7.0
高危
56 个模型检测该样本为恶意!
重新分析
更多

8afd54f2ed0af6d9593b0985cec1604748ca753900859fe4ee225d21b574e55e

e7ec2585b8fd04839c9d29fbaf35b6fc.exe

分析耗时

84s

最近分析

文件大小

546.5KB
静态报毒 动态报毒 AI SCORE=83 AIDETECTVM ATTRIBUTE BSCOPE BT3EN0 BYHXG BYPASSUAC CLASSIC DBATLDR DELF DOWNLOADER33 EKLE FAREIT FORMBOOK GDSDA GENCIRC GENERICKD GENKRYPTIK HIGH CONFIDENCE HIGHCONFIDENCE HNGZTB IGENT IKW@ACTRFVDI JHYW KCLOUD MALWARE1 MALWARE@#1N1NAJ1UJCLOE OCCAMY R343852 REMCOS S + TROJ SCORE STATIC AI SUSPICIOUS PE UNSAFE ZELPHICO 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Fareit-FVP!E7EC2585B8FD 20210127 6.0.6.653
Alibaba TrojanDownloader:Win32/BypassUAC.279b4e3d 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast Win32:Trojan-gen 20210126 21.1.5827.0
Tencent Malware.Win32.Gencirc.10cddd7d 20210127 1.0.0.1
Kingsoft Win32.Troj.Undef.(kcloud) 20210127 2017.9.26.565
静态指标
The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 个事件)
section .itext
The executable uses a known packer (1 个事件)
packer BobSoft Mini Delphi -> BoB / BobSoft
One or more processes crashed (1 个事件)
Time & API Arguments Status Return Repeated
1619959851.641124
__exception__
stacktrace: 
0x2509562
DriverCallback+0x4e waveOutOpen-0xa2e winmm+0x3af0 @ 0x73703af0
timeEndPeriod+0x54a timeKillEvent-0x57 winmm+0xa535 @ 0x7370a535
timeEndPeriod+0x449 timeKillEvent-0x158 winmm+0xa434 @ 0x7370a434
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 56753180
registers.edi: 56753224
registers.eax: 0
registers.ebp: 56753776
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 4294967294
exception.instruction_r: 8b 40 3c 99 03 04 24 13 54 24 04 83 c4 08 89 44
exception.instruction: mov eax, dword ptr [eax + 0x3c]
exception.exception_code: 0xc0000005
exception.symbol:
exception.address: 0x2508c2c
success 0 0
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1619959810.359124
NtAllocateVirtualMemory
process_identifier: 2288
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x01ed0000
success 0 0
Downloads a file or document from Google Drive (1 个事件)
domain drive.google.com
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1619959826.438124
GetAdaptersAddresses
flags: 0
family: 0
failed 111 0
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
Disables proxy possibly for traffic interception (1 个事件)
Time & API Arguments Status Return Repeated
1619959826.141124
RegSetValueExA
key_handle: 0x000002ec
value: 0
regkey_r: ProxyEnable
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
success 0 0
Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)
Time & API Arguments Status Return Repeated
1619959829.281124
RegSetValueExA
key_handle: 0x000003e0
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1619959829.281124
RegSetValueExA
key_handle: 0x000003e0
value: ð…bÊ5?×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1619959829.281124
RegSetValueExA
