0.9
低危
DACN
0.12
FACILE
1.00
IMCLNet
0.65
MFGraph
0.00
反病毒引擎
| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| Alibaba | None | 20190527 | 0.3.0.5 |
| Avast | Win32:Crypt-PWU [Trj] | 20200422 | 18.4.3895.0 |
| Baidu | None | 20190318 | 1.0.0.2 |
| CrowdStrike | win/malicious_confidence_100% (D) | 20190702 | 1.0 |
| Kingsoft | None | 20200422 | 2013.8.14.323 |
| McAfee | Downloader-FRR | 20200422 | 6.0.6.653 |
| Tencent | Malware.Win32.Gencirc.10b9ccfd | 20200422 | 1.0.0.1 |
静态指标
动态指标
网络通信
与未执行 DNS 查询的主机进行通信
(1 个事件)
| host | 114.114.114.114 | |||
文件已被 VirusTotal 上 64 个反病毒引擎识别为恶意
(50 out of 64 个事件)
| ALYac | Trojan.Downloader.JQAT |
| APEX | Malicious |
| AVG | Win32:Crypt-PWU [Trj] |
| Acronis | suspicious |
| Ad-Aware | Trojan.Downloader.JQAT |
| AhnLab-V3 | Win-Trojan/Downloader.31232.FO |
| Antiy-AVL | Trojan/Win32.Agentb |
| Arcabit | Trojan.Downloader.JQAT |
| Avast | Win32:Crypt-PWU [Trj] |
| Avira | TR/Dldr.Upatre.A.92 |
| BitDefender | Trojan.Downloader.JQAT |
| BitDefenderTheta | Gen:NN.ZexaF.34106.cmX@a4kz2dgi |
| Bkav | W32.AIDetectVM.malware |
| CAT-QuickHeal | TrojanDownloader.Upatre.A3 |
| CMC | Trojan.Win32.Agentb!O |
| ClamAV | Win.Trojan.Agent-36977 |
| Comodo | TrojWare.Win32.TrojanDownloader.Small.PRL@52ev9y |
| CrowdStrike | win/malicious_confidence_100% (D) |
| Cybereason | malicious.97b3ef |
| Cylance | Unsafe |
| Cyren | W32/Trojan.WUGR-5058 |
| DrWeb | Trojan.DownLoad3.28161 |
| ESET-NOD32 | Win32/TrojanDownloader.Small.PRL |
| Emsisoft | Trojan.Downloader.JQAT (B) |
| Endgame | malicious (high confidence) |
| F-Prot | W32/Trojan3.FXG |
| F-Secure | Trojan.TR/Dldr.Upatre.A.92 |
| FireEye | Generic.mg.cd980d397b3ef1ce |
| Fortinet | W32/Dloader.PRL!tr |
| GData | Trojan.Downloader.JQAT |
| Ikarus | Trojan.Crypt2 |
| Invincea | heuristic |
| Jiangmin | Trojan/Agentb.adv |
| K7AntiVirus | Trojan ( 00456a071 ) |
| K7GW | Trojan-Downloader ( 00456a071 ) |
| Kaspersky | Trojan.Win32.Agentb.acot |
| MAX | malware (ai score=89) |
| Malwarebytes | Trojan.Agent.FA |
| MaxSecure | Trojan.Upatre.Gen |
| McAfee | Downloader-FRR |
| McAfee-GW-Edition | BehavesLike.Win32.Downloader.nt |
