6.6
高危
56 个模型检测该样本为恶意!
重新分析
更多

7b282456507c961d4305c035b9524bc41472aaec99cfe27f70361e326e0e301a

d359c1817f8e1738b2c3a3d10d738137.exe

分析耗时

81s

最近分析

文件大小

653.0KB
静态报毒 动态报毒 AI SCORE=100 BSCOPE CONFIDENCE DOWNLOADER34 E5ZPMJFOCQB ELDORADO EMOTET EWLL GENCIRC GENERICRXMA GENETIC HIGH CONFIDENCE HVEGHJ KRYPTIK MALWARE@#1ILU929KHCK09 MALWAREX MULTIRI OU0@AQ3NAGJI R + TROJ R351256 S15814262 SHCWB SUSGEN THJODBO UNSAFE ZEXAF 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
Alibaba Trojan:Win32/Emotet.6fd818ec 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast Win32:MalwareX-gen [Trj] 20201015 18.4.3895.0
Kingsoft 20201015 2013.8.14.323
McAfee GenericRXMA-EK!D359C1817F8E 20201012 6.0.6.653
Tencent Malware.Win32.Gencirc.10ce0263 20201015 1.0.0.1
CrowdStrike win/malicious_confidence_60% (W) 20190702 1.0
静态指标
Queries for the computername (1 个事件)
Time & API Arguments Status Return Repeated
1620985524.085633
GetComputerNameA
computer_name: OSKAR-PC
success 1 0
Uses Windows APIs to generate a cryptographic key (3 个事件)
Time & API Arguments Status Return Repeated
1620985509.413633
CryptGenKey
crypto_handle: 0x005e3138
algorithm_identifier: 0x0000660e ()
provider_handle: 0x005e2980
flags: 1
key: f^4†š8 ×Áa,<KÏê
success 1 0
1620985524.148633
CryptExportKey
crypto_handle: 0x005e3138
crypto_export_handle: 0x005e30f8
buffer: f¤RÐ@‚}Á0é fÔž,Òþk`ÀCR¢;t KƒH9Lƕ»ÏÈ*ِW^˝PŽÓ2E;Z®ëÕ. eª¡éz·¡LõÿÞ´fU—À ì\B°-Dy~n9‚
blob_type: 1
flags: 64
success 1 0
1620985565.226633
CryptExportKey
crypto_handle: 0x005e3138
crypto_export_handle: 0x005e30f8
buffer: f¤JHÒóxø6¨˜Ñ,Ú ä|ì[D$ÑÒÓ´úÎúyz©­ ©ÐÑqV NÕvûÇ˽|êäÔÌù !O[0o|¡pÑ%m%OÉs"ޟ\þ£»ü6âÁˆ
blob_type: 1
flags: 64
success 1 0
The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 个事件)
section Shared
The file contains an unknown PE resource name possibly indicative of a packer (1 个事件)
resource name None
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1620985508.648633
NtAllocateVirtualMemory
process_identifier: 2636
region_size: 61440
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00570000
success 0 0
Searches running processes potentially to identify processes for sandbox evasion, code injection or memory dumping (3 个事件)
Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) (1 个事件)
Time & API Arguments Status Return Repeated
1620985508.663633
NtProtectVirtualMemory
process_identifier: 2636
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
length: 45056
protection: 32 (PAGE_EXECUTE_READ)
process_handle: 0xffffffff
base_address: 0x00581000
success 0 0
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1620985527.116633
GetAdaptersAddresses
flags: 0
family: 0
failed 111 0
Expresses interest in specific running processes (1 个事件)
process d359c1817f8e1738b2c3a3d10d738137.exe
Reads the systems User Agent and subsequently performs requests (1 个事件)
Time & API Arguments Status Return Repeated
1620985525.179633
InternetOpenW
proxy_bypass:
access_type: 0
proxy_name:
flags: 0
user_agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
success 13369348 0
网络通信
Communicates with host for which no DNS query was performed (5 个事件)