key_handle: 0x000003e0
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1619959829.281124
RegSetValueExW
key_handle: 0x000003e0
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1619959829.281124
RegSetValueExA
key_handle: 0x000003fc
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1619959829.281124
RegSetValueExA
key_handle: 0x000003fc
value: ð…bÊ5?×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1619959829.281124
RegSetValueExA
key_handle: 0x000003fc
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
1619959829.422124
RegSetValueExW
key_handle: 0x000003dc
value: {40112ABE-63B3-43C3-BE93-1440EE3AF106}
regkey_r: WpadLastNetwork
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
success 0 0
Network activity contains more than one unique useragent (2 个事件)
process e7ec2585b8fd04839c9d29fbaf35b6fc.exe useragent Internal
process e7ec2585b8fd04839c9d29fbaf35b6fc.exe useragent CODE
File has been identified by 56 AntiVirus engines on VirusTotal as malicious (50 out of 56 个事件)
Bkav W32.AIDetectVM.malware1
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.34144601
FireEye Generic.mg.e7ec2585b8fd0483
McAfee Fareit-FVP!E7EC2585B8FD
Cylance Unsafe
Sangfor Malware
K7AntiVirus Trojan ( 0056a5501 )
Alibaba TrojanDownloader:Win32/BypassUAC.279b4e3d
K7GW Trojan ( 0056a5501 )
Cybereason malicious.5b8fd0
Arcabit Trojan.Generic.D2090159
Cyren W32/Trojan.JHYW-1872
Symantec ML.Attribute.HighConfidence
APEX Malicious
Avast Win32:Trojan-gen
ClamAV Win.Dropper.Formbook-9024752-0
Kaspersky HEUR:Exploit.Win32.BypassUAC.gen
BitDefender Trojan.GenericKD.34144601
NANO-Antivirus Exploit.Win32.BypassUAC.hngztb
Paloalto generic.ml
Tencent Malware.Win32.Gencirc.10cddd7d
Ad-Aware Trojan.GenericKD.34144601
Sophos Mal/Generic-S + Troj/Inject-GHT
Comodo Malware@#1n1naj1ujcloe
F-Secure Trojan.TR/AD.DbatLdr.byhxg
DrWeb Trojan.DownLoader33.61633
VIPRE Trojan.Win32.Generic!BT
McAfee-GW-Edition Fareit-FVP!E7EC2585B8FD
Emsisoft Trojan.Injector (A)
SentinelOne Static AI - Suspicious PE
Jiangmin Exploit.BypassUAC.bup
eGambit Unsafe.AI_Score_98%
Avira TR/AD.DbatLdr.byhxg
Antiy-AVL Trojan[Exploit]/Win32.BypassUAC
Kingsoft Win32.Troj.Undef.(kcloud)
Microsoft Trojan:Win32/Occamy.C8A
ZoneAlarm HEUR:Exploit.Win32.BypassUAC.gen
GData Trojan.GenericKD.34144601
Cynet Malicious (score: 85)
AhnLab-V3 Trojan/Win32.Injector.R343852
BitDefenderTheta Gen:NN.ZelphiCO.34780.IKW@aCtRFvdi
ALYac Trojan.Agent.Injector.Gen
MAX malware (ai score=83)
VBA32 BScope.Backdoor.Remcos
Malwarebytes Trojan.MalPack.SMY
Zoner Trojan.Win32.94842
ESET-NOD32 Win32/TrojanDownloader.Delf.CYB
Rising Trojan.Delf!1.C900 (CLASSIC)
Yandex Trojan.Igent.bT3En0.2
Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (3 个事件)
dead_host 172.217.24.14:443
dead_host 172.217.160.110:443
dead_host 31.13.65.18:443
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

