6.6
高危
51 个模型检测该样本为恶意!
重新分析
更多

37c2608ad09b3f6d0cd33476b8f6bf6fefd1a0f2408657072da80a0454da7e6f

c7089c992c256d32b1a788446baae7ed.exe

分析耗时

106s

最近分析

文件大小

1.0MB
静态报毒 动态报毒 AGEN AI SCORE=89 AIDETECTVM ALW@AYHHX9II ATTRIBUTE BLUTEAL CLOUD COBRA CONFIDENCE DELF EKLE EMVD FAREIT GDSDA GENERICKD GENKRYPTIK HIGH CONFIDENCE HIGHCONFIDENCE HQWNZT IGENERIC KGFZ MALWARE2 R057C0DH320 REMCOS RESCOMS SCORE SUSGEN SWAQ UNCLASSIFIEDMALWARE@0 UNSAFE WACATAC ZELPHIF 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
Alibaba Trojan:Win32/Bluteal.7792d0cb 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast Win32:Malware-gen 20200820 18.4.3895.0
Kingsoft 20200820 2013.8.14.323
McAfee Fareit-FVP!C7089C992C25 20200820 6.0.6.653
Tencent Win32.Trojan.Delf.Swaq 20200820 1.0.0.1
CrowdStrike win/malicious_confidence_60% (W) 20190702 1.0
静态指标
The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 个事件)
section .itext
The executable uses a known packer (1 个事件)
packer BobSoft Mini Delphi -> BoB / BobSoft
One or more processes crashed (1 个事件)
Time & API Arguments Status Return Repeated
1619924128.464125
__exception__
stacktrace: 
0x35407f0
DriverCallback+0x4e waveOutOpen-0xa2e winmm+0x3af0 @ 0x74693af0
timeEndPeriod+0x54a timeKillEvent-0x57 winmm+0xa535 @ 0x7469a535
timeEndPeriod+0x449 timeKillEvent-0x158 winmm+0xa434 @ 0x7469a434
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 60292124
registers.edi: 60292168
registers.eax: 0
registers.ebp: 60292720
registers.edx: 0
registers.ebx: 9044925
registers.esi: 0
registers.ecx: 9044424
exception.instruction_r: 8b 40 3c 99 03 04 24 13 54 24 04 83 c4 08 89 44
exception.instruction: mov eax, dword ptr [eax + 0x3c]
exception.exception_code: 0xc0000005
exception.symbol:
exception.address: 0x352d31e
success 0 0
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1619924062.074125
NtAllocateVirtualMemory
process_identifier: 1912
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00610000
success 0 0
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1619924104.777125
GetAdaptersAddresses
flags: 0
family: 0
failed 111 0
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
Disables proxy possibly for traffic interception (1 个事件)
Time & API Arguments Status Return Repeated
1619924104.542125
RegSetValueExA
key_handle: 0x000002f4
value: 0
regkey_r: ProxyEnable
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
success 0 0
Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)
Time & API Arguments Status Return Repeated
1619924107.324125
RegSetValueExA
key_handle: 0x000003e0
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1619924107.339125
RegSetValueExA
key_handle: 0x000003e0
value: K¼ ?×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1619924107.339125
RegSetValueExA
key_handle: 0x000003e0