host 151.139.128.14
host 104.156.59.7
host 104.32.141.43
host 172.217.24.14
host 52.218.97.12
Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)
Time & API Arguments Status Return Repeated
1620985529.804633
RegSetValueExA
key_handle: 0x000003ac
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1620985529.804633
RegSetValueExA
key_handle: 0x000003ac
value: €{H×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1620985529.804633
RegSetValueExA
key_handle: 0x000003ac
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1620985529.804633
RegSetValueExW
key_handle: 0x000003ac
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1620985529.804633
RegSetValueExA
key_handle: 0x000003c4
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1620985529.804633
RegSetValueExA
key_handle: 0x000003c4
value: €{H×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1620985529.804633
RegSetValueExA
key_handle: 0x000003c4
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
1620985529.960633
RegSetValueExW
key_handle: 0x000003a8
value: {40112ABE-63B3-43C3-BE93-1440EE3AF106}
regkey_r: WpadLastNetwork
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
success 0 0
Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually) (1 个事件)
dead_host 104.32.141.43:80
File has been identified by 56 AntiVirus engines on VirusTotal as malicious (50 out of 56 个事件)
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.Agent.EWLL
FireEye Trojan.Agent.EWLL
CAT-QuickHeal Trojan.MultiRI.S15814262
ALYac Trojan.Agent.Emotet
Cylance Unsafe
Zillya Trojan.Emotet.Win32.29285
Sangfor Malware
K7AntiVirus Trojan ( 005600f21 )
Alibaba Trojan:Win32/Emotet.6fd818ec
K7GW Trojan ( 005600f21 )
Arcabit Trojan.Agent.EWLL
Invincea Mal/Generic-R + Troj/Emotet-CNG
BitDefenderTheta Gen:NN.ZexaF.34570.Ou0@aq3nagji
Cyren W32/Emotet.ASL.gen!Eldorado
Symantec Packed.Generic.554
APEX Malicious
Avast Win32:MalwareX-gen [Trj]
Kaspersky HEUR:Trojan-Banker.Win32.Emotet.pef
BitDefender Trojan.Agent.EWLL
NANO-Antivirus Trojan.Win32.Emotet.hveghj
Paloalto generic.ml
AegisLab Trojan.Win32.Emotet.L!c
Rising Trojan.Kryptik!8.8 (TFE:5:e5zPMJfocQB)
Ad-Aware Trojan.Agent.EWLL
Emsisoft Trojan.Emotet (A)
Comodo Malware@#1ilu929khck09
F-Secure Trojan.TR/AD.Emotet.shcwb
DrWeb Trojan.DownLoader34.43701
VIPRE Trojan.Win32.Generic!BT
TrendMicro TrojanSpy.Win32.EMOTET.THJODBO
McAfee-GW-Edition GenericRXMA-EK!D359C1817F8E
Sophos Troj/Emotet-CNG
Ikarus Trojan-Banker.Emotet
Jiangmin Trojan.Banker.Emotet.ojz
Avira TR/AD.Emotet.shcwb
Antiy-AVL Trojan[Banker]/Win32.Emotet
Microsoft Trojan:Win32/Emotet.PEF!MTB
ZoneAlarm HEUR:Trojan-Banker.Win32.Emotet.pef
GData Trojan.Agent.EWLL
AhnLab-V3 Trojan/Win32.Emotet.R351256
McAfee GenericRXMA-EK!D359C1817F8E
MAX malware (ai score=100)
VBA32 BScope.Trojan.Downloader
Malwarebytes Trojan.MalPack.TRE
ESET-NOD32 Win32/Emotet.CD
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.THJODBO
Tencent Malware.Win32.Gencirc.10ce0263
Yandex Trojan.Emotet!
MaxSecure Trojan.Malware.11417434.susgen
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-09-15 03:29:22

