7.4
高危
53 个模型检测该样本为恶意!
重新分析
更多

b201c180da5e6cb1d70ae9e5a67bba023192f0024c69498876a960c58ed01ffd

eb5b86aede1604b341d9196fc11c12df.exe

分析耗时

69s

最近分析

文件大小

1.5MB
静态报毒 动态报毒 100% AI SCORE=83 AIDETECTVM ARTEMIS ATTRIBUTE BSCOPE CLASSIC CONFIDENCE DELF ELRO ELY@AONYBFNI EMPM EVFFSWCKVK GDSDA GENERICRXAA GIYWO GNMM HIGH CONFIDENCE HIGHCONFIDENCE HNKUZW INJECTS INVALIDSIG KCLOUD MALWARE2 MALWARE@#40VOR3K07B1C R007C0DKH20 REMCOSCRYPT S + TROJ SCORE UNSAFE ZELPHIF ZUSY 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
Alibaba Trojan:Win32/Injector.dc74cb17 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast Win32:Malware-gen 20210126 21.1.5827.0
Kingsoft Win32.Hack.Undef.(kcloud) 20210127 2017.9.26.565
McAfee GenericRXAA-AA!EB5B86AEDE16 20210127 6.0.6.653
CrowdStrike win/malicious_confidence_100% (W) 20210106 1.0
静态指标
This executable is signed
The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 个事件)
section .itext
The executable uses a known packer (1 个事件)
packer BobSoft Mini Delphi -> BoB / BobSoft
One or more processes crashed (1 个事件)
Time & API Arguments Status Return Repeated
1619999729.407046
__exception__
stacktrace: 
0x7294e2
DriverCallback+0x4e waveOutOpen-0xa2e winmm+0x3af0 @ 0x751d3af0
timeEndPeriod+0x54a timeKillEvent-0x57 winmm+0xa535 @ 0x751da535
timeEndPeriod+0x449 timeKillEvent-0x158 winmm+0xa434 @ 0x751da434
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 55442464
registers.edi: 55442508
registers.eax: 0
registers.ebp: 55443056
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 4294967294
exception.instruction_r: 8b 40 3c 99 03 04 24 13 54 24 04 83 c4 08 89 44
exception.instruction: mov eax, dword ptr [eax + 0x3c]
exception.exception_code: 0xc0000005
exception.symbol:
exception.address: 0x728c2c
success 0 0
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1619999681.110046
NtAllocateVirtualMemory
process_identifier: 2984
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00650000
success 0 0
Downloads a file or document from Google Drive (1 个事件)
domain drive.google.com
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1619999697.595046
GetAdaptersAddresses
flags: 0
family: 0
failed 111 0
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
Disables proxy possibly for traffic interception (1 个事件)
Time & API Arguments Status Return Repeated
1619999697.032046
RegSetValueExA
key_handle: 0x000002b8
value: 0
regkey_r: ProxyEnable
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
success 0 0
Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)
Time & API Arguments Status Return Repeated
1619999700.157046
RegSetValueExA
key_handle: 0x000003a8
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1619999700.173046
RegSetValueExA
key_handle: 0x000003a8
value: Ã]íŽ?×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1619999700.173046