1992-06-20 06:22:17

Imports

Library oleaut32.dll:
0x47a7a4 SysFreeString
0x47a7a8 SysReAllocStringLen
0x47a7ac SysAllocStringLen
Library advapi32.dll:
0x47a7b4 RegQueryValueExA
0x47a7b8 RegOpenKeyExA
0x47a7bc RegCloseKey
Library user32.dll:
0x47a7c4 GetKeyboardType
0x47a7c8 DestroyWindow
0x47a7cc LoadStringA
0x47a7d0 MessageBoxA
0x47a7d4 CharNextA
Library kernel32.dll:
0x47a7dc GetACP
0x47a7e0 Sleep
0x47a7e4 VirtualFree
0x47a7e8 VirtualAlloc
0x47a7ec GetTickCount
0x47a7f4 GetCurrentThreadId
0x47a800 VirtualQuery
0x47a804 WideCharToMultiByte
0x47a808 MultiByteToWideChar
0x47a80c lstrlenA
0x47a810 lstrcpynA
0x47a814 LoadLibraryExA
0x47a818 GetThreadLocale
0x47a81c GetStartupInfoA
0x47a820 GetProcAddress
0x47a824 GetModuleHandleA
0x47a828 GetModuleFileNameA
0x47a82c GetLocaleInfoA
0x47a830 GetCommandLineA
0x47a834 FreeLibrary
0x47a838 FindFirstFileA
0x47a83c FindClose
0x47a840 ExitProcess
0x47a844 CompareStringA
0x47a848 WriteFile
0x47a850 RtlUnwind
0x47a854 RaiseException
0x47a858 GetStdHandle
Library kernel32.dll:
0x47a860 TlsSetValue
0x47a864 TlsGetValue
0x47a868 LocalAlloc
0x47a86c GetModuleHandleA
Library user32.dll:
0x47a874 CreateWindowExA
0x47a878 WindowFromPoint
0x47a87c WaitMessage
0x47a880 UpdateWindow
0x47a884 UnregisterClassA
0x47a888 UnhookWindowsHookEx
0x47a88c TranslateMessage
0x47a894 TrackPopupMenu
0x47a89c ShowWindow
0x47a8a0 ShowScrollBar
0x47a8a4 ShowOwnedPopups
0x47a8a8 ShowCursor
0x47a8ac SetWindowsHookExA
0x47a8b0 SetWindowTextA
0x47a8b4 SetWindowPos
0x47a8b8 SetWindowPlacement
0x47a8bc SetWindowLongW
0x47a8c0 SetWindowLongA
0x47a8c4 SetTimer
0x47a8c8 SetScrollRange
0x47a8cc SetScrollPos
0x47a8d0 SetScrollInfo
0x47a8d4 SetRect
0x47a8d8 SetPropA
0x47a8dc SetParent
0x47a8e0 SetMenuItemInfoA
0x47a8e4 SetMenu
0x47a8e8 SetForegroundWindow
0x47a8ec SetFocus
0x47a8f0 SetCursor
0x47a8f4 SetClassLongA
0x47a8f8 SetCapture
0x47a8fc SetActiveWindow
0x47a900 SendMessageW
0x47a904 SendMessageA
0x47a908 ScrollWindow
0x47a90c ScreenToClient
0x47a910 RemovePropA
0x47a914 RemoveMenu
0x47a918 ReleaseDC
0x47a91c ReleaseCapture
0x47a928 RegisterClassA
0x47a92c RedrawWindow
0x47a930 PtInRect
0x47a934 PostQuitMessage
0x47a938 PostMessageA
0x47a93c PeekMessageW
0x47a940 PeekMessageA
0x47a944 OffsetRect
0x47a948 OemToCharA
0x47a94c MessageBoxA
0x47a950 MapWindowPoints
0x47a954 MapVirtualKeyA
0x47a958 LoadStringA
0x47a95c LoadKeyboardLayoutA
0x47a960 LoadIconA
0x47a964 LoadCursorA
0x47a968 LoadBitmapA
0x47a96c KillTimer
0x47a970 IsZoomed
0x47a974 IsWindowVisible
0x47a978 IsWindowUnicode
0x47a97c IsWindowEnabled
0x47a980 IsWindow
0x47a984 IsRectEmpty
0x47a988 IsIconic
0x47a98c IsDialogMessageW
0x47a990 IsDialogMessageA
0x47a994 IsChild
0x47a998 InvalidateRect
0x47a99c IntersectRect
0x47a9a0 InsertMenuItemA
0x47a9a4 InsertMenuA
0x47a9a8 InflateRect
0x47a9b0 GetWindowTextA
0x47a9b4 GetWindowRect
0x47a9b8 GetWindowPlacement
0x47a9bc GetWindowLongW
0x47a9c0 GetWindowLongA
0x47a9c4 GetWindowDC
0x47a9c8 GetTopWindow
0x47a9cc GetSystemMetrics
0x47a9d0 GetSystemMenu