Imports

Library MPR.dll:
0x453380 WNetAddConnection2A
Library KERNEL32.dll:
0x453114 RaiseException
0x453118 GetCommandLineA
0x45311c GetStartupInfoA
0x453120 HeapReAlloc
0x453124 VirtualAlloc
0x453128 ExitProcess
0x45312c HeapSize
0x453130 TerminateProcess
0x45313c IsDebuggerPresent
0x453140 GetACP
0x453144 IsValidCodePage
0x453148 HeapCreate
0x45314c VirtualFree
0x453150 GetStdHandle
0x453160 CreateThread
0x453164 SetHandleCount
0x453168 GetFileType
0x453170 GetTickCount
0x453180 GetConsoleCP
0x453184 GetConsoleMode
0x453188 LCMapStringA
0x45318c LCMapStringW
0x453190 GetStringTypeA
0x453194 GetStringTypeW
0x453198 GetUserDefaultLCID
0x45319c EnumSystemLocalesA
0x4531a0 IsValidLocale
0x4531a4 GetLocaleInfoW
0x4531a8 SetStdHandle
0x4531ac WriteConsoleA
0x4531b0 GetConsoleOutputCP
0x4531b4 WriteConsoleW
0x4531b8 CompareStringW
0x4531c0 ExitThread
0x4531c4 HeapAlloc
0x4531c8 HeapFree
0x4531cc RtlUnwind
0x4531d0 SetErrorMode
0x4531d4 GetFileSizeEx
0x4531e0 GetShortPathNameA
0x4531e8 FindFirstFileA
0x4531ec FindClose
0x4531f0 GetCurrentProcess
0x4531f4 DuplicateHandle
0x4531f8 GetFileSize
0x4531fc SetEndOfFile
0x453200 UnlockFile
0x453204 LockFile
0x453208 FlushFileBuffers
0x45320c SetFilePointer
0x453210 lstrcmpiA
0x453214 GetStringTypeExA
0x453218 DeleteFileA
0x45321c MoveFileA
0x453224 GetModuleHandleW
0x453230 GetThreadLocale
0x453234 GetOEMCP
0x453238 GetCPInfo
0x45323c TlsFree
0x453244 LocalReAlloc
0x453248 TlsSetValue
0x45324c TlsAlloc
0x453250 GlobalHandle
0x453254 GlobalReAlloc
0x453258 TlsGetValue
0x45325c LocalAlloc
0x453260 GlobalFlags
0x453264 GetDiskFreeSpaceA
0x453268 GetFullPathNameA
0x45326c GetTempFileNameA
0x453270 GetFileTime
0x453274 SetFileTime
0x453278 GetFileAttributesA
0x453288 GetCurrentThread
0x453294 GetLocaleInfoA
0x453298 InterlockedExchange
0x45329c lstrcmpA
0x4532a0 CreateEventA
0x4532a4 SuspendThread
0x4532a8 SetEvent
0x4532ac WaitForSingleObject
0x4532b0 SetThreadPriority
0x4532b8 GetModuleFileNameW
0x4532bc GetModuleFileNameA
0x4532c0 GlobalAlloc
0x4532c4 MulDiv
0x4532c8 lstrlenA
0x4532cc GetCurrentThreadId
0x4532d0 GlobalGetAtomNameA
0x4532d4 GlobalAddAtomA
0x4532d8 GlobalFindAtomA
0x4532dc GlobalDeleteAtom
0x4532e0 FreeLibrary
0x4532e4 CompareStringA
0x4532e8 MultiByteToWideChar
0x4532ec lstrcmpW
0x4532f0 GetVersionExA
0x4532f4 GlobalLock
0x4532f8 GlobalUnlock
0x4532fc GlobalFree
0x453300 FreeResource
0x453304 WaitNamedPipeA
0x453308 CreateFileA
0x45330c FreeConsole
0x453318 Sleep
0x45331c ReadFile
0x453320 GetModuleHandleA
0x453324 LoadLibraryA
0x453328 GetProcAddress
0x45332c SetLastError
0x453330 WriteFile
0x453334 LoadResource
0x453338 LockResource
0x45333c SizeofResource
0x453340 FindResourceA
0x453344 WideCharToMultiByte
0x453350 GetLastError
0x453354 FormatMessageA
0x453358 LocalFree
0x45335c ResumeThread
0x453360 GetCurrentProcessId
0x453368 Module32First
0x45336c Module32Next
0x453370 CloseHandle
Library USER32.dll:
0x4533cc DrawTextExA
0x4533d0 DrawTextA