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1619924107.339125
RegSetValueExW
key_handle: 0x000003e0
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1619924107.339125
RegSetValueExA
key_handle: 0x000003fc
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1619924107.339125
RegSetValueExA
key_handle: 0x000003fc
value: K¼ ?×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1619924107.339125
RegSetValueExA
key_handle: 0x000003fc
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
1619924107.371125
RegSetValueExW
key_handle: 0x000003dc
value: {40112ABE-63B3-43C3-BE93-1440EE3AF106}
regkey_r: WpadLastNetwork
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
success 0 0
Network activity contains more than one unique useragent (2 个事件)
process c7089c992c256d32b1a788446baae7ed.exe useragent Internal
process c7089c992c256d32b1a788446baae7ed.exe useragent m
File has been identified by 51 AntiVirus engines on VirusTotal as malicious (50 out of 51 个事件)
Bkav W32.AIDetectVM.malware2
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.43573486
FireEye Trojan.GenericKD.43573486
CAT-QuickHeal Trojan.IGENERIC
ALYac Trojan.GenericKD.43573486
Cylance Unsafe
Zillya Trojan.Injector.Win32.757307
K7AntiVirus Trojan ( 0056bad21 )
Alibaba Trojan:Win32/Bluteal.7792d0cb
K7GW Trojan ( 0056bad21 )
Symantec ML.Attribute.HighConfidence
APEX Malicious
Avast Win32:Malware-gen
GData Trojan.GenericKD.43573486
Kaspersky HEUR:Trojan.Win32.Delf.gen
BitDefender Trojan.GenericKD.43573486
NANO-Antivirus Trojan.Win32.Delf.hqwnzt
Paloalto generic.ml
AegisLab Trojan.Win32.Generic.4!c
Rising Backdoor.Rescoms!8.B8A4 (CLOUD)
Ad-Aware Trojan.GenericKD.43573486
Comodo .UnclassifiedMalware@0
F-Secure Heuristic.HEUR/AGEN.1134473
VIPRE Trojan.Win32.Generic.pak!cobra
TrendMicro TROJ_GEN.R057C0DH320
Sophos Mal/Generic-S
Cyren W32/Trojan.KGFZ-7464
Jiangmin Trojan.Delf.bia
Avira HEUR/AGEN.1134473
MAX malware (ai score=89)
Antiy-AVL Trojan/Win32.Wacatac
Arcabit Trojan.Generic.D298E0EE
ViRobot Trojan.Win32.Z.Injector.1063936.V
ZoneAlarm HEUR:Trojan.Win32.Delf.gen
Microsoft Trojan:Win32/Bluteal!rfn
Cynet Malicious (score: 85)
McAfee Fareit-FVP!C7089C992C25
VBA32 Trojan.Delf
Malwarebytes Backdoor.Remcos
ESET-NOD32 a variant of Win32/Injector.EMVD
TrendMicro-HouseCall TROJ_GEN.R057C0DH320
Tencent Win32.Trojan.Delf.Swaq
Ikarus Trojan.Win32.Injector
MaxSecure Trojan.Malware.104546089.susgen
Fortinet W32/GenKryptik.EKLE!tr
BitDefenderTheta Gen:NN.ZelphiF.34186.aLW@ayhhX9ii
AVG Win32:Malware-gen
Panda Trj/GdSda.A
CrowdStrike win/malicious_confidence_60% (W)
Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (3 个事件)
dead_host 172.217.24.14:443
dead_host 172.217.160.110:443
dead_host 69.63.176.59:443
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

