Play interactive tourEdit tour
Analysis Report http://louisville.edu/coronavirus/assets/Dec12020InterimPolicyforUniversityTravel.pdf
Overview
General Information
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Classification
Startup |
---|
|
Malware Configuration |
---|
No configs have been found |
---|
Yara Overview |
---|
No yara matches |
---|
Sigma Overview |
---|
No Sigma rule has matched |
---|
Signature Overview |
---|
Click to jump to signature section
Show All Signature Results
There are no malicious signatures, click here to show all signatures.
Source: | File opened: | Jump to behavior |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Classification label: |
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | File read: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Window detected: |
Source: | File opened: | Jump to behavior |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | Process information queried: | Jump to behavior |
Source: | Code function: | 4_2_053C5110 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Spearphishing Link1 | Windows Management Instrumentation | Path Interception | Process Injection2 | Masquerading1 | OS Credential Dumping | Process Discovery2 | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | Non-Application Layer Protocol2 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Process Injection2 | LSASS Memory | File and Directory Discovery1 | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | Application Layer Protocol2 | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | Ingress Tool Transfer1 | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Behavior Graph |
---|
Screenshots |
---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | Avira URL Cloud | safe |
Dropped Files |
---|
No Antivirus matches |
---|
Unpacked PE Files |
---|
No Antivirus matches |
---|
Domains |
---|
No Antivirus matches |
---|
URLs |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Domains and IPs |
---|
Contacted Domains |
---|
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
louisville.edu | 136.165.238.241 | true | false | high |
Contacted URLs |
---|
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high |
URLs from Memory and Binaries |
---|
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown |
Contacted IPs |
---|
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
Public |
---|
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
136.165.238.241 | louisville.edu | United States | 1657 | LOUISVILLEUS | false |
General Information |
---|
Joe Sandbox Version: | 32.0.0 Black Diamond |
Analysis ID: | 411367 |
Start date: | 11.05.2021 |
Start time: | 20:32:53 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 14m 23s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://louisville.edu/coronavirus/assets/Dec12020InterimPolicyforUniversityTravel.pdf |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Number of analysed new started processes analysed: | 40 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@7/17@1/1 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
Warnings: | Show All
|
Simulations |
---|
Behavior and APIs |
---|
No simulations |
---|
Joe Sandbox View / Context |
---|
Created / dropped Files |
---|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 36440 |
Entropy (8bit): | 1.8880688792959317 |
Encrypted: | false |
SSDEEP: | 96:r2ZZZk2cWOMtOzfO2BMOqjOqIOqrOqtOq8fOqd8X:r2ZZZk2cWrt8f/BMpjpIprptp8fpd8X |
MD5: | 03C6C287F3B033DFF4B8DB78D7230C52 |