RegSetValueExA
key_handle: 0x000003a8
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1619999700.173046
RegSetValueExW
key_handle: 0x000003a8
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1619999700.173046
RegSetValueExA
key_handle: 0x000003c4
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1619999700.173046
RegSetValueExA
key_handle: 0x000003c4
value: Ã]íŽ?×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1619999700.173046
RegSetValueExA
key_handle: 0x000003c4
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
1619999700.188046
RegSetValueExW
key_handle: 0x000003a4
value: {40112ABE-63B3-43C3-BE93-1440EE3AF106}
regkey_r: WpadLastNetwork
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
success 0 0
Network activity contains more than one unique useragent (2 个事件)
process eb5b86aede1604b341d9196fc11c12df.exe useragent Internal
process eb5b86aede1604b341d9196fc11c12df.exe useragent CODE
Generates some ICMP traffic
Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually) (1 个事件)
dead_host 31.13.83.1:443
File has been identified by 53 AntiVirus engines on VirusTotal as malicious (50 out of 53 个事件)
Bkav W32.AIDetectVM.malware2
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Zusy.308933
FireEye Generic.mg.eb5b86aede1604b3
ALYac Gen:Variant.Zusy.308933
Cylance Unsafe
Sangfor Malware
K7AntiVirus Trojan ( 0056a7241 )
Alibaba Trojan:Win32/Injector.dc74cb17
K7GW Trojan ( 0056a7241 )
Cybereason malicious.ede160
Arcabit Trojan.Zusy.D4B6C5
BitDefenderTheta Gen:NN.ZelphiF.34780.ELY@aOnybFni
Cyren W32/Trojan.GNMM-2456
Symantec ML.Attribute.HighConfidence
APEX Malicious
Avast Win32:Malware-gen
Kaspersky HEUR:Trojan.Win32.Injects.gen
BitDefender Gen:Variant.Zusy.308933
NANO-Antivirus Trojan.Win32.Injects.hnkuzw
Ad-Aware Gen:Variant.Zusy.308933
Emsisoft Gen:Variant.Zusy.308933 (B)
Comodo Malware@#40vor3k07b1c
F-Secure Trojan.TR/Injector.giywo
VIPRE Trojan.Win32.Generic!BT
TrendMicro TROJ_GEN.R007C0DKH20
McAfee-GW-Edition Artemis!Trojan
Sophos Mal/Generic-S + Troj/Inject-GEV
Jiangmin Trojan.Injects.le
eGambit PE.Heur.InvalidSig
Avira TR/Injector.giywo
Antiy-AVL Trojan/Win32.Injects
Kingsoft Win32.Hack.Undef.(kcloud)
Microsoft Trojan:Win32/RemcosCrypt.ACH!MTB
AegisLab Trojan.Win32.Injects.4!c
ZoneAlarm HEUR:Trojan.Win32.Injects.gen
GData Win32.Trojan-Downloader.Delf.Y
Cynet Malicious (score: 90)
AhnLab-V3 Malware/Win32.Generic.C4158634
McAfee GenericRXAA-AA!EB5B86AEDE16
MAX malware (ai score=83)
VBA32 BScope.Trojan.Downloader
Malwarebytes Trojan.MalPack.SMY
ESET-NOD32 a variant of Win32/Injector.EMPM
TrendMicro-HouseCall TROJ_GEN.R007C0DKH20
Rising Trojan.Injector!1.C8F2 (CLASSIC)
Yandex Trojan.Injects!/eVFFswckvk
Ikarus Trojan.Inject
Fortinet W32/Injector.ELRO!tr
AVG Win32:Malware-gen
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