1992-06-20 06:22:17

Imports

Library oleaut32.dll:
0x48e778 SysFreeString
0x48e77c SysReAllocStringLen
0x48e780 SysAllocStringLen
Library advapi32.dll:
0x48e788 RegQueryValueExA
0x48e78c RegOpenKeyExA
0x48e790 RegCloseKey
Library user32.dll:
0x48e798 GetKeyboardType
0x48e79c DestroyWindow
0x48e7a0 LoadStringA
0x48e7a4 MessageBoxA
0x48e7a8 CharNextA
Library kernel32.dll:
0x48e7b0 GetACP
0x48e7b4 Sleep
0x48e7b8 VirtualFree
0x48e7bc VirtualAlloc
0x48e7c0 GetTickCount
0x48e7c8 GetCurrentThreadId
0x48e7d4 VirtualQuery
0x48e7d8 WideCharToMultiByte
0x48e7dc MultiByteToWideChar
0x48e7e0 lstrlenA
0x48e7e4 lstrcpynA
0x48e7e8 LoadLibraryExA
0x48e7ec GetThreadLocale
0x48e7f0 GetStartupInfoA
0x48e7f4 GetProcAddress
0x48e7f8 GetModuleHandleA
0x48e7fc GetModuleFileNameA
0x48e800 GetLocaleInfoA
0x48e804 GetLastError
0x48e808 GetCommandLineA
0x48e80c FreeLibrary
0x48e810 FindFirstFileA
0x48e814 FindClose
0x48e818 ExitProcess
0x48e81c CompareStringA
0x48e820 WriteFile
0x48e828 SetFilePointer
0x48e82c SetEndOfFile
0x48e830 RtlUnwind
0x48e834 ReadFile
0x48e838 RaiseException
0x48e83c GetStdHandle
0x48e840 GetFileSize
0x48e844 GetFileType
0x48e848 CreateFileA
0x48e84c CloseHandle
Library kernel32.dll:
0x48e854 TlsSetValue
0x48e858 TlsGetValue
0x48e85c LocalAlloc
0x48e860 GetModuleHandleA
Library user32.dll:
0x48e868 CreateWindowExA
0x48e86c WindowFromPoint
0x48e870 WaitMessage
0x48e874 UpdateWindow
0x48e878 UnregisterClassA
0x48e87c UnhookWindowsHookEx
0x48e880 TranslateMessage
0x48e888 TrackPopupMenu
0x48e890 ShowWindow
0x48e894 ShowScrollBar
0x48e898 ShowOwnedPopups
0x48e89c SetWindowsHookExA
0x48e8a0 SetWindowTextA
0x48e8a4 SetWindowPos
0x48e8a8 SetWindowPlacement
0x48e8ac SetWindowLongW
0x48e8b0 SetWindowLongA
0x48e8b4 SetTimer
0x48e8b8 SetScrollRange
0x48e8bc SetScrollPos
0x48e8c0 SetScrollInfo
0x48e8c4 SetRect
0x48e8c8 SetPropA
0x48e8cc SetParent
0x48e8d0 SetMenuItemInfoA
0x48e8d4 SetMenu
0x48e8d8 SetForegroundWindow
0x48e8dc SetFocus
0x48e8e0 SetCursor
0x48e8e4 SetClassLongA
0x48e8e8 SetCapture
0x48e8ec SetActiveWindow
0x48e8f0 SendMessageW
0x48e8f4 SendMessageA
0x48e8f8 ScrollWindow
0x48e8fc ScreenToClient
0x48e900 RemovePropA
0x48e904 RemoveMenu
0x48e908 ReleaseDC
0x48e90c ReleaseCapture
0x48e918 RegisterClassA
0x48e91c RedrawWindow
0x48e920 PtInRect
0x48e924 PostQuitMessage
0x48e928 PostMessageA
0x48e92c PeekMessageW
0x48e930 PeekMessageA
0x48e934 OffsetRect
0x48e938 OemToCharA
0x48e93c MessageBoxA
0x48e940 MapWindowPoints
0x48e944 MapVirtualKeyA
0x48e948 LoadStringA
0x48e94c LoadKeyboardLayoutA
0x48e950 LoadIconA
0x48e954 LoadCursorA
0x48e958 LoadBitmapA
0x48e95c KillTimer
0x48e960 IsZoomed
0x48e964 IsWindowVisible
0x48e968 IsWindowUnicode
0x48e96c IsWindowEnabled
0x48e970 IsWindow
0x48e974 IsRectEmpty
0x48e978 IsIconic
0x48e97c IsDialogMessageW
0x48e980 IsDialogMessageA
0x48e984 IsChild
0x48e988 InvalidateRect
0x48e98c IntersectRect
0x48e990 InsertMenuItemA
0x48e994 InsertMenuA
0x48e998 InflateRect
0x48e9a0 GetWindowTextA
0x48e9a4 GetWindowRect
0x48e9a8 GetWindowPlacement