0x47a9d4 GetSysColorBrush
0x47a9d8 GetSysColor
0x47a9dc GetSubMenu
0x47a9e0 GetScrollRange
0x47a9e4 GetScrollPos
0x47a9e8 GetScrollInfo
0x47a9ec GetPropA
0x47a9f0 GetParent
0x47a9f4 GetWindow
0x47a9f8 GetMessagePos
0x47a9fc GetMenuStringA
0x47aa00 GetMenuState
0x47aa04 GetMenuItemInfoA
0x47aa08 GetMenuItemID
0x47aa0c GetMenuItemCount
0x47aa10 GetMenu
0x47aa14 GetLastActivePopup
0x47aa18 GetKeyboardState
0x47aa24 GetKeyboardLayout
0x47aa28 GetKeyState
0x47aa2c GetKeyNameTextA
0x47aa30 GetIconInfo
0x47aa34 GetForegroundWindow
0x47aa38 GetFocus
0x47aa3c GetDesktopWindow
0x47aa40 GetDCEx
0x47aa44 GetDC
0x47aa48 GetCursorPos
0x47aa4c GetCursor
0x47aa50 GetClientRect
0x47aa54 GetClassLongA
0x47aa58 GetClassInfoA
0x47aa5c GetCapture
0x47aa60 GetActiveWindow
0x47aa64 FrameRect
0x47aa68 FindWindowA
0x47aa6c FillRect
0x47aa70 EqualRect
0x47aa74 EnumWindows
0x47aa78 EnumThreadWindows
0x47aa7c EnumChildWindows
0x47aa80 EndPaint
0x47aa84 EnableWindow
0x47aa88 EnableScrollBar
0x47aa8c EnableMenuItem
0x47aa90 DrawTextA
0x47aa94 DrawMenuBar
0x47aa98 DrawIconEx
0x47aa9c DrawIcon
0x47aaa0 DrawFrameControl
0x47aaa4 DrawEdge
0x47aaa8 DispatchMessageW
0x47aaac DispatchMessageA
0x47aab0 DestroyWindow
0x47aab4 DestroyMenu
0x47aab8 DestroyIcon
0x47aabc DestroyCursor
0x47aac0 DeleteMenu
0x47aac4 DefWindowProcA
0x47aac8 DefMDIChildProcA
0x47aacc DefFrameProcA
0x47aad0 CreatePopupMenu
0x47aad4 CreateMenu
0x47aad8 CreateIcon
0x47aadc ClientToScreen
0x47aae0 CheckMenuItem
0x47aae4 CharNextW
0x47aae8 CallWindowProcA
0x47aaec CallNextHookEx
0x47aaf0 BeginPaint
0x47aaf4 CharNextA
0x47aaf8 CharLowerA
0x47aafc CharUpperBuffA
0x47ab00 CharToOemA
0x47ab04 AdjustWindowRectEx
Library gdi32.dll:
0x47ab10 UnrealizeObject
0x47ab14 StretchBlt
0x47ab18 SetWindowOrgEx
0x47ab1c SetViewportOrgEx
0x47ab20 SetTextColor
0x47ab24 SetStretchBltMode
0x47ab28 SetROP2
0x47ab2c SetPixel
0x47ab30 SetDIBColorTable
0x47ab34 SetBrushOrgEx
0x47ab38 SetBkMode
0x47ab3c SetBkColor
0x47ab40 SelectPalette
0x47ab44 SelectObject
0x47ab48 SelectClipRgn
0x47ab4c SaveDC
0x47ab50 RestoreDC
0x47ab54 Rectangle
0x47ab58 RectVisible
0x47ab5c RealizePalette
0x47ab60 Polyline
0x47ab64 PatBlt
0x47ab68 MoveToEx
0x47ab6c MaskBlt
0x47ab70 LineTo
0x47ab74 IntersectClipRect
0x47ab78 GetWindowOrgEx
0x47ab7c GetTextMetricsA
0x47ab88 GetStockObject
0x47ab8c GetRgnBox
0x47ab90 GetPixel
0x47ab94 GetPaletteEntries
0x47ab98 GetObjectA
0x47ab9c GetDeviceCaps
0x47aba0 GetDIBits
0x47aba4 GetDIBColorTable
0x47aba8 GetDCOrgEx
0x47abb0 GetClipBox
0x47abb4 GetBrushOrgEx
0x47abb8 GetBitmapBits
0x47abbc ExcludeClipRect
0x47abc0 DeleteObject
0x47abc4 DeleteDC
0x47abc8 CreateSolidBrush
0x47abcc CreatePenIndirect
0x47abd0 CreatePalette
0x47abd8 CreateFontIndirectA
0x47abdc CreateDIBitmap
0x47abe0 CreateDIBSection
0x47abe4 CreateCompatibleDC
0x47abec CreateBrushIndirect
0x47abf0 CreateBitmap
0x47abf4 BitBlt
Library version.dll:
0x47abfc VerQueryValueA
0x47ac04 GetFileVersionInfoA
Library kernel32.dll:
0x47ac0c lstrcpyA
0x47ac10 WriteFile
0x47ac14 WaitForSingleObject