1992-06-20 06:22:17

Imports

Library oleaut32.dll:
0x47e78c SysFreeString
0x47e790 SysReAllocStringLen
0x47e794 SysAllocStringLen
Library advapi32.dll:
0x47e79c RegQueryValueExA
0x47e7a0 RegOpenKeyExA
0x47e7a4 RegCloseKey
Library user32.dll:
0x47e7ac GetKeyboardType
0x47e7b0 DestroyWindow
0x47e7b4 LoadStringA
0x47e7b8 MessageBoxA
0x47e7bc CharNextA
Library kernel32.dll:
0x47e7c4 GetACP
0x47e7c8 Sleep
0x47e7cc VirtualFree
0x47e7d0 VirtualAlloc
0x47e7d4 GetTickCount
0x47e7dc GetCurrentThreadId
0x47e7e8 VirtualQuery
0x47e7ec WideCharToMultiByte
0x47e7f0 MultiByteToWideChar
0x47e7f4 lstrlenA
0x47e7f8 lstrcpynA
0x47e7fc LoadLibraryExA
0x47e800 GetThreadLocale
0x47e804 GetStartupInfoA
0x47e808 GetProcAddress
0x47e80c GetModuleHandleA
0x47e810 GetModuleFileNameA
0x47e814 GetLocaleInfoA
0x47e818 GetCommandLineA
0x47e81c FreeLibrary
0x47e820 FindFirstFileA
0x47e824 FindClose
0x47e828 ExitProcess
0x47e82c CompareStringA
0x47e830 WriteFile
0x47e838 RtlUnwind
0x47e83c RaiseException
0x47e840 GetStdHandle
Library kernel32.dll:
0x47e848 TlsSetValue
0x47e84c TlsGetValue
0x47e850 LocalAlloc
0x47e854 GetModuleHandleA
Library user32.dll:
0x47e85c CreateWindowExA
0x47e860 WindowFromPoint
0x47e864 WaitMessage
0x47e868 UpdateWindow
0x47e86c UnregisterClassA
0x47e870 UnhookWindowsHookEx
0x47e874 TranslateMessage
0x47e87c TrackPopupMenu
0x47e884 ShowWindow
0x47e888 ShowScrollBar
0x47e88c ShowOwnedPopups
0x47e890 SetWindowsHookExA
0x47e894 SetWindowTextA
0x47e898 SetWindowPos
0x47e89c SetWindowPlacement
0x47e8a0 SetWindowLongW
0x47e8a4 SetWindowLongA
0x47e8a8 SetTimer
0x47e8ac SetScrollRange
0x47e8b0 SetScrollPos
0x47e8b4 SetScrollInfo
0x47e8b8 SetRect
0x47e8bc SetPropA
0x47e8c0 SetParent
0x47e8c4 SetMenuItemInfoA
0x47e8c8 SetMenu
0x47e8cc SetForegroundWindow
0x47e8d0 SetFocus
0x47e8d4 SetCursor
0x47e8d8 SetClassLongA
0x47e8dc SetCapture
0x47e8e0 SetActiveWindow
0x47e8e4 SendMessageW
0x47e8e8 SendMessageA
0x47e8ec ScrollWindow
0x47e8f0 ScreenToClient
0x47e8f4 RemovePropA
0x47e8f8 RemoveMenu
0x47e8fc ReleaseDC
0x47e900 ReleaseCapture
0x47e90c RegisterClassA
0x47e910 RedrawWindow
0x47e914 PtInRect
0x47e918 PostQuitMessage
0x47e91c PostMessageA
0x47e920 PeekMessageW
0x47e924 PeekMessageA
0x47e928 OffsetRect
0x47e92c OemToCharA
0x47e930 MessageBoxA
0x47e934 MapWindowPoints
0x47e938 MapVirtualKeyA
0x47e93c LoadStringA
0x47e940 LoadKeyboardLayoutA
0x47e944 LoadIconA
0x47e948 LoadCursorA
0x47e94c LoadBitmapA
0x47e950 KillTimer
0x47e954 IsZoomed
0x47e958 IsWindowVisible
0x47e95c IsWindowUnicode
0x47e960 IsWindowEnabled
0x47e964 IsWindow
0x47e968 IsRectEmpty
0x47e96c IsIconic
0x47e970 IsDialogMessageW
0x47e974 IsDialogMessageA
0x47e978 IsChild
0x47e97c InvalidateRect
0x47e980 IntersectRect
0x47e984 InsertMenuItemA
0x47e988 InsertMenuA
0x47e98c InflateRect
0x47e994 GetWindowTextA
0x47e998 GetWindowRect
0x47e99c GetWindowPlacement
0x47e9a0 GetWindowLongW
0x47e9a4 GetWindowLongA
0x47e9a8 GetWindowDC