SHA1: | ED93357D6D3A37BBD854E1C79A900D9F8EA878B5 |
SHA-256: | 2B6D7B446B599492541E869E44B789A80F430929C8C988C81E0191A85E0713FC |
SHA-512: | 45EBF88173055660B005914475E8F4AE098F1758D67BD9B2172E9D2C5248C29FEB7EA52096489FF7D49A0FED116444A493C639E4E5BE190A5DF210928B2E54E6 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 24280 |
Entropy (8bit): | 1.6532995324916002 |
Encrypted: | false |
SSDEEP: | 48:Iw7GcpreGwpaSG4pQSGrapbScGQpBCGHHpcjTGUp8QGzYpm7HoGoptVsbG6Npm:rhZWQi6UBS0jZ29WkM7ojStg |
MD5: | 11590ACBB4BBC2652A84BF459E3BBA1F |
SHA1: | 6E46F385BFE26436FF4D392A8F198635B38FC81A |
SHA-256: | 99470707D44999BE757DD61D680946EC3B82D44BB161AF5965EF1AEA47588BC9 |
SHA-512: | 2162DDE1F306719F80AA665FC3C4756F0074B4F1B8AB6634A1988EE82D0A3C48D8D62C88BEAF8C7A4E83EC18EAF45E41C2A9A90E9FC6816ED2E5C58285221AB8 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16984 |
Entropy (8bit): | 1.565792769306293 |
Encrypted: | false |
SSDEEP: | 48:IwkGcprZGwpa8G4pQMGrapbSDGQpKXG7HpRoTGIpG:r4ZTQc6KBS9A2TsA |
MD5: | 7A58ACDC00F9DE3D3A8AEBC52023B5F5 |
SHA1: | 04D541AC2542DD7445515D85C3DABD91C05FEFAA |
SHA-256: | 4F251B2BFEA41B7B278138BACC56FB0F6C932F10BBFBB32BD83F4C5C9B6B384C |
SHA-512: | F7B3F46894AA14F71777709827C04B394380C9ECB683DBD86581E553B2CC706F5E8752EC3D69AEFC5B9579D675ABA510C3D81897CA6C0A71599C2C9C2D8B0991 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 656 |
Entropy (8bit): | 5.06320493364117 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxOEwDYBDjnWimI002EtM3MHdNMNxOEwDYBDjnWimI00ObVbkEtMb:2d6NxOzQjSZHKd6NxOzQjSZ76b |
MD5: | 97182FB7867A4AD6E78E2FFF5043FB47 |
SHA1: | 3410EB7ACC90AEF9BFA59FAEFE360B4BC22E2846 |
SHA-256: | AF3C56F70A40AFE084CF32B43479CAB54311F22AFC1682EDC2E8A9C9B5D9AF50 |
SHA-512: | 6D3FC406247AB0580868F377BF8AFEB27831FB458F4E208981580E6A016A49FB965E82176B7E606FBE9A80BA4901E72C20380216AC7C113169E0FA2E6F5BDB80 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 653 |
Entropy (8bit): | 5.103142634927204 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxe2kwNMBNfnWimI002EtM3MHdNMNxe2kwNMBNfnWimI00Obkak6EtMb:2d6NxrISZHKd6NxrISZ7Aa7b |
MD5: | B20DB0D7F299CFF27611CD94A9BB9232 |
SHA1: | 069692348E768E2F2F26CEDB7D2634F495446EB0 |
SHA-256: | 25732DACB3773AB512860946FFA522887F21208A7CEF3ADDCAF21FC8D20603D3 |
SHA-512: | E0A7B739C38A290F5C48FD478C94F0CE33FCA3258F6E1D1D4DC28DECE714BE37CAB7B47156363E8BBFC456B0639C7A57A914300601189E0745F2C0879E1140C7 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 662 |
Entropy (8bit): | 5.080279154526209 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxvLwDYBDjnWimI002EtM3MHdNMNxvLwDYBDjnWimI00ObmZEtMb:2d6NxvUQjSZHKd6NxvUQjSZ7mb |
MD5: | AEC8609B7B29EFBE6056C8D3E94DF9CD |
SHA1: | AD3FA181DE1AC9F1CDEC3F798EB18A9945B2DC01 |
SHA-256: | BF8F3B20D86E8E5DA7DF8A821E206B5FBF3129F3E0331C6B407B81DE6AE78A1A |
SHA-512: | FF25043F1B79959F0D70112CCB297BA43DA9C49453DD0F442ACE8054DE63D5F0EB1CB59675973CA652F6066CD15C4DD04EE03A4E64C187FCE88A65F548BCD848 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 647 |
Entropy (8bit): | 5.078530873431818 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxiwDYBDjnWimI002EtM3MHdNMNxiwDYBDjnWimI00Obd5EtMb:2d6NxtQjSZHKd6NxtQjSZ7Jjb |
MD5: | 8964DE777205E3831C83A707B0CD13D5 |
SHA1: | 55C7A99B0EE97C251F5303F41B05B65821AC7E4E |
SHA-256: | 766C9192FB02D8A86B62AC87AFE2EDEC676C614DD0E793DA686FE4A8C94CE6D7 |
SHA-512: | 372CEDD4D93F979F04994E6126C7EB0B3D13D3A769CD57E2B110997AFA5B259071AF395E263225B921F04BD947436630443FAB40AFAFF6556716D2229A5C04DC |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 656 |
