7.0
高危
50 个模型检测该样本为恶意!
重新分析
更多

7040763508c73ed6c78415ffdbc7c79f06789507d03f19789e6f0d0695e57109

dbf805faacc77b5d647f9ada0f002e16.exe

分析耗时

77s

最近分析

文件大小

172.0KB
静态报毒 动态报毒 AI SCORE=89 AIDETECTVM BEHAVIOR CLASSIC CONFIDENCE ELDORADO EMOTET EMOTETPMF GCVL GENCIRC GENERICKDZ GENETIC GENKRYPTIK HFVD HIGH CONFIDENCE HTTRGG KQ0@AGJKUHIJ KRYPTIK MALWARE1 MALWARE@#21AYR2S6KOMN6 R + TROJ R349634 S15684654 SUSGEN TROJANBANKER UNSAFE VMUPHIZ8LQE XARQF ZEXAF 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
Alibaba Trojan:Win32/Emotet.f32cab68 20190527 0.3.0.5
Avast Win32:Malware-gen 20201023 18.4.3895.0
Tencent Malware.Win32.Gencirc.10cdf98a 20201023 1.0.0.1
Baidu 20190318 1.0.0.2
Kingsoft 20201023 2013.8.14.323
McAfee Emotet-FRZ!DBF805FAACC7 20201023 6.0.6.653
CrowdStrike win/malicious_confidence_60% (W) 20190702 1.0
静态指标
Queries for the computername (1 个事件)
Time & API Arguments Status Return Repeated
1619948431.998689
GetComputerNameA
computer_name: OSKAR-PC
success 1 0
Uses Windows APIs to generate a cryptographic key (4 个事件)
Time & API Arguments Status Return Repeated
1619948415.779689
CryptGenKey
crypto_handle: 0x005f1fd0
algorithm_identifier: 0x0000660e ()
provider_handle: 0x005f4af0
flags: 1
key: fwAÏ#3Äï—cÑfy†
success 1 0
1619948432.014689
CryptExportKey
crypto_handle: 0x005f1fd0
crypto_export_handle: 0x005f4ab0
buffer: f¤Zâ +SìZ1×¾'‡×Ûn+¶ï¥l~Ð –µ.ªÉ1мä%‡ðBo®¹Ýh¿)h²Œz\ø~/É@²å8ᨾÙ<Žî,ã/‚yæ‡*™e†kÿ+õV
blob_type: 1
flags: 64
success 1 0
1619948440.154689
CryptExportKey
crypto_handle: 0x005f1fd0
crypto_export_handle: 0x005f4ab0
buffer: f¤_Þ}m á~e‹[SQCÚ¨fgà?!MÖ4cÅ.0ŽÌL¶‚ó‰… ø‡)™¥LGڛ:~ƒØ·CJÔÊܯI¹å¿(O.2ý×^OmF¶ºƒDÎÄcÏV!6:ü&V
blob_type: 1
flags: 64
success 1 0
1619948472.889689
CryptExportKey
crypto_handle: 0x005f1fd0
crypto_export_handle: 0x005f4ab0
buffer: f¤#e ÑoÀŸ…Œá€œÝµå5à£©ò$ӟ¾~žC3ð ûïμþ-Íܟú´‡;‘ù|¼êÄÌÒI–Qu«°Zèýʾù*CäÃÈ”ߢØE£Ò9¦•…æ¿`HŠ²á|Î
blob_type: 1
flags: 64
success 1 0
The executable uses a known packer (1 个事件)
packer Armadillo v1.71
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (2 个事件)
Time & API Arguments Status Return Repeated
1619948415.076689
NtAllocateVirtualMemory
process_identifier: 2228
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x01df0000
success 0 0
1619948415.108689
NtAllocateVirtualMemory
process_identifier: 2228
region_size: 36864
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x01e20000
success 0 0
Foreign language identified in PE resource (20 个事件)
name RT_CURSOR language LANG_CHINESE offset 0x0002e0d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000000b4
name RT_CURSOR language LANG_CHINESE offset 0x0002e0d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000000b4
name RT_BITMAP language LANG_CHINESE offset 0x0002eab0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000144
name RT_BITMAP language LANG_CHINESE offset 0x0002eab0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000144
name RT_BITMAP language LANG_CHINESE offset 0x0002eab0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000144
name RT_BITMAP language LANG_CHINESE offset 0x0002eab0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000144
name RT_DIALOG language LANG_CHINESE offset 0x0002e7a0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000000e2
name RT_DIALOG language LANG_CHINESE offset 0x0002e7a0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000000e2
name RT_STRING language LANG_CHINESE offset 0x0002f4c8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000024
name RT_STRING language LANG_CHINESE offset 0x0002f4c8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000024
name RT_STRING language LANG_CHINESE offset 0x0002f4c8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000024
name RT_STRING language LANG_CHINESE offset 0x0002f4c8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000024
name RT_STRING language LANG_CHINESE offset 0x0002f4c8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000024
name RT_STRING language LANG_CHINESE offset 0x0002f4c8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000024
name RT_STRING language LANG_CHINESE offset 0x0002f4c8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000024
name RT_STRING language LANG_CHINESE offset 0x0002f4c8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000024
name RT_STRING language LANG_CHINESE offset 0x0002f4c8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000024
name RT_STRING language LANG_CHINESE offset 0x0002f4c8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000024
