SmartHawk

4.6

中危

该样本未表现出任何异常！

重新分析

下载样本

f4d7b562c21c2cdc042ac89521a10276f0f7d5377e741a448e49ea65e7acf283

ffd260d33e167e55000ef8549173d70e.exe

分析耗时

88s

最近分析

文件大小

1.0MB

静态报毒动态报毒

未检测暂无鹰眼引擎检测结果

未检测暂无反病毒引擎检测结果

The executable contains unknown PE section names indicative of a packer (could be a false positive) (3 个事件)

section	CODE
section	DATA
section	BSS

One or more processes crashed (1 个事件)

Time & API	Arguments	Status	Return	Repeated
1620841595.493999 __exception__	stacktrace: registers.esp: 58261036 registers.edi: 54013252 registers.eax: 0 registers.ebp: 0 registers.edx: 0 registers.ebx: 0 registers.esi: 16 registers.ecx: 0 exception.instruction_r: 8b 41 3c 99 03 04 24 13 54 24 04 83 c4 08 89 04 exception.instruction: mov eax, dword ptr [ecx + 0x3c] exception.exception_code: 0xc0000005 exception.symbol: exception.address: 0x33828c5	success	0	0

Allocates read-write-execute memory (usually to unpack itself) (1 个事件)

Time & API	Arguments	Status	Return	Repeated
1620841538.337999 NtAllocateVirtualMemory	process_identifier: 2712 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x01d60000	success	0	0

Downloads a file or document from Google Drive (1 个事件)

domain

drive.google.com

Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)

Time & API	Arguments	Status	Return	Repeated
1620841559.665999 GetAdaptersAddresses	flags: 0 family: 0	failed	111	0

Communicates with host for which no DNS query was performed (1 个事件)

host

172.217.24.14

Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)

Time & API	Arguments	Status
1620841562.259999 RegSetValueExA	key_handle: 0x000003c8 value: 1 regkey_r: WpadDecisionReason reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason	success
1620841562.259999 RegSetValueExA	key_handle: 0x000003c8 value: À`.'G× regkey_r: WpadDecisionTime reg_type: 3 (REG_BINARY) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime	success
1620841562.259999 RegSetValueExA	key_handle: 0x000003c8 value: 3 regkey_r: WpadDecision reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision	success
1620841562.259999 RegSetValueExW	key_handle: 0x000003c8 value: 网络 2 regkey_r: WpadNetworkName reg_type: 1 (REG_SZ) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName	success
1620841562.259999 RegSetValueExA	key_handle: 0x000003e0 value: 1 regkey_r: WpadDecisionReason reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason	success
1620841562.259999 RegSetValueExA	key_handle: 0x000003e0 value: À`.'G× regkey_r: WpadDecisionTime reg_type: 3 (REG_BINARY) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime	success
1620841562.259999 RegSetValueExA	key_handle: 0x000003e0 value: 3 regkey_r: WpadDecision reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision	success
1620841562.290999 RegSetValueExW	key_handle: 0x000003c4 value: {40112ABE-63B3-43C3-BE93-1440EE3AF106} regkey_r: WpadLastNetwork reg_type: 1 (REG_SZ) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork	success

Generates some ICMP traffic

Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually) (1 个事件)

dead_host

162.125.18.133:443

暂无二进制图像该样本未生成二进制可视化图像

暂无运行截图该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手，可以帮您分析和解读恶意软件报告。请随时向我提问！

🔍 主要威胁分析

⚡ 行为特征

🛡️ 防护建议

🔧 技术手段

🎯 检测方法

🤖

Static Analysis
Strings

PE Compile Time

1992-06-20 06:22:17

Imports

Library kernel32.dll:

• 0x49e190 DeleteCriticalSection

• 0x49e194 LeaveCriticalSection

• 0x49e198 EnterCriticalSection

• 0x49e19c InitializeCriticalSection

• 0x49e1a0 VirtualFree

• 0x49e1a4 VirtualAlloc

• 0x49e1a8 LocalFree

• 0x49e1ac LocalAlloc

• 0x49e1b0 GetVersion

• 0x49e1b4 GetCurrentThreadId

• 0x49e1b8 InterlockedDecrement

• 0x49e1bc InterlockedIncrement

• 0x49e1c0 VirtualQuery

• 0x49e1c4 WideCharToMultiByte

• 0x49e1c8 MultiByteToWideChar

• 0x49e1cc lstrlenA

• 0x49e1d0 lstrcpynA

• 0x49e1d4 LoadLibraryExA

• 0x49e1d8 GetThreadLocale

• 0x49e1dc GetStartupInfoA

• 0x49e1e0 GetProcAddress

• 0x49e1e4 GetModuleHandleA

• 0x49e1e8 GetModuleFileNameA

• 0x49e1ec GetLocaleInfoA

• 0x49e1f0 GetCommandLineA

• 0x49e1f4 FreeLibrary

• 0x49e1f8 FindFirstFileA

• 0x49e1fc FindClose

• 0x49e200 ExitProcess

• 0x49e204 WriteFile

• 0x49e208 UnhandledExceptionFilter

• 0x49e20c RtlUnwind

• 0x49e210 RaiseException

• 0x49e214 GetStdHandle

Library user32.dll:

• 0x49e21c GetKeyboardType

• 0x49e220 LoadStringA

• 0x49e224 MessageBoxA

• 0x49e228 CharNextA

Library advapi32.dll:

• 0x49e230 RegQueryValueExA

• 0x49e234 RegOpenKeyExA

• 0x49e238 RegCloseKey

Library oleaut32.dll:

• 0x49e240 SysFreeString

• 0x49e244 SysReAllocStringLen

• 0x49e248 SysAllocStringLen

Library kernel32.dll:

• 0x49e250 TlsSetValue

• 0x49e254 TlsGetValue

• 0x49e258 LocalAlloc

• 0x49e25c GetModuleHandleA

Library advapi32.dll:

• 0x49e264 RegQueryValueExA

• 0x49e268 RegOpenKeyExA

• 0x49e26c RegCloseKey

Library kernel32.dll:

• 0x49e274 lstrcpyA

• 0x49e278 WriteFile

• 0x49e27c WinExec

• 0x49e280 WaitForSingleObject

• 0x49e284 VirtualQuery

• 0x49e288 VirtualProtect

• 0x49e28c VirtualAlloc

• 0x49e290 Sleep

• 0x49e294 SizeofResource

• 0x49e298 SetThreadLocale

• 0x49e29c SetFilePointer

• 0x49e2a0 SetEvent

• 0x49e2a4 SetErrorMode

• 0x49e2a8 SetEndOfFile

• 0x49e2ac ResetEvent

• 0x49e2b0 ReadFile

• 0x49e2b4 MultiByteToWideChar

• 0x49e2b8 MulDiv

• 0x49e2bc LockResource

• 0x49e2c0 LoadResource

• 0x49e2c4 LoadLibraryA

• 0x49e2c8 LeaveCriticalSection

• 0x49e2cc InitializeCriticalSection

• 0x49e2d0 GlobalUnlock

• 0x49e2d4 GlobalSize

• 0x49e2d8 GlobalReAlloc

• 0x49e2dc GlobalHandle

• 0x49e2e0 GlobalLock

• 0x49e2e4 GlobalFree

• 0x49e2e8 GlobalFindAtomA

• 0x49e2ec GlobalDeleteAtom

• 0x49e2f0 GlobalAlloc

• 0x49e2f4 GlobalAddAtomA

• 0x49e2f8 GetVersionExA

• 0x49e2fc GetVersion

• 0x49e300 GetUserDefaultLCID

• 0x49e304 GetTickCount

• 0x49e308 GetThreadLocale

• 0x49e30c GetSystemInfo

• 0x49e310 GetStringTypeExA

• 0x49e314 GetStdHandle

• 0x49e318 GetProfileStringA

• 0x49e31c GetProcAddress

• 0x49e320 GetModuleHandleA

• 0x49e324 GetModuleFileNameA

• 0x49e328 GetLocaleInfoA

• 0x49e32c GetLocalTime

• 0x49e330 GetLastError

• 0x49e334 GetFullPathNameA

• 0x49e338 GetDiskFreeSpaceA

• 0x49e33c GetDateFormatA

• 0x49e340 GetCurrentThreadId

• 0x49e344 GetCurrentProcessId

• 0x49e348 GetCPInfo

• 0x49e34c GetACP

• 0x49e350 FreeResource

• 0x49e354 InterlockedExchange

• 0x49e358 FreeLibrary

• 0x49e35c FormatMessageA

• 0x49e360 FindResourceA

• 0x49e364 FindFirstFileA

• 0x49e368 FindClose

• 0x49e36c FileTimeToLocalFileTime

• 0x49e370 FileTimeToDosDateTime

• 0x49e374 EnumCalendarInfoA

• 0x49e378 EnterCriticalSection

• 0x49e37c DeleteCriticalSection

• 0x49e380 CreateThread

• 0x49e384 CreateFileA

• 0x49e388 CreateEventA

• 0x49e38c CompareStringA

• 0x49e390 CloseHandle

Library version.dll:

• 0x49e398 VerQueryValueA

• 0x49e39c GetFileVersionInfoSizeA

• 0x49e3a0 GetFileVersionInfoA

Library gdi32.dll:

• 0x49e3a8 UnrealizeObject

• 0x49e3ac StretchBlt

• 0x49e3b0 StartPage

• 0x49e3b4 StartDocA

• 0x49e3b8 SetWindowOrgEx

• 0x49e3bc SetWinMetaFileBits

• 0x49e3c0 SetViewportOrgEx

• 0x49e3c4 SetTextColor

• 0x49e3c8 SetStretchBltMode

• 0x49e3cc SetROP2

• 0x49e3d0 SetPixel

• 0x49e3d4 SetMapMode

• 0x49e3d8 SetEnhMetaFileBits

• 0x49e3dc SetDIBColorTable

• 0x49e3e0 SetBrushOrgEx

• 0x49e3e4 SetBkMode

• 0x49e3e8 SetBkColor

• 0x49e3ec SetAbortProc

• 0x49e3f0 SelectPalette

• 0x49e3f4 SelectObject

• 0x49e3f8 SaveDC

• 0x49e3fc RestoreDC

• 0x49e400 Rectangle

• 0x49e404 RectVisible

• 0x49e408 RealizePalette

• 0x49e40c Polyline

• 0x49e410 PlayEnhMetaFile

• 0x49e414 PatBlt

• 0x49e418 MoveToEx

• 0x49e41c MaskBlt

• 0x49e420 LineTo

• 0x49e424 IntersectClipRect

• 0x49e428 GetWindowOrgEx

• 0x49e42c GetWinMetaFileBits

• 0x49e430 GetTextMetricsA

• 0x49e434 GetTextExtentPoint32A

• 0x49e438 GetSystemPaletteEntries

• 0x49e43c GetStockObject

• 0x49e440 GetPixel

• 0x49e444 GetPaletteEntries

• 0x49e448 GetObjectA

• 0x49e44c GetEnhMetaFilePaletteEntries

• 0x49e450 GetEnhMetaFileHeader

• 0x49e454 GetEnhMetaFileDescriptionA

• 0x49e458 GetEnhMetaFileBits

• 0x49e45c GetDeviceCaps

• 0x49e460 GetDIBits

• 0x49e464 GetDIBColorTable

• 0x49e468 GetDCOrgEx

• 0x49e46c GetCurrentPositionEx

• 0x49e470 GetClipBox

• 0x49e474 GetBrushOrgEx

• 0x49e478 GetBitmapBits

• 0x49e47c GdiFlush

• 0x49e480 ExcludeClipRect

• 0x49e484 EndPage

• 0x49e488 EndDoc

• 0x49e48c DeleteObject

• 0x49e490 DeleteEnhMetaFile

• 0x49e494 DeleteDC

• 0x49e498 CreateSolidBrush

• 0x49e49c CreatePenIndirect

• 0x49e4a0 CreatePalette

• 0x49e4a4 CreateICA

• 0x49e4a8 CreateHalftonePalette

• 0x49e4ac CreateFontIndirectA

• 0x49e4b0 CreateEnhMetaFileA

• 0x49e4b4 CreateDIBitmap

• 0x49e4b8 CreateDIBSection

• 0x49e4bc CreateDCA

• 0x49e4c0 CreateCompatibleDC

• 0x49e4c4 CreateCompatibleBitmap

• 0x49e4c8 CreateBrushIndirect

• 0x49e4cc CreateBitmap

• 0x49e4d0 CopyEnhMetaFileA

• 0x49e4d4 CloseEnhMetaFile

• 0x49e4d8 BitBlt

Library user32.dll:

• 0x49e4e0 CreateWindowExA

• 0x49e4e4 WindowFromPoint

• 0x49e4e8 WinHelpA

• 0x49e4ec WaitMessage

• 0x49e4f0 UpdateWindow

• 0x49e4f4 UnregisterClassA

• 0x49e4f8 UnhookWindowsHookEx

• 0x49e4fc TranslateMessage

• 0x49e500 TranslateMDISysAccel

• 0x49e504 TrackPopupMenu

• 0x49e508 SystemParametersInfoA

• 0x49e50c ShowWindow

• 0x49e510 ShowScrollBar

• 0x49e514 ShowOwnedPopups

• 0x49e518 ShowCursor

• 0x49e51c SetWindowsHookExA

• 0x49e520 SetWindowTextA

• 0x49e524 SetWindowPos

• 0x49e528 SetWindowPlacement

• 0x49e52c SetWindowLongA

• 0x49e530 SetTimer

• 0x49e534 SetScrollRange

• 0x49e538 SetScrollPos

• 0x49e53c SetScrollInfo

• 0x49e540 SetRect

• 0x49e544 SetPropA

• 0x49e548 SetParent

• 0x49e54c SetMenuItemInfoA

• 0x49e550 SetMenu

• 0x49e554 SetForegroundWindow

• 0x49e558 SetFocus

• 0x49e55c SetCursor

• 0x49e560 SetClipboardData

• 0x49e564 SetClassLongA

• 0x49e568 SetCapture

• 0x49e56c SetActiveWindow

• 0x49e570 SendMessageA

• 0x49e574 ScrollWindow

• 0x49e578 ScreenToClient

• 0x49e57c RemovePropA

• 0x49e580 RemoveMenu

• 0x49e584 ReleaseDC

• 0x49e588 ReleaseCapture

• 0x49e58c RegisterWindowMessageA

• 0x49e590 RegisterClipboardFormatA

• 0x49e594 RegisterClassA

• 0x49e598 RedrawWindow

• 0x49e59c PtInRect

• 0x49e5a0 PostQuitMessage

• 0x49e5a4 PostMessageA

• 0x49e5a8 PeekMessageA

• 0x49e5ac OpenClipboard

• 0x49e5b0 OffsetRect

• 0x49e5b4 OemToCharA

• 0x49e5b8 MessageBoxA

• 0x49e5bc MapWindowPoints

• 0x49e5c0 MapVirtualKeyA

• 0x49e5c4 LoadStringA

• 0x49e5c8 LoadKeyboardLayoutA

• 0x49e5cc LoadIconA

• 0x49e5d0 LoadCursorA

• 0x49e5d4 LoadBitmapA

• 0x49e5d8 KillTimer

• 0x49e5dc IsZoomed

• 0x49e5e0 IsWindowVisible

• 0x49e5e4 IsWindowEnabled

• 0x49e5e8 IsWindow

• 0x49e5ec IsRectEmpty

• 0x49e5f0 IsIconic

• 0x49e5f4 IsDialogMessageA

• 0x49e5f8 IsClipboardFormatAvailable

• 0x49e5fc IsChild

• 0x49e600 InvalidateRect

• 0x49e604 IntersectRect

• 0x49e608 InsertMenuItemA

• 0x49e60c InsertMenuA

• 0x49e610 InflateRect

• 0x49e614 GetWindowThreadProcessId

• 0x49e618 GetWindowTextA

• 0x49e61c GetWindowRect

• 0x49e620 GetWindowPlacement

• 0x49e624 GetWindowLongA

• 0x49e628 GetWindowDC

• 0x49e62c GetUpdateRect

• 0x49e630 GetTopWindow

• 0x49e634 GetSystemMetrics

• 0x49e638 GetSystemMenu

• 0x49e63c GetSysColorBrush

• 0x49e640 GetSysColor

• 0x49e644 GetSubMenu

• 0x49e648 GetScrollRange

• 0x49e64c GetScrollPos

• 0x49e650 GetScrollInfo

• 0x49e654 GetPropA

• 0x49e658 GetParent

• 0x49e65c GetWindow

• 0x49e660 GetMessageTime

• 0x49e664 GetMenuStringA

• 0x49e668 GetMenuState

• 0x49e66c GetMenuItemInfoA

• 0x49e670 GetMenuItemID

• 0x49e674 GetMenuItemCount

• 0x49e678 GetMenu

• 0x49e67c GetLastActivePopup

• 0x49e680 GetKeyboardState

• 0x49e684 GetKeyboardLayoutList

• 0x49e688 GetKeyboardLayout

• 0x49e68c GetKeyState

• 0x49e690 GetKeyNameTextA

• 0x49e694 GetIconInfo

• 0x49e698 GetForegroundWindow

• 0x49e69c GetFocus

• 0x49e6a0 GetDesktopWindow

• 0x49e6a4 GetDCEx

• 0x49e6a8 GetDC

• 0x49e6ac GetCursorPos

• 0x49e6b0 GetCursor

• 0x49e6b4 GetClipboardData

• 0x49e6b8 GetClientRect

• 0x49e6bc GetClassNameA

• 0x49e6c0 GetClassInfoA

• 0x49e6c4 GetCapture

• 0x49e6c8 GetActiveWindow

• 0x49e6cc FrameRect

• 0x49e6d0 FindWindowA

• 0x49e6d4 FillRect

• 0x49e6d8 EqualRect

• 0x49e6dc EnumWindows

• 0x49e6e0 EnumThreadWindows

• 0x49e6e4 EnumClipboardFormats

• 0x49e6e8 EndPaint

• 0x49e6ec EnableWindow

• 0x49e6f0 EnableScrollBar

• 0x49e6f4 EnableMenuItem

• 0x49e6f8 EmptyClipboard

• 0x49e6fc DrawTextA

• 0x49e700 DrawMenuBar

• 0x49e704 DrawIconEx

• 0x49e708 DrawIcon

• 0x49e70c DrawFrameControl

• 0x49e710 DrawFocusRect

• 0x49e714 DrawEdge

• 0x49e718 DispatchMessageA

• 0x49e71c DestroyWindow

• 0x49e720 DestroyMenu

• 0x49e724 DestroyIcon

• 0x49e728 DestroyCursor

• 0x49e72c DeleteMenu

• 0x49e730 DefWindowProcA

• 0x49e734 DefMDIChildProcA

• 0x49e738 DefFrameProcA

• 0x49e73c CreatePopupMenu

• 0x49e740 CreateMenu

• 0x49e744 CreateIcon

• 0x49e748 CloseClipboard

• 0x49e74c ClientToScreen

• 0x49e750 CheckMenuItem

• 0x49e754 CallWindowProcA

• 0x49e758 CallNextHookEx

• 0x49e75c BeginPaint

• 0x49e760 CharNextA

• 0x49e764 CharLowerBuffA

• 0x49e768 CharLowerA

• 0x49e76c CharToOemA

• 0x49e770 AdjustWindowRectEx

• 0x49e774 ActivateKeyboardLayout

Library kernel32.dll:

• 0x49e77c Sleep

Library oleaut32.dll:

• 0x49e784 SafeArrayPtrOfIndex

• 0x49e788 SafeArrayGetUBound

• 0x49e78c SafeArrayGetLBound

• 0x49e790 SafeArrayCreate

• 0x49e794 VariantChangeType

• 0x49e798 VariantCopy

• 0x49e79c VariantClear

• 0x49e7a0 VariantInit

Library ole32.dll:

• 0x49e7a8 CreateStreamOnHGlobal

• 0x49e7ac IsAccelerator

• 0x49e7b0 OleDraw

• 0x49e7b4 OleSetMenuDescriptor

• 0x49e7b8 CoCreateInstance

• 0x49e7bc CoGetClassObject

• 0x49e7c0 CoUninitialize

• 0x49e7c4 CoInitialize

• 0x49e7c8 IsEqualGUID

Library oleaut32.dll:

• 0x49e7d0 GetErrorInfo

• 0x49e7d4 SysFreeString

Library comctl32.dll:

• 0x49e7dc ImageList_SetIconSize

• 0x49e7e0 ImageList_GetIconSize

• 0x49e7e4 ImageList_Write

• 0x49e7e8 ImageList_Read

• 0x49e7ec ImageList_GetDragImage

• 0x49e7f0 ImageList_DragShowNolock

• 0x49e7f4 ImageList_SetDragCursorImage

• 0x49e7f8 ImageList_DragMove

• 0x49e7fc ImageList_DragLeave

• 0x49e800 ImageList_DragEnter

• 0x49e804 ImageList_EndDrag

• 0x49e808 ImageList_BeginDrag

• 0x49e80c ImageList_Remove

• 0x49e810 ImageList_DrawEx

• 0x49e814 ImageList_Draw

• 0x49e818 ImageList_GetBkColor

• 0x49e81c ImageList_SetBkColor

• 0x49e820 ImageList_ReplaceIcon

• 0x49e824 ImageList_Add

• 0x49e828 ImageList_SetImageCount

• 0x49e82c ImageList_GetImageCount

• 0x49e830 ImageList_Destroy

• 0x49e834 ImageList_Create

• 0x49e838 InitCommonControls

Library winspool.drv:

• 0x49e840 OpenPrinterA

• 0x49e844 EnumPrintersA

• 0x49e848 DocumentPropertiesA

• 0x49e84c ClosePrinter

Library shell32.dll:

• 0x49e854 ShellExecuteA

Library comdlg32.dll:

• 0x49e85c PrintDlgA

Library URL.DLL:

• 0x49e864 InetIsOffline

Hosts

No hosts contacted.

DNS

Name	Response	Post-Analysis Lookup
time.windows.com	A 51.105.208.173 CNAME time.microsoft.akadns.net
dns.msftncsi.com	AAAA fd3e:4f5a:5b81::1	131.107.255.255
drive.google.com	A 31.13.74.1 A 162.125.18.133 A 103.200.30.245 A 142.250.66.78 A 108.160.162.31 A 208.101.21.43	108.160.169.181
dns.msftncsi.com	A 131.107.255.255	131.107.255.255
teredo.ipv6.microsoft.com

TCP

No TCP connections recorded.

UDP

Source	Source Port	Destination	Destination Port
192.168.56.101	50568	114.114.114.114	53
192.168.56.101	51378	114.114.114.114	53
192.168.56.101	57756	114.114.114.114	53
192.168.56.101	58367	114.114.114.114	53
192.168.56.101	62318	114.114.114.114	53
192.168.56.101	137	192.168.56.255	137
192.168.56.101	138	192.168.56.255	138
192.168.56.101	49235	224.0.0.252	5355
192.168.56.101	50534	224.0.0.252	5355
192.168.56.101	51963	224.0.0.252	5355
192.168.56.101	53237	224.0.0.252	5355
192.168.56.101	53657	224.0.0.252	5355
192.168.56.101	56804	224.0.0.252	5355
192.168.56.101	60384	224.0.0.252	5355
192.168.56.101	62191	224.0.0.252	5355
192.168.56.101	63429	224.0.0.252	5355
192.168.56.101	1900	239.255.255.250	1900
192.168.56.101	50003	239.255.255.250	3702
192.168.56.101	51966	239.255.255.250	1900
192.168.56.101	58368	239.255.255.250	3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.

Sorry! No dropped buffers.