0x4533d4 TabbedTextOutA
0x4533d8 FillRect
0x4533dc ShowOwnedPopups
0x4533e0 PostQuitMessage
0x4533e4 WindowFromPoint
0x4533e8 KillTimer
0x4533ec SetRect
0x4533f0 UnionRect
0x4533f4 IsRectEmpty
0x4533f8 DestroyCursor
0x4533fc SetCursorPos
0x453400 SetCapture
0x453404 RedrawWindow
0x453408 IsZoomed
0x45340c UnpackDDElParam
0x453410 ReuseDDElParam
0x453414 SetCursor
0x453418 ReleaseCapture
0x45341c LoadAcceleratorsA
0x453420 InsertMenuItemA
0x453424 CreatePopupMenu
0x453428 SetRectEmpty
0x45342c BringWindowToTop
0x453434 DestroyMenu
0x453438 GetMenuItemInfoA
0x45343c InflateRect
0x453440 InvalidateRect
0x453444 GetMessageA
0x453448 TranslateMessage
0x45344c ValidateRect
0x453454 GetMenuStringA
0x453458 InsertMenuA
0x45345c ReleaseDC
0x453460 GetDC
0x453464 SetWindowTextA
0x453468 IsDialogMessageA
0x45346c SetDlgItemTextA
0x453470 SetMenuItemBitmaps
0x453478 ModifyMenuA
0x45347c GetMenuState
0x453480 EnableMenuItem
0x453488 SendDlgItemMessageA
0x45348c WinHelpA
0x453490 IsChild
0x453494 GetCapture
0x453498 SetWindowsHookExA
0x45349c CallNextHookEx
0x4534a0 GetClassLongA
0x4534a4 GetClassNameA
0x4534a8 SetPropA
0x4534ac RemovePropA
0x4534b0 GetFocus
0x4534b4 SetFocus
0x4534bc GetWindowTextA
0x4534c0 GetForegroundWindow
0x4534c4 GetLastActivePopup
0x4534c8 DispatchMessageA
0x4534cc BeginDeferWindowPos
0x4534d0 EndDeferWindowPos
0x4534d4 GetTopWindow
0x4534d8 UnhookWindowsHookEx
0x4534dc GetMessageTime
0x4534e0 GetMessagePos
0x4534e4 PeekMessageA
0x4534e8 MapWindowPoints
0x4534ec TrackPopupMenu
0x4534f0 GetKeyState
0x4534f4 SetMenu
0x4534f8 SetScrollPos
0x4534fc GetScrollPos
0x453500 IsWindowVisible
0x453504 PostMessageA
0x453508 GetMenuItemID
0x45350c GetMenuItemCount
0x453510 MessageBoxA
0x453514 CreateWindowExA
0x453518 GetClassInfoExA
0x45351c GetClassInfoA
0x453520 RegisterClassA
0x453524 GetSysColor
0x453528 AdjustWindowRectEx
0x45352c ScreenToClient
0x453530 EqualRect
0x453534 DeferWindowPos
0x453538 CopyRect
0x45353c GetDlgCtrlID
0x453540 DefWindowProcA
0x453544 CallWindowProcA
0x453548 GetMenu
0x45354c SetWindowLongA
0x453550 SetWindowPos
0x453554 CharUpperA
0x453558 DestroyIcon
0x45355c UnregisterClassA
0x453560 OffsetRect
0x453564 IntersectRect
0x453568 GetSysColorBrush
0x45356c EndPaint
0x453570 BeginPaint
0x453574 GetWindowDC
0x453578 CheckMenuItem
0x45357c GrayStringA
0x453584 IsIconic
0x453588 GetWindowPlacement
0x45358c GetWindowRect
0x453590 GetSystemMetrics
0x453594 GetWindow
0x453598 GetActiveWindow
0x45359c SetActiveWindow
0x4535a4 DestroyWindow
0x4535a8 IsWindow
0x4535ac GetWindowLongA
0x4535b0 GetDlgItem
0x4535b4 IsWindowEnabled
0x4535b8 GetParent
0x4535bc GetNextDlgTabItem
0x4535c0 EndDialog
0x4535c4 SetForegroundWindow
0x4535c8 GetCursorPos
0x4535cc LoadBitmapA
0x4535d0 LoadCursorA
0x4535d4 GetDesktopWindow
0x4535d8 UpdateWindow
0x4535dc ShowWindow
0x4535e0 SetTimer
0x4535e4 GetSystemMenu
0x4535e8 DeleteMenu
0x4535ec GetClientRect
0x4535f0 PtInRect
0x4535f4 ClientToScreen