name RT_STRING language LANG_CHINESE offset 0x0002f4c8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000024
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x0002e190 filetype Lotus unknown worksheet or configuration, revision 0x2 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000022
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1619948432.498689
GetAdaptersAddresses
flags: 0
family: 0
failed 111 0
The binary likely contains encrypted or compressed data indicative of a packer (2 个事件)
entropy 7.009819292753843 section {'size_of_data': '0x0000d000', 'virtual_address': '0x00023000', 'entropy': 7.009819292753843, 'name': '.rsrc', 'virtual_size': '0x0000c4f0'} description A section with a high entropy has been found
entropy 0.30952380952380953 description Overall entropy of this PE file is high
Expresses interest in specific running processes (1 个事件)
process dbf805faacc77b5d647f9ada0f002e16.exe
Reads the systems User Agent and subsequently performs requests (1 个事件)
Time & API Arguments Status Return Repeated
1619948432.170689
InternetOpenW
proxy_bypass:
access_type: 0
proxy_name:
flags: 0
user_agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
success 13369348 0
网络通信
Communicates with host for which no DNS query was performed (7 个事件)
host 172.217.24.14
host 190.136.179.102
host 94.102.209.63
host 97.107.135.148
host 203.208.41.33
host 203.208.41.66
host 58.63.233.69
Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)
Time & API Arguments Status Return Repeated
1619948435.076689
RegSetValueExA
key_handle: 0x000003a4
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1619948435.076689
RegSetValueExA
key_handle: 0x000003a4
value: Ð~Õf ?×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1619948435.076689
RegSetValueExA
key_handle: 0x000003a4
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1619948435.076689
RegSetValueExW
key_handle: 0x000003a4
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1619948435.076689
RegSetValueExA
key_handle: 0x000003bc
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1619948435.076689
RegSetValueExA
key_handle: 0x000003bc
value: Ð~Õf ?×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1619948435.076689
RegSetValueExA
key_handle: 0x000003bc
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
1619948435.123689
RegSetValueExW
key_handle: 0x000003a0
value: {40112ABE-63B3-43C3-BE93-1440EE3AF106}
regkey_r: WpadLastNetwork
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
success 0 0
File has been identified by 50 AntiVirus engines on VirusTotal as malicious (50 个事件)
Bkav W32.AIDetectVM.malware1
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKDZ.69815
FireEye Trojan.GenericKDZ.69815
CAT-QuickHeal Trojan.EmotetPMF.S15684654
ALYac Trojan.Agent.Emotet
Cylance Unsafe
Zillya Trojan.Emotet.Win32.27698
K7AntiVirus Riskware ( 0040eff71 )
Alibaba Trojan:Win32/Emotet.f32cab68
K7GW Trojan ( 0056e0751 )
Arcabit Trojan.Generic.D110B7
BitDefenderTheta Gen:NN.ZexaF.34570.kq0@aGjKUHij
Cyren W32/Emotet.ARO.gen!Eldorado
Symantec Packed.Generic.554
ESET-NOD32 a variant of Win32/Kryptik.HFVD
APEX Malicious
Avast Win32:Malware-gen
Kaspersky Trojan-Banker.Win32.Emotet.gcvl
BitDefender Trojan.GenericKDZ.69815
NANO-Antivirus Trojan.Win32.Emotet.httrgg
Paloalto generic.ml
AegisLab Trojan.Win32.Emotet.L!c
Tencent Malware.Win32.Gencirc.10cdf98a
Ad-Aware Trojan.GenericKDZ.69815
Emsisoft Trojan.Emotet (A)
Comodo Malware@#21ayr2s6komn6
VIPRE Trojan.Win32.Generic!BT
Invincea Mal/Generic-R + Troj/Emotet-CMG
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch
Sophos Troj/Emotet-CMG
Jiangmin Trojan.Banker.Emotet.ogk
Avira TR/Kryptik.xarqf
Microsoft Trojan:Win32/Emotet.PED!MTB
ZoneAlarm Trojan-Banker.Win32.Emotet.gcvl
GData Trojan.GenericKDZ.69815
TACHYON Banker/W32.Emotet.176128.BC
AhnLab-V3 Trojan/Win32.Emotet.R349634
McAfee Emotet-FRZ!DBF805FAACC7
MAX malware (ai score=89)
VBA32 TrojanBanker.Emotet
Rising Trojan.Emotet!1.CB4C (CLASSIC)
Yandex Trojan.GenKryptik!VmuPhIZ8LqE
Ikarus Trojan-Banker.Emotet
MaxSecure Trojan.Malware.106084400.susgen
Fortinet W32/Malicious_Behavior.VEX
AVG Win32:Malware-gen
Panda Trj/Genetic.gen
CrowdStrike win/malicious_confidence_60% (W)
Qihoo-360 Win32/Trojan.aa6
Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (4 个事件)
dead_host 192.168.56.101:49177
dead_host 190.136.179.102:80
dead_host 97.107.135.148:8080
dead_host 192.168.56.101:49222
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-08-29 00:14:14