0x47e9ac GetTopWindow
0x47e9b0 GetSystemMetrics
0x47e9b4 GetSystemMenu
0x47e9b8 GetSysColorBrush
0x47e9bc GetSysColor
0x47e9c0 GetSubMenu
0x47e9c4 GetScrollRange
0x47e9c8 GetScrollPos
0x47e9cc GetScrollInfo
0x47e9d0 GetPropA
0x47e9d4 GetParent
0x47e9d8 GetWindow
0x47e9dc GetMessagePos
0x47e9e0 GetMenuStringA
0x47e9e4 GetMenuState
0x47e9e8 GetMenuItemInfoA
0x47e9ec GetMenuItemID
0x47e9f0 GetMenuItemCount
0x47e9f4 GetMenu
0x47e9f8 GetLastActivePopup
0x47e9fc GetKeyboardState
0x47ea08 GetKeyboardLayout
0x47ea0c GetKeyState
0x47ea10 GetKeyNameTextA
0x47ea14 GetIconInfo
0x47ea18 GetForegroundWindow
0x47ea1c GetFocus
0x47ea20 GetDesktopWindow
0x47ea24 GetDCEx
0x47ea28 GetDC
0x47ea2c GetCursorPos
0x47ea30 GetCursor
0x47ea34 GetClientRect
0x47ea38 GetClassLongA
0x47ea3c GetClassInfoA
0x47ea40 GetCapture
0x47ea44 GetActiveWindow
0x47ea48 FrameRect
0x47ea4c FindWindowA
0x47ea50 FillRect
0x47ea54 EqualRect
0x47ea58 EnumWindows
0x47ea5c EnumThreadWindows
0x47ea60 EnumChildWindows
0x47ea64 EndPaint
0x47ea68 EnableWindow
0x47ea6c EnableScrollBar
0x47ea70 EnableMenuItem
0x47ea74 DrawTextA
0x47ea78 DrawMenuBar
0x47ea7c DrawIconEx
0x47ea80 DrawIcon
0x47ea84 DrawFrameControl
0x47ea88 DrawEdge
0x47ea8c DispatchMessageW
0x47ea90 DispatchMessageA
0x47ea94 DestroyWindow
0x47ea98 DestroyMenu
0x47ea9c DestroyIcon
0x47eaa0 DestroyCursor
0x47eaa4 DeleteMenu
0x47eaa8 DefWindowProcA
0x47eaac DefMDIChildProcA
0x47eab0 DefFrameProcA
0x47eab4 CreatePopupMenu
0x47eab8 CreateMenu
0x47eabc CreateIcon
0x47eac0 ClientToScreen
0x47eac4 CheckMenuItem
0x47eac8 CharNextW
0x47eacc CallWindowProcA
0x47ead0 CallNextHookEx
0x47ead4 BeginPaint
0x47ead8 CharNextA
0x47eadc CharLowerA
0x47eae0 CharUpperBuffA
0x47eae4 CharToOemA
0x47eae8 AdjustWindowRectEx
Library gdi32.dll:
0x47eaf4 UnrealizeObject
0x47eaf8 StretchBlt
0x47eafc SetWindowOrgEx
0x47eb00 SetViewportOrgEx
0x47eb04 SetTextColor
0x47eb08 SetStretchBltMode
0x47eb0c SetROP2
0x47eb10 SetPixel
0x47eb14 SetDIBColorTable
0x47eb18 SetBrushOrgEx
0x47eb1c SetBkMode
0x47eb20 SetBkColor
0x47eb24 SelectPalette
0x47eb28 SelectObject
0x47eb2c SelectClipRgn
0x47eb30 SaveDC
0x47eb34 RestoreDC
0x47eb38 Rectangle
0x47eb3c RectVisible
0x47eb40 RealizePalette
0x47eb44 Polyline
0x47eb48 PatBlt
0x47eb4c MoveToEx
0x47eb50 MaskBlt
0x47eb54 LineTo
0x47eb58 IntersectClipRect
0x47eb5c GetWindowOrgEx
0x47eb60 GetTextMetricsA
0x47eb6c GetStockObject
0x47eb70 GetRgnBox
0x47eb74 GetPixel
0x47eb78 GetPaletteEntries
0x47eb7c GetObjectA
0x47eb80 GetDeviceCaps
0x47eb84 GetDIBits
0x47eb88 GetDIBColorTable
0x47eb8c GetDCOrgEx
0x47eb94 GetClipBox
0x47eb98 GetBrushOrgEx
0x47eb9c GetBitmapBits
0x47eba0 ExcludeClipRect
0x47eba4 DeleteObject
0x47eba8 DeleteDC
0x47ebac CreateSolidBrush
0x47ebb0 CreatePenIndirect
0x47ebb4 CreatePalette
0x47ebbc CreateFontIndirectA
0x47ebc0 CreateDIBitmap
0x47ebc4 CreateDIBSection
0x47ebc8 CreateCompatibleDC
0x47ebd0 CreateBrushIndirect
0x47ebd4 CreateBitmap