| MicroWorld-eScan | Trojan.Downloader.JQAT |
| Microsoft | TrojanDownloader:Win32/Upatre.A |
| NANO-Antivirus | Trojan.Win32.Agent.dwuwrq |
| Panda | Generic Malware |
| Qihoo-360 | HEUR/QVM20.1.BAF7.Malware.Gen |
| Rising | Downloader.Small!8.B41 (TFE:dGZlOgK8h+cbJhDiZg) |
| SUPERAntiSpyware | Trojan.Agent/Gen-Downloader |
| Sangfor | Malware |
| SentinelOne | DFI - Malicious PE |
二进制图像
288x288
224x224
192x192
160x160
128x128
96x96
64x64
32x32
运行截图
暂无运行截图
该样本运行过程中未生成截图
PE Compile Time
2013-08-30 20:41:40
PE Imphash
32ea2988a92c31a9efd5b936dc243a44
Sections
| Name | Virtual Address | Virtual Size | Size of Raw Data | Entropy |
|---|---|---|---|---|
| .text | 0x00001000 | 0x00002000 | 0x00002000 | 3.4956792705659034 |
| .data | 0x00003000 | 0x00c01000 | 0x00001200 | 3.5759198609514944 |
| .rsrc | 0x00c04000 | 0x00004378 | 0x00004400 | 4.671504359615681 |
Resources
| Name | Offset | Size | Language | Sub-language | File type |
|---|---|---|---|---|---|
| RT_ICON | 0x00c040f0 | 0x00004228 | LANG_ENGLISH | SUBLANG_ENGLISH_US | None |
| RT_STRING | 0x00c08330 | 0x00000046 | LANG_ENGLISH | SUBLANG_ENGLISH_US | None |
| RT_GROUP_ICON | 0x00c08318 | 0x00000014 | LANG_ENGLISH | SUBLANG_ENGLISH_US | None |
Imports
Library Cabinet.dll:
• 0x351000 None
Library mscms.dll:
• 0x351018 GetColorDirectoryW
L!This program cannot be run in DOS mode.
CCCJiDCFXzUBXz`BXzgBRichC
`.data
GetProcAddress
LoadLibraryA
VirtualAlloc
RtlDecompressBuffer
VirtualProtect
GetLogicalDriveStringsA
WIM3SM
+t};}w
SVWPd0
]mz[EPPj
@BMuEM
EPj@sPVU
s?!EG<
EE(9Er
+C4Eto
Cabinet.dll
GetColorDirectoryW
mscms.dll
ExitProcess
GetModuleHandleW
GetLastError
KERNEL32.dll
A}Mm@j
u?*~$:
)dj7ZM
[C :'~-
}\N6ew
!)yDr1bMN
!gUOy 1T
sr;'ON
ejyv
B
yrKb# Nx6W/
Dc
!
h^^-uH
(y`rqjRL
i(2 x[T5D
vxKd)-
* fU
J).+:6
s\xfsb
2*GRQt
x[m0cR
jgi514
EBD# "0-0ece($'A>A0-0~|~!
URTLIK
VSU0-0LIK625
(%'oln
=:<ROR\Y\625
;8:VSUVSU
Yf2Bz
# "IEHDACZWY625
$,<JGJ}{}mkmNKMwuv
*&)625403\Y[
!WTVSPR
/zwyZWYKHJywx0,/
2/1625%!$
"%6514)&([X[625
[X[625
yvxusuzxz]Z\GCF
'7BP|.>
!5EYefq]j
(GUu6F
DRq{?N
"3CZfmx 1
!2!2Xd
0DRgr
DVVddddddddddddddccccccbbbbbbbbbbbbbbbbaaEG598<YZaaaa``````````
!!!!