Imports

Library KERNEL32.dll:
0x4170b0 RtlUnwind
0x4170b4 HeapAlloc
0x4170b8 GetStartupInfoA
0x4170bc GetCommandLineA
0x4170c0 ExitProcess
0x4170c4 RaiseException
0x4170c8 HeapFree
0x4170cc TerminateProcess
0x4170d0 HeapSize
0x4170d4 HeapReAlloc
0x4170d8 GetACP
0x4170dc HeapDestroy
0x4170e0 HeapCreate
0x4170e4 VirtualFree
0x4170e8 IsBadWritePtr
0x4170fc SetHandleCount
0x417100 GetStdHandle
0x417104 GetFileType
0x41710c LCMapStringA
0x417110 LCMapStringW
0x417114 GetStringTypeA
0x417118 GetStringTypeW
0x41711c IsBadReadPtr
0x417120 IsBadCodePtr
0x417124 SetStdHandle
0x417128 GetProfileStringA
0x41712c FlushFileBuffers
0x417130 SetFilePointer
0x417134 WriteFile
0x417138 GetCurrentProcess
0x41713c SetErrorMode
0x417140 SizeofResource
0x417148 GetOEMCP
0x41714c GetCPInfo
0x417150 GetProcessVersion
0x417154 GlobalFlags
0x417158 TlsGetValue
0x41715c LocalReAlloc
0x417160 TlsSetValue
0x417168 GlobalReAlloc
0x417170 TlsFree
0x417174 GlobalHandle
0x41717c TlsAlloc
0x417184 LocalFree
0x417188 LocalAlloc
0x41718c GetLastError
0x417190 GlobalFree
0x417194 CloseHandle
0x417198 GetModuleFileNameA
0x41719c GetProcAddress
0x4171a0 GlobalAlloc
0x4171a4 lstrcmpA
0x4171a8 GetCurrentThread
0x4171ac MultiByteToWideChar
0x4171b0 WideCharToMultiByte
0x4171b4 lstrlenA
0x4171c0 GlobalLock
0x4171c4 GlobalUnlock
0x4171c8 SetLastError
0x4171cc lstrcpynA
0x4171d0 MulDiv
0x4171d4 FindResourceA
0x4171d8 LoadResource
0x4171dc LockResource
0x4171e0 GetVersion
0x4171e4 lstrcatA
0x4171e8 GetCurrentThreadId
0x4171ec GlobalGetAtomNameA
0x4171f0 lstrcmpiA
0x4171f4 GlobalAddAtomA
0x4171f8 GlobalFindAtomA
0x4171fc GlobalDeleteAtom
0x417200 lstrcpyA
0x417204 GetModuleHandleA
0x417208 VirtualAlloc
0x41720c LoadLibraryW
0x417210 FreeLibrary
0x417214 LoadLibraryA
Library USER32.dll:
0x417220 ModifyMenuA
0x417224 GetMenuState
0x417228 LoadBitmapA
0x417230 InflateRect
0x417234 ReleaseDC
0x417238 GetDC
0x41723c ClientToScreen
0x417240 GetWindowDC
0x417244 BeginPaint
0x417248 EndPaint
0x41724c TabbedTextOutA
0x417250 DrawTextA
0x417254 GrayStringA
0x417258 PostQuitMessage
0x41725c SetCursor
0x417260 GetCursorPos
0x417264 ValidateRect
0x417268 GetActiveWindow
0x41726c TranslateMessage
0x417270 GetMessageA
0x417278 EndDialog
0x41727c GetClassNameA
0x417280 PtInRect
0x417284 LoadCursorA
0x417288 GetSysColorBrush
0x41728c DestroyMenu
0x417290 LoadStringA
0x417294 InvalidateRect
0x417298 ShowWindow
0x41729c SetWindowTextA
0x4172a0 IsDialogMessageA
0x4172a4 PostMessageA
0x4172a8 UpdateWindow
0x4172ac SendDlgItemMessageA
0x4172b0 MapWindowPoints
0x4172b4 PeekMessageA
0x4172b8 DispatchMessageA
0x4172bc SetMenuItemBitmaps
0x4172c0 SetActiveWindow
0x4172c4 IsWindow
0x4172c8 SetFocus
0x4172cc AdjustWindowRectEx
0x4172d0 ScreenToClient
0x4172d4 CopyRect
0x4172d8 IsWindowVisible
0x4172dc GetTopWindow
