255.250	3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.

Sorry! No dropped buffers.