0x48e9ac GetWindowLongW
0x48e9b0 GetWindowLongA
0x48e9b4 GetWindowDC
0x48e9b8 GetTopWindow
0x48e9bc GetSystemMetrics
0x48e9c0 GetSystemMenu
0x48e9c4 GetSysColorBrush
0x48e9c8 GetSysColor
0x48e9cc GetSubMenu
0x48e9d0 GetScrollRange
0x48e9d4 GetScrollPos
0x48e9d8 GetScrollInfo
0x48e9dc GetPropA
0x48e9e0 GetParent
0x48e9e4 GetWindow
0x48e9e8 GetMessagePos
0x48e9ec GetMenuStringA
0x48e9f0 GetMenuState
0x48e9f4 GetMenuItemInfoA
0x48e9f8 GetMenuItemID
0x48e9fc GetMenuItemCount
0x48ea00 GetMenu
0x48ea04 GetLastActivePopup
0x48ea08 GetKeyboardState
0x48ea14 GetKeyboardLayout
0x48ea18 GetKeyState
0x48ea1c GetKeyNameTextA
0x48ea20 GetIconInfo
0x48ea24 GetForegroundWindow
0x48ea28 GetFocus
0x48ea2c GetDlgItem
0x48ea30 GetDesktopWindow
0x48ea34 GetDCEx
0x48ea38 GetDC
0x48ea3c GetCursorPos
0x48ea40 GetCursor
0x48ea44 GetClipboardData
0x48ea48 GetClientRect
0x48ea4c GetClassLongA
0x48ea50 GetClassInfoA
0x48ea54 GetCapture
0x48ea58 GetActiveWindow
0x48ea5c FrameRect
0x48ea60 FindWindowA
0x48ea64 FillRect
0x48ea68 EqualRect
0x48ea6c EnumWindows
0x48ea70 EnumThreadWindows
0x48ea74 EnumChildWindows
0x48ea78 EndPaint
0x48ea7c EnableWindow
0x48ea80 EnableScrollBar
0x48ea84 EnableMenuItem
0x48ea88 DrawTextA
0x48ea8c DrawMenuBar
0x48ea90 DrawIconEx
0x48ea94 DrawIcon
0x48ea98 DrawFrameControl
0x48ea9c DrawEdge
0x48eaa0 DispatchMessageW
0x48eaa4 DispatchMessageA
0x48eaa8 DestroyWindow
0x48eaac DestroyMenu
0x48eab0 DestroyIcon
0x48eab4 DestroyCursor
0x48eab8 DeleteMenu
0x48eabc DefWindowProcA
0x48eac0 DefMDIChildProcA
0x48eac4 DefFrameProcA
0x48eac8 CreatePopupMenu
0x48eacc CreateMenu
0x48ead0 CreateIcon
0x48ead4 ClientToScreen
0x48ead8 CheckMenuItem
0x48eadc CallWindowProcA
0x48eae0 CallNextHookEx
0x48eae4 BeginPaint
0x48eae8 CharNextA
0x48eaec CharLowerBuffA
0x48eaf0 CharLowerA
0x48eaf4 CharToOemA
0x48eaf8 AdjustWindowRectEx
Library gdi32.dll:
0x48eb04 UnrealizeObject
0x48eb08 StretchBlt
0x48eb0c SetWindowOrgEx
0x48eb10 SetWinMetaFileBits
0x48eb14 SetViewportOrgEx
0x48eb18 SetTextColor
0x48eb1c SetStretchBltMode
0x48eb20 SetROP2
0x48eb24 SetPixel
0x48eb28 SetEnhMetaFileBits
0x48eb2c SetDIBColorTable
0x48eb30 SetBrushOrgEx
0x48eb34 SetBkMode
0x48eb38 SetBkColor
0x48eb3c SelectPalette
0x48eb40 SelectObject
0x48eb44 SaveDC
0x48eb48 RestoreDC
0x48eb4c Rectangle
0x48eb50 RectVisible
0x48eb54 RealizePalette
0x48eb58 Polyline
0x48eb5c PlayEnhMetaFile
0x48eb60 PatBlt
0x48eb64 MoveToEx
0x48eb68 MaskBlt
0x48eb6c LineTo
0x48eb70 IntersectClipRect
0x48eb74 GetWindowOrgEx
0x48eb78 GetWinMetaFileBits
0x48eb7c GetTextMetricsA
0x48eb88 GetStockObject
0x48eb8c GetRgnBox
0x48eb90 GetPixel
0x48eb94 GetPaletteEntries
0x48eb98 GetObjectA
0x48eb9c GetMapMode
0x48eba8 GetEnhMetaFileBits
0x48ebac GetDeviceCaps
0x48ebb0 GetDIBits
0x48ebb4 GetDIBColorTable
0x48ebb8 GetDCOrgEx
0x48ebc0 GetClipBox
0x48ebc4 GetBrushOrgEx
0x48ebc8 GetBitmapBits
0x48ebcc GdiFlush
0x48ebd0 ExcludeClipRect
0x48ebd4 DeleteObject
0x48ebd8 DeleteEnhMetaFile
0x48ebdc DeleteDC
0x48ebe0 CreateSolidBrush
0x48ebe4 CreatePenIndirect
0x48ebe8 CreatePalette