0x47ac18 VirtualQuery
0x47ac1c VirtualProtect
0x47ac20 VirtualAlloc
0x47ac24 SizeofResource
0x47ac28 SetThreadLocale
0x47ac2c SetFilePointer
0x47ac30 SetEvent
0x47ac34 SetErrorMode
0x47ac38 SetEndOfFile
0x47ac3c ResetEvent
0x47ac40 ReadFile
0x47ac44 MultiByteToWideChar
0x47ac48 MulDiv
0x47ac4c LockResource
0x47ac50 LoadResource
0x47ac54 LoadLibraryA
0x47ac60 GlobalFindAtomA
0x47ac64 GlobalDeleteAtom
0x47ac68 GlobalAddAtomA
0x47ac6c GetVersionExA
0x47ac70 GetVersion
0x47ac74 GetTickCount
0x47ac78 GetThreadLocale
0x47ac7c GetStdHandle
0x47ac80 GetProcAddress
0x47ac84 GetModuleHandleA
0x47ac88 GetModuleFileNameA
0x47ac8c GetLocaleInfoA
0x47ac90 GetLocalTime
0x47ac94 GetLastError
0x47ac98 GetFullPathNameA
0x47ac9c GetDiskFreeSpaceA
0x47aca0 GetDateFormatA
0x47aca4 GetCurrentThreadId
0x47aca8 GetCurrentProcessId
0x47acac GetCPInfo
0x47acb0 FreeResource
0x47acb4 InterlockedExchange
0x47acb8 FreeLibrary
0x47acbc FormatMessageA
0x47acc0 FindResourceA
0x47acc4 EnumCalendarInfoA
0x47acd0 CreateThread
0x47acd4 CreateFileA
0x47acd8 CreateEventA
0x47acdc CompareStringA
0x47ace0 CloseHandle
Library advapi32.dll:
0x47ace8 RegQueryValueExA
0x47acec RegOpenKeyExA
0x47acf0 RegFlushKey
0x47acf4 RegCloseKey
Library oleaut32.dll:
0x47acfc GetErrorInfo
0x47ad00 SysFreeString
Library ole32.dll:
0x47ad08 CoUninitialize
0x47ad0c CoInitialize
Library kernel32.dll:
0x47ad14 Sleep
Library oleaut32.dll:
0x47ad1c SafeArrayPtrOfIndex
0x47ad20 SafeArrayPutElement
0x47ad24 SafeArrayGetElement
0x47ad2c SafeArrayAccessData
0x47ad30 SafeArrayGetUBound
0x47ad34 SafeArrayGetLBound
0x47ad38 SafeArrayCreate
0x47ad3c VariantChangeType
0x47ad40 VariantCopyInd
0x47ad44 VariantCopy
0x47ad48 VariantClear
0x47ad4c VariantInit
Library comctl32.dll:
0x47ad54 _TrackMouseEvent
0x47ad60 ImageList_Write
0x47ad64 ImageList_Read
0x47ad6c ImageList_DragMove
0x47ad70 ImageList_DragLeave
0x47ad74 ImageList_DragEnter
0x47ad78 ImageList_EndDrag
0x47ad7c ImageList_BeginDrag
0x47ad80 ImageList_Remove
0x47ad84 ImageList_DrawEx
0x47ad88 ImageList_Draw
0x47ad94 ImageList_Add
0x47ad9c ImageList_Destroy
0x47ada0 ImageList_Create
Library opengl32.dll:
0x47ada8 glDeleteLists
Library advapi32.dll:
0x47adb0 QueryServiceStatus
0x47adb4 OpenServiceA
0x47adb8 OpenSCManagerA
0x47adbc CloseServiceHandle
Library url.dll:
0x47adc4 InetIsOffline

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 50568 114.114.114.114 53
192.168.56.101 51808 114.114.114.114 53
192.168.56.101 51963 114.114.114.114 53
192.168.56.101 53380 114.114.114.114 53
192.168.56.101 55368 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 60384 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49713 224.0.0.252 5355
192.168.56.101 51378 224.0.0.252 5355
192.168.56.101 53237 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 58367 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 62318 224.0.0.252 5355
192.168.56.101 62912 224.0.0.252 5355
192.168.56.101 65004 224.0.0.252 5355

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.