0x4535f8 LoadMenuA
0x4535fc GetSubMenu
0x453600 LoadIconA
0x453604 LoadStringA
0x453608 SendMessageA
0x45360c EnableWindow
0x453610 GetPropA
Library GDI32.dll:
0x45306c CreatePatternBrush
0x453070 GetStockObject
0x453074 CreateSolidBrush
0x453078 ScaleWindowExtEx
0x45307c SetWindowExtEx
0x453080 ScaleViewportExtEx
0x453084 SetViewportExtEx
0x453088 OffsetViewportOrgEx
0x45308c SetViewportOrgEx
0x453090 Escape
0x453094 TextOutA
0x453098 RectVisible
0x45309c PtVisible
0x4530a0 GetPixel
0x4530a4 CreateCompatibleDC
0x4530a8 BitBlt
0x4530ac GetObjectA
0x4530b0 IntersectClipRect
0x4530b4 ExcludeClipRect
0x4530b8 SetMapMode
0x4530bc SetBkMode
0x4530c0 RestoreDC
0x4530c4 SaveDC
0x4530c8 GetBkColor
0x4530cc GetTextMetricsA
0x4530d0 StretchDIBits
0x4530d4 DeleteDC
0x4530d8 CreateFontA
0x4530dc SelectObject
0x4530e0 GetCharWidthA
0x4530e4 DeleteObject
0x4530f0 ExtTextOutA
0x4530f4 CreateFontIndirectA
0x4530f8 GetDeviceCaps
0x4530fc PatBlt
0x453100 CreateBitmap
0x453104 SetBkColor
0x453108 SetTextColor
0x45310c GetClipBox
Library COMDLG32.dll:
0x453064 GetFileTitleA
Library WINSPOOL.DRV:
0x453618 ClosePrinter
0x45361c OpenPrinterA
0x453620 DocumentPropertiesA
Library ADVAPI32.dll:
0x453000 RegOpenKeyExA
0x453004 RegCreateKeyA
0x453008 GetFileSecurityA
0x45300c SetFileSecurityA
0x453010 RegDeleteValueA
0x453014 RegSetValueExA
0x453018 RegCreateKeyExA
0x45301c RegQueryValueA
0x453020 RegOpenKeyA
0x453024 RegEnumKeyA
0x453028 RegDeleteKeyA
0x453030 RegQueryValueExA
0x453034 RegSetValueA
0x453038 RegCloseKey
0x45303c OpenSCManagerA
0x453040 OpenServiceA
0x453044 CreateServiceA
0x453048 CloseServiceHandle
0x45304c StartServiceA
Library SHELL32.dll:
0x45339c DragFinish
0x4533a0 DragQueryFileA
0x4533a4 ExtractIconA
0x4533a8 SHGetFileInfoA
0x4533ac Shell_NotifyIconA
Library COMCTL32.dll:
0x45305c ImageList_Destroy
Library SHLWAPI.dll:
0x4533b4 PathFindFileNameA
0x4533b8 PathStripToRootA
0x4533bc PathIsUNCA
0x4533c0 PathFindExtensionA
0x4533c4 PathRemoveFileSpecW
Library ole32.dll:
0x453638 CoTaskMemFree
0x45363c CoCreateInstance
0x453640 CoUninitialize
0x453644 CoInitializeEx
Library OLEAUT32.dll:
0x453388 VariantClear
0x45338c VariantChangeType
0x453390 VariantInit
0x453394 SysAllocStringLen
Library WS2_32.dll:
0x453628 WSACleanup
0x45362c WSAStartup
0x453630 WSASetLastError

Exports

Ordinal Address Name
1 0x408480 KCCDWafdUUJKIIOFFCVDDS

Hosts

No hosts contacted.

TCP

Source Source Port Destination Destination Port
52.218.97.12 80 192.168.56.101 49191

UDP

Source Source Port Destination Destination Port
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 63429 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 51808 224.0.0.252 5355
192.168.56.101 51963 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 50535 239.255.255.250 3702
192.168.56.101 50537 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58707 239.255.255.250 3702
192.168.56.101 62192 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.