0x48ebf0 CreateFontIndirectA
0x48ebf4 CreateDIBitmap
0x48ebf8 CreateDIBSection
0x48ebfc CreateCompatibleDC
0x48ec04 CreateBrushIndirect
0x48ec08 CreateBitmap
0x48ec0c CopyEnhMetaFileA
0x48ec10 BitBlt
Library version.dll:
0x48ec18 VerQueryValueA
0x48ec20 GetFileVersionInfoA
Library kernel32.dll:
0x48ec28 lstrcpyA
0x48ec2c WriteFile
0x48ec30 WaitForSingleObject
0x48ec34 VirtualQuery
0x48ec38 VirtualProtect
0x48ec3c VirtualAlloc
0x48ec40 SizeofResource
0x48ec44 SetThreadLocale
0x48ec48 SetFilePointer
0x48ec4c SetEvent
0x48ec50 SetErrorMode
0x48ec54 SetEndOfFile
0x48ec58 ResetEvent
0x48ec5c ReadFile
0x48ec60 MulDiv
0x48ec64 LockResource
0x48ec68 LoadResource
0x48ec6c LoadLibraryA
0x48ec78 GlobalFindAtomA
0x48ec7c GlobalDeleteAtom
0x48ec80 GlobalAddAtomA
0x48ec84 GetVersionExA
0x48ec88 GetVersion
0x48ec8c GetTickCount
0x48ec90 GetThreadLocale
0x48ec94 GetStdHandle
0x48ec98 GetProcAddress
0x48ec9c GetModuleHandleA
0x48eca0 GetModuleFileNameA
0x48eca4 GetLocaleInfoA
0x48eca8 GetLocalTime
0x48ecac GetLastError
0x48ecb0 GetFullPathNameA
0x48ecb4 GetDiskFreeSpaceA
0x48ecb8 GetDateFormatA
0x48ecbc GetCurrentThreadId
0x48ecc0 GetCurrentProcessId
0x48ecc4 GetCPInfo
0x48ecc8 FreeResource
0x48eccc InterlockedExchange
0x48ecd0 FreeLibrary
0x48ecd4 FormatMessageA
0x48ecd8 FindResourceA
0x48ecdc EnumCalendarInfoA
0x48ece8 CreateThread
0x48ecec CreateFileA
0x48ecf0 CreateEventA
0x48ecf4 CompareStringA
0x48ecf8 CloseHandle
Library advapi32.dll:
0x48ed00 RegQueryValueExA
0x48ed04 RegOpenKeyExA
0x48ed08 RegFlushKey
0x48ed0c RegCloseKey
Library kernel32.dll:
0x48ed14 Sleep
Library oleaut32.dll:
0x48ed1c SafeArrayPtrOfIndex
0x48ed20 SafeArrayGetUBound
0x48ed24 SafeArrayGetLBound
0x48ed28 SafeArrayCreate
0x48ed2c VariantChangeType
0x48ed30 VariantCopy
0x48ed34 VariantClear
0x48ed38 VariantInit
Library comctl32.dll:
0x48ed40 _TrackMouseEvent
0x48ed4c ImageList_Write
0x48ed50 ImageList_Read
0x48ed5c ImageList_DragMove
0x48ed60 ImageList_DragLeave
0x48ed64 ImageList_DragEnter
0x48ed68 ImageList_EndDrag
0x48ed6c ImageList_BeginDrag
0x48ed70 ImageList_Remove
0x48ed74 ImageList_DrawEx
0x48ed78 ImageList_Replace
0x48ed7c ImageList_Draw
0x48ed88 ImageList_Add
0x48ed90 ImageList_Destroy
0x48ed94 ImageList_Create
Library comdlg32.dll:
0x48ed9c GetSaveFileNameA
0x48eda0 GetOpenFileNameA
Library UrL:
0x48eda8 InetIsOffline

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 50568 114.114.114.114 53
192.168.56.101 51808 114.114.114.114 53
192.168.56.101 51963 114.114.114.114 53
192.168.56.101 53380 114.114.114.114 53
192.168.56.101 55368 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 60384 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49713 224.0.0.252 5355
192.168.56.101 51378 224.0.0.252 5355
192.168.56.101 53237 224.0.0.252 5355
192.168.56.101 54178 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 57236 224.0.0.252 5355
192.168.56.101 58367 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 62318 224.0.0.252 5355

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.