0x47ebd8 BitBlt
Library version.dll:
0x47ebe0 VerQueryValueA
0x47ebe8 GetFileVersionInfoA
Library kernel32.dll:
0x47ebf0 lstrcpyA
0x47ebf4 WriteFile
0x47ebf8 WaitForSingleObject
0x47ebfc VirtualQuery
0x47ec00 VirtualProtect
0x47ec04 VirtualAlloc
0x47ec08 SizeofResource
0x47ec0c SetThreadLocale
0x47ec10 SetFilePointer
0x47ec14 SetEvent
0x47ec18 SetErrorMode
0x47ec1c SetEndOfFile
0x47ec20 ResetEvent
0x47ec24 ReadFile
0x47ec28 MultiByteToWideChar
0x47ec2c MulDiv
0x47ec30 LockResource
0x47ec34 LoadResource
0x47ec38 LoadLibraryA
0x47ec44 GlobalFindAtomA
0x47ec48 GlobalDeleteAtom
0x47ec4c GlobalAddAtomA
0x47ec50 GetVersionExA
0x47ec54 GetVersion
0x47ec58 GetTickCount
0x47ec5c GetThreadLocale
0x47ec60 GetStdHandle
0x47ec64 GetProcAddress
0x47ec68 GetModuleHandleA
0x47ec6c GetModuleFileNameA
0x47ec70 GetLocaleInfoA
0x47ec74 GetLocalTime
0x47ec78 GetLastError
0x47ec7c GetFullPathNameA
0x47ec80 GetDiskFreeSpaceA
0x47ec84 GetDateFormatA
0x47ec88 GetCurrentThreadId
0x47ec8c GetCurrentProcessId
0x47ec90 GetCPInfo
0x47ec94 FreeResource
0x47ec98 InterlockedExchange
0x47ec9c FreeLibrary
0x47eca0 FormatMessageA
0x47eca4 FindResourceA
0x47eca8 EnumCalendarInfoA
0x47ecb4 CreateThread
0x47ecb8 CreateFileA
0x47ecbc CreateEventA
0x47ecc0 CompareStringA
0x47ecc4 CloseHandle
Library advapi32.dll:
0x47eccc RegQueryValueExA
0x47ecd0 RegOpenKeyExA
0x47ecd4 RegFlushKey
0x47ecd8 RegCloseKey
Library oleaut32.dll:
0x47ece0 GetErrorInfo
0x47ece4 SysFreeString
Library ole32.dll:
0x47ecec CoUninitialize
0x47ecf0 CoInitialize
Library kernel32.dll:
0x47ecf8 Sleep
Library oleaut32.dll:
0x47ed00 SafeArrayPtrOfIndex
0x47ed04 SafeArrayPutElement
0x47ed08 SafeArrayGetElement
0x47ed10 SafeArrayAccessData
0x47ed14 SafeArrayGetUBound
0x47ed18 SafeArrayGetLBound
0x47ed1c SafeArrayCreate
0x47ed20 VariantChangeType
0x47ed24 VariantCopyInd
0x47ed28 VariantCopy
0x47ed2c VariantClear
0x47ed30 VariantInit
Library comctl32.dll:
0x47ed38 _TrackMouseEvent
0x47ed44 ImageList_Write
0x47ed48 ImageList_Read
0x47ed54 ImageList_DragMove
0x47ed58 ImageList_DragLeave
0x47ed5c ImageList_DragEnter
0x47ed60 ImageList_EndDrag
0x47ed64 ImageList_BeginDrag
0x47ed68 ImageList_Remove
0x47ed6c ImageList_DrawEx
0x47ed70 ImageList_Replace
0x47ed74 ImageList_Draw
0x47ed80 ImageList_Add
0x47ed88 ImageList_Destroy
0x47ed8c ImageList_Create
Library shell32.dll:
0x47ed94 ShellExecuteA
Library advapi32.dll:
0x47ed9c QueryServiceStatus
0x47eda0 OpenServiceA
0x47eda4 OpenSCManagerA
0x47eda8 CloseServiceHandle

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 51378 114.114.114.114 53
192.168.56.101 51963 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 58367 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 53657 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 50535 239.255.255.250 3702
192.168.56.101 56540 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58707 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.