0x4172e0 MessageBoxA
0x4172e4 GetParent
0x4172e8 GetCapture
0x4172ec WinHelpA
0x4172f0 wsprintfA
0x4172f4 GetClassInfoA
0x4172f8 RegisterClassA
0x4172fc GetMenu
0x417300 GetMenuItemCount
0x417304 GetSubMenu
0x417308 GetMenuItemID
0x41730c GetDlgItem
0x417314 GetWindowTextA
0x417318 GetDlgCtrlID
0x41731c GetKeyState
0x417320 DefWindowProcA
0x417324 DestroyWindow
0x417328 CreateWindowExA
0x41732c SetWindowsHookExA
0x417330 CallNextHookEx
0x417334 GetClassLongA
0x417338 SetPropA
0x41733c UnhookWindowsHookEx
0x417340 GetPropA
0x417344 CallWindowProcA
0x417348 RemovePropA
0x41734c GetMessageTime
0x417350 GetMessagePos
0x417354 GetLastActivePopup
0x417358 GetForegroundWindow
0x41735c SetForegroundWindow
0x417360 GetWindow
0x417364 GetWindowLongA
0x417368 SetWindowLongA
0x41736c SetWindowPos
0x417370 GetSysColor
0x417374 RedrawWindow
0x417378 GetWindowRect
0x41737c UnregisterClassA
0x417380 HideCaret
0x417384 ShowCaret
0x41738c OffsetRect
0x417390 IntersectRect
0x417398 GetWindowPlacement
0x41739c IsIconic
0x4173a0 GetSystemMetrics
0x4173a4 GetClientRect
0x4173a8 DrawIcon
0x4173ac CheckMenuItem
0x4173b0 EnableMenuItem
0x4173b4 GetNextDlgTabItem
0x4173b8 GetFocus
0x4173bc IsWindowEnabled
0x4173c0 SendMessageA
0x4173c4 LoadIconA
0x4173c8 EnableWindow
0x4173cc IsWindowUnicode
0x4173d0 CharNextA
0x4173d4 DefDlgProcA
0x4173d8 DrawFocusRect
0x4173dc ExcludeUpdateRgn
Library GDI32.dll:
0x41701c PatBlt
0x417020 ExtTextOutA
0x417024 DeleteDC
0x417028 SaveDC
0x41702c RestoreDC
0x417030 SelectObject
0x417034 GetStockObject
0x417038 SetBkMode
0x41703c SetMapMode
0x417040 SetViewportOrgEx
0x417044 OffsetViewportOrgEx
0x417048 SetViewportExtEx
0x41704c ScaleViewportExtEx
0x417050 SetWindowExtEx
0x417054 ScaleWindowExtEx
0x417058 IntersectClipRect
0x41705c DeleteObject
0x417060 MoveToEx
0x417064 LineTo
0x417068 CreateSolidBrush
0x41706c PtVisible
0x417070 RectVisible
0x417074 TextOutA
0x417078 Escape
0x41707c GetDeviceCaps
0x417080 CreateBitmap
0x417084 GetObjectA
0x417088 SetBkColor
0x41708c SetTextColor
0x417090 GetClipBox
0x417094 CreatePen
0x417098 CreateDIBitmap
0x41709c GetTextExtentPointA
0x4170a0 BitBlt
0x4170a4 CreateCompatibleDC
0x4170a8 Polygon
Library WINSPOOL.DRV:
0x4173e4 DocumentPropertiesA
0x4173e8 ClosePrinter
0x4173ec OpenPrinterA
Library ADVAPI32.dll:
0x417000 RegSetValueExA
0x417004 RegCloseKey
0x417008 RegOpenKeyExA
0x41700c RegCreateKeyExA
Library COMCTL32.dll:
0x417014

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 49235 114.114.114.114 53
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 51808 224.0.0.252 5355
192.168.56.101 55368 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 50535 239.255.255.250 3702
192.168.56.101 56540 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58707 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.