##kkyy
++kkyy
""""""""""
B�l�a�c�k� �R�o�s�e� �I�m�m�o�r�t�a�l�
Z�:�\�2�1�3�9�0�0�4�\�f�9�a�3�7�4�0�4�f�1�1�5�0�c�4�8�a�e�c�2�3�8�b�a�c�4�4�9�7�7�f�c�.�m�d�5�.�e�x�e�
C�:�\�f�t�X�k�p�2�W�S�.�e�x�e�
C�:�\�j�7�V�0�U�F�W�h�.�e�x�e�
C�:�\�v�P�p�S�d�J�l�1�.�e�x�e�
C�:�\�E�Q�Q�P�U�b�V�r�.�e�x�e�
C�:�\�K�k�W�c�H�9�A�R�.�e�x�e�
C�:�\�D�b�2�7�v�3�w�H�.�e�x�e�
C�:�\�T�b�j�T�W�w�i�R�.�e�x�e�
C�:�\�G�L�n�0�L�C�a�D�.�e�x�e�
C�:�\�0�P�9�L�i�J�L�O�.�e�x�e�
C�:�\�y�V�8�x�7�Q�H�T�.�e�x�e�
C�:�\�S�I�M�8�d�O�R�1�.�e�x�e�
C�:�\�o�i�d�T�X�L�b�b�.�e�x�e�
C�:�\�q�_�Z�v�k�_�A�d�.�e�x�e�
C�:�\�t�5�5�H�P�1�N�f�.�e�x�e�
C�:�\�v�B�z�2�X�Q�N�e�.�e�x�e�
C�:�\�D�a�z�k�F�r�G�w�.�e�x�e�
C�:�\�B�H�S�5�Q�c�d�X�.�e�x�e�
C�:�\�C�N�T�U�q�h�U�o�.�e�x�e�
C�:�\�k�K�s�5�d�i�T�I�.�e�x�e�
C�:�\�T�a�_�Z�8�e�l�D�.�e�x�e�
C�:�\�R�e�H�n�S�M�e�s�.�e�x�e�
C�:�\�Z�O�S�Z�o�E�S�y�.�e�x�e�
C�:�\�_�1�I�5�y�k�o�5�.�e�x�e�
C�:�\�h�d�x�L�P�Q�t�Q�.�e�x�e�
C�:�\�G�H�v�G�M�G�b�C�.�e�x�e�
C�:�\�m�b�U�2�Q�H�1�X�.�e�x�e�
C�:�\�g�f�v�7�2�m�Y�I�.�e�x�e�
C�:�\�V�9�R�G�h�8�x�P�.�e�x�e�
C�:�\�I�M�W�M�5�W�w�p�.�e�x�e�
C�:�\�A�2�u�V�5�8�p�3�.�e�x�e�
C�:�\�q�Y�u�w�v�t�z�K�.�e�x�e�
C�:�\�Z�h�3�W�T�B�2�N�.�e�x�e�
C�:�\�5�V�Q�E�m�5�2�C�.�e�x�e�
C�:�\�S�a�b�R�0�x�P�e�.�e�x�e�
C�:�\�Y�R�h�N�j�n�Q�e�.�e�x�e�
C�:�\�O�4�6�X�V�7�4�7�.�e�x�e�
C�:�\�h�e�R�C�c�S�U�V�.�e�x�e�
C�:�\�2�l�c�2�C�D�W�h�.�e�x�e�
C�:�\�Y�7�v�A�r�n�S�T�.�e�x�e�
C�:�\�q�h�U�E�1�G�g�7�.�e�x�e�
C�:�\�t�m�t�2�A�4�U�r�.�e�x�e�
C�:�\�e�X�1�v�_�D�h�K�.�e�x�e�
C�:�\�C�m�8�I�1�R�l�Z�.�e�x�e�
C�:�\�K�f�Q�z�L�x�_�X�.�e�x�e�
C�:�\�8�a�z�d�u�y�Y�C�.�e�x�e�
C�:�\�F�v�q�M�6�f�0�X�.�e�x�e�
C�:�\�l�y�Y�S�w�s�V�G�.�e�x�e�
C�:�\�X�y�s�s�t�T�M�r�.�e�x�e�
C�:�\�w�_�j�0�p�8�O�W�.�e�x�e�
C�:�\�w�0�s�Y�g�a�s�z�.�e�x�e�
C�:�\�B�j�B�e�x�H�P�U�.�e�x�e�
C�:�\�V�d�A�z�z�l�8�o�.�e�x�e�
C�:�\�5�2�L�W�2�h�y�0�.�e�x�e�
C�:�\�W�F�7�Z�d�u�E�1�.�e�x�e�
C�:�\�q�s�A�I�n�D�x�w�.�e�x�e�
C�:�\�8�c�0�2�e�e�d�7�2�1�a�3�6�6�b�d�7�6�0�c�f�7�d�3�e�0�1�c�b�4�c�9�b�1�2�b�6�5�4�a�9�d�f�8�c�d�1�5�e�b�2�a�9�f�d�2�f�8�3�0�1�8�a�7�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�s�a�m�p�l�e�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�i�m�p�o�r�t�a�n�t�_�d�o�c�u�m�e�n�t�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�f�a�c�t�u�r�a�.�e�x�e�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�c�b�n�a�f�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�f�a�c�t�u�r�a�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�s�a�m�p�l�e�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�s�a�m�p�l�e�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�f�a�c�t�u�r�a�.�e�x�e�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�c�b�n�a�f�.�p�e�3�2�
C�:�\�3�S�B�L�j�u�E�l�.�e�x�e�
C�:�\�8�c�6�5�9�d�2�5�2�2�c�9�4�0�6�d�e�5�7�0�a�c�8�b�0�9�e�1�b�7�c�1�2�4�5�f�b�0�b�4�8�b�c�c�3�c�1�f�d�6�b�7�5�c�b�f�3�6�7�5�4�3�b�2�
C�:�\�0�9�a�b�1�f�f�7�c�a�8�c�a�e�b�4�9�b�d�7�5�a�4�b�2�e�5�8�8�7�3�9�1�a�6�7�5�a�8�7�f�a�d�6�2�7�4�5�f�3�2�c�1�6�4�6�1�a�4�9�4�8�f�b�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�c�b�n�a�f�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�s�a�m�p�l�e�.�e�x�e�
C�:�\�0�4�4�3�6�c�d�3�a�4�1�f�c�6�d�d�d�f�4�1�a�1�8�6�a�4�9�c�5�b�6�2�3�d�8�9�1�0�b�1�7�a�d�3�0�7�c�4�b�4�8�d�4�c�7�1�6�b�4�0�c�9�e�9�
C�:�\�U�s�e�r�s�\�J�o�e� �C�a�g�e�\�D�e�s�k�t�o�p�\�a�E�y�m�g�g�F�E�7�3�.�e�x�e�
C�:�\�3�7�0�2�f�6�4�9�f�1�7�9�1�e�9�1�0�a�2�3�4�7�9�1�9�9�5�e�3�d�0�9�d�b�6�8�4�6�9�a�4�1�b�e�c�d�b�b�f�0�e�7�b�3�e�9�d�4�5�6�3�f�8�b�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�c�b�n�a�f�.�e�x�e�
C�:�\�f�b�0�0�a�9�c�b�5�3�d�a�f�c�4�a�9�b�f�b�f�1�7�b�b�8�c�7�0�7�5�7�5�1�c�7�8�9�9�2�b�7�4�0�3�3�5�f�a�8�4�6�a�a�a�b�c�a�f�2�5�f�4�2�
C�:�\�0�1�6�6�c�f�1�2�b�1�8�3�d�b�f�1�4�3�3�4�9�4�9�c�4�d�9�f�2�0�d�1�8�3�8�1�e�7�3�8�4�9�d�3�1�4�d�f�9�a�3�a�8�6�7�5�4�5�8�5�3�6�5�9�
C�:�\�7�b�9�6�3�a�b�b�3�d�0�8�c�c�2�a�1�2�5�8�d�5�f�e�e�a�5�9�7�c�a�1�1�7�0�2�9�0�7�1�d�1�f�b�1�0�4�1�9�b�e�6�d�e�6�4�c�b�2�f�f�9�5�5�
C�:�\�d�5�2�0�b�e�b�c�5�1�5�c�a�a�7�1�c�3�d�a�0�5�9�6�4�b�4�1�2�a�8�9�1�6�d�2�d�2�4�8�a�f�8�9�8�c�a�f�5�7�d�a�4�b�7�8�6�2�0�1�f�b�a�3�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�c�b�n�a�f�.�e�x�e�
C�:�\�e�b�8�c�5�7�2�9�d�c�a�2�0�f�9�4�4�6�7�1�f�c�2�7�5�2�b�0�0�6�0�2�7�1�3�3�a�8�f�1�7�a�6�2�a�f�7�7�6�a�b�d�5�c�d�0�5�4�c�9�7�b�6�5�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�c�b�n�a�f�.�e�x�e�
C�:�\�4�3�3�4�9�c�8�2�f�0�f�8�f�f�9�2�d�3�2�e�4�7�0�9�b�e�b�8�4�5�5�d�5�7�7�4�e�f�a�6�4�b�e�c�7�4�0�0�4�5�4�8�d�f�d�c�5�b�5�3�1�3�9�5�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�c�b�n�a�f�.�p�e�3�2�
C�:�\�j�o�N�Q�U�n�D�l�.�e�x�e�
C�:�\�9�5�7�2�e�e�e�a�6�7�1�8�4�4�b�4�d�5�5�d�3�5�7�e�1�1�3�b�a�e�9�3�a�d�e�3�c�5�c�2�8�8�a�2�7�e�5�1�b�c�6�9�7�e�9�f�3�5�f�1�5�0�a�a�
C�:�\�3�1�2�3�7�e�e�f�0�1�2�2�7�2�2�f�f�0�3�c�f�e�b�3�1�6�b�4�a�2�4�8�5�e�9�4�2�7�2�b�1�3�0�0�1�7�f�b�d�8�9�b�4�1�a�5�4�4�6�a�0�7�a�a�
C�:�\�c�8�9�9�3�c�a�0�f�5�b�a�5�e�0�1�a�9�3�e�6�f�1�2�0�1�b�c�2�1�7�d�d�f�8�2�6�5�9�b�3�a�6�4�c�e�5�a�9�2�9�e�9�8�0�c�1�6�9�d�f�3�7�2�
C�:�\�c�1�c�7�8�4�b�0�b�4�9�d�3�e�a�8�6�5�1�5�3�7�4�7�7�e�2�2�7�b�0�d�4�e�3�4�c�c�d�6�6�4�8�9�f�6�d�d�6�9�3�4�3�a�3�3�3�c�f�3�2�d�8�8�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�c�b�n�a�f�.�e�x�e�
c�:�\�t�a�s�k�\�7�1�4�A�6�1�F�E�A�8�E�5�7�7�D�B�1�9�C�4�7�E�C�B�F�B�F�0�1�1�4�9�.�e�x�e�
C�:�\�9�5�0�d�7�a�5�3�1�a�1�5�a�f�a�8�4�4�2�d�4�f�2�e�4�c�b�1�b�9�c�a�2�5�0�5�1�6�7�7�4�2�5�c�f�4�2�b�4�f�e�e�9�0�6�8�b�d�7�0�8�1�f�f�
C�:�\�2�8�4�2�0�6�d�b�2�b�c�d�b�c�8�6�5�9�1�3�8�8�6�3�b�2�e�f�1�1�c�6�4�8�5�0�c�d�f�f�8�c�6�f�5�c�e�0�1�3�5�2�0�8�6�b�3�a�5�0�5�a�0�a�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�c�b�n�a�f�.�e�x�e�
C�:�\�e�0�e�6�4�2�2�9�d�2�1�b�a�1�1�b�5�9�d�8�c�1�e�2�c�c�3�6�2�9�9�b�e�a�4�b�2�1�1�e�a�c�8�a�3�f�8�5�b�6�f�7�9�0�b�4�c�3�d�d�f�3�8�2�
C�:�\�6�b�7�1�f�5�0�0�0�b�4�3�1�b�1�7�2�9�a�7�9�3�6�c�6�7�a�f�8�8�3�c�c�6�0�7�a�c�4�3�5�b�7�9�1�e�3�c�b�e�5�1�c�b�1�6�3�3�6�0�a�0�2�7�
C�:�\�5�b�5�5�4�4�d�f�1�4�6�b�a�e�c�5�6�0�0�e�a�6�2�0�8�f�6�2�4�2�8�b�2�8�e�0�8�6�2�4�4�3�e�7�7�9�9�4�7�8�e�a�5�e�9�2�a�d�8�6�a�b�8�1�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�c�b�n�a�f�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�3�5�f�b�3�c�3�e�2�e�7�c�d�d�e�b�_�h�c�b�n�a�f�.�e�x�e�
C�:�\�7�f�3�1�1�7�9�8�0�d�7�8�0�d�6�9�8�1�0�2�f�1�1�e�f�1�5�1�4�3�3�2�3�4�9�c�b�d�8�3�7�8�6�9�3�5�0�a�9�2�3�1�2�8�2�6�b�4�d�3�7�6�d�7�
C�:�\�3�5�a�e�8�8�6�6�0�7�d�4�2�2�b�9�a�e�d�9�6�0�2�b�0�d�3�3�5�6�b�8�a�c�3�b�3�b�a�5�e�d�6�4�6�9�8�0�0�f�f�f�d�c�8�1�d�c�2�d�0�9�3�a�
C�:�\�9�8�4�1�5�9�b�6�6�d�7�7�5�2�a�8�f�4�9�2�0�7�6�d�4�3�2�a�8�9�4�a�2�b�b�a�1�f�4�a�c�8�3�4�8�5�a�5�1�a�e�7�f�4�3�7�1�e�d�a�2�9�3�c�
C�:�\�0�f�6�0�8�3�e�c�2�7�5�3�0�a�2�7�1�8�b�3�3�c�0�6�1�0�4�d�0�0�c�b�5�9�7�f�8�b�b�7�b�a�a�0�c�f�d�0�e�1�c�2�0�f�1�9�9�f�0�1�d�3�5�0�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�c�b�n�a�f�.�p�e�3�2�
C�:�\�c�5�7�3�b�7�7�2�5�b�0�4�2�a�c�b�d�c�4�8�8�d�0�3�1�1�f�b�c�d�7�7�6�a�e�a�d�1�d�e�0�2�7�6�c�f�c�3�5�5�8�5�5�5�9�d�f�8�d�3�e�c�8�7�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�c�b�n�a�f�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�8�0�d�f�6�f�a�3�6�3�7�7�3�1�6�6�8�1�4�0�3�9�0�0�c�b�d�e�a�2�6�c�8�8�4�e�f�2�0�6�c�2�8�2�6�8�3�f�4�1�e�f�4�f�5�3�1�9�c�0�f�6�d�7�.�e�x�e�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�c�b�n�a�f�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�5�d�e�b�7�f�4�1�0�9�5�0�7�5�5�f�_�h�c�b�n�a�f�.�e�x�e�
C�:�\�1�3�d�b�8�1�c�1�2�d�1�4�2�c�f�5�7�9�9�3�8�e�7�6�2�4�0�0�5�6�1�5�8�a�3�b�2�1�a�3�5�f�c�6�8�7�3�c�b�c�2�6�d�7�0�4�5�a�3�e�a�3�2�b�
Hosts
| IP |
|---|
| 114.114.114.114 |
DNS
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| dns.msftncsi.com | A 131.107.255.255 | 131.107.255.255 |
| dns.msftncsi.com | AAAA fd3e:4f5a:5b81::1 | 131.107.255.255 |
TCP
No TCP connections recorded.
UDP
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 53179 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 49642 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 61714 | 114.114.114.114 | 53 |
| 192.168.56.101 | 56933 | 114.114.114.114 | 53 |
| 192.168.56.101 | 138 | 192.168.56.255 | 138 |
HTTP & HTTPS Requests
No HTTP requests performed.
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts
Sorry! No dropped files.
Sorry! No dropped buffers.