Entropy (8bit): | 5.097967420004993 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxhGwwDYBDjnWimI002EtM3MHdNMNxhGwwDYBDjnWimI00Ob8K075EtMb:2d6NxQXQjSZHKd6NxQXQjSZ7YKajb |
MD5: | 2DF15EBD274982E0AB3405FC91805BC4 |
SHA1: | 4FB0FFA0E173D84BDA02200657E9EAEDF9B69637 |
SHA-256: | E8C73CFF3AD09F338D3EE3765CB5DE75F8B3BA699AF47C68B6D1204C657665A2 |
SHA-512: | 13E179CD497698304F23FAE6714ACEADFA8C94B575C6A386DB3A0959E4098F4DE0AEFEAACA7DD16972FC554233A6B0F303D43A394BDB22291952D10991EB11D8 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 653 |
Entropy (8bit): | 5.061747821604419 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNx0nwDYBDjnWimI002EtM3MHdNMNx0nwDYBDjnWimI00ObxEtMb:2d6Nx04QjSZHKd6Nx04QjSZ7nb |
MD5: | 06985B1225A03C1A40FC42A807E3E874 |
SHA1: | 30FA1CA210B71D1EFED6126BE5E4B1096A956BDD |
SHA-256: | 53C31899C62D705AC12B80C82EC8BFB74A600A5AD573674F52CDB6225C636534 |
SHA-512: | B2F11CB6B6AC3C78CB83C0ED813FFDC758FD71EE1A0629C26DB22481B06BA56CAC6ACA5347388B964009CAA7CD3EFB4ACE57DDB3F92B9DD490CEE072BE4F32A8 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 656 |
Entropy (8bit): | 5.103628634911867 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxxwDYBDjnWimI002EtM3MHdNMNxxwDYBDjnWimI00Ob6Kq5EtMb:2d6NxeQjSZHKd6NxeQjSZ7ob |
MD5: | 78E5B3D4B6792F55109A3394DC00111B |
SHA1: | B3F77CC3EFF4570D0C1CF4462C1368AD5CA9D104 |
SHA-256: | 0455B866036C4420AC0BE2219E9C346B123A35A6CF7A382351207FEC35DEB65C |
SHA-512: | 6187716B7BD3430F06135FBE734174B56292B618E0BCA5899A5E920D475488166B5588E61DED9F9EB5CE6EFCD4D44CA31A44B46A3A5B22D28376397F5252CC8F |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 659 |
Entropy (8bit): | 5.094317234838545 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxcwNMBNfnWimI002EtM3MHdNMNxcwNMBNfnWimI00ObVEtMb:2d6NxwSZHKd6NxwSZ7Db |
MD5: | 526FC0216224127EE4BAA4956DD66C5A |
SHA1: | 1F8F7EB62F4DF4B8D024C87660CE1C1DCDA575CF |
SHA-256: | 50439721984984E1E0FB82674D8E858CF07D2CC0A5550A21418BC1B280BB3A31 |
SHA-512: | 125CBE75558D1FE64CF9B450AC9579ADF6F9F315DBC92BDD12A3CA55D326E576336063E23B44479B917848277A840CB1685C06889FBCA63D9105225BEB24EF5E |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 653 |
Entropy (8bit): | 5.064493914043756 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxfnwDYBDjnWimI002EtM3MHdNMNxfnwDYBDjnWimI00Obe5EtMb:2d6NxwQjSZHKd6NxwQjSZ7ijb |
MD5: | 41512AA2443DA028B6A40EBA89FE469E |
SHA1: | 70839999CF7123B86DF7B7590815945254159E9D |
SHA-256: | 6F266EC16A01DBC3334E042B02CCD356AB3FEC7218A6148E2EFE29CC146F7E2E |
SHA-512: | 448ECFD731A8170E2788245D746BCE72B054B4AEE4A80EE2817C3BEE565E3D309D9D155FFBF5E0AB44797C1921C7A528A075AA9F6744CB3593D3026A268D8184 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 38636 |
Entropy (8bit): | 7.925387978690509 |
Encrypted: | false |
SSDEEP: | 768:y0IO9EIBB6IX0H1g39SbuJid3KmGzXEHGvzH9+NXARPTJvZdnRSkFEydtGdtV/yo:ZOIB0dhNwRZTnDq/dCpslFp |
MD5: | 84B945EA01E67415B849525E3C623CDD |
SHA1: | 8C2630011FFC04A701561221027451EFD67AD233 |
SHA-256: | AF7CD94F971A203F204B6C869F6C4E8271B0C2530BA8B4BC26ABF0CBEEBB9DBC |
SHA-512: | 67EFFE2EC39BCFCBC640271585953B21200A8D3B2141962B1BBB1A8FC6BF660B261DE0F2142D8652F2E1E0BE1892DC1B13781EE3934809592927701E294937DB |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe |
File Type: | |
Category: | modified |
Size (bytes): | 32768 |
Entropy (8bit): | 7.994442390753805 |
Encrypted: | true |
SSDEEP: | 768:NIecnWYJ9CQYJnK+hRtEZv+XsFfYo/QhvLa9Z4:NHcnW/HxdyZvXmoYhzaw |
MD5: | 89468E8FFA187D5EC442E0BD15053321 |
SHA1: | 744D9880DB326C75C072C9C499BEB1F5BBA45B2E |
SHA-256: | 67F852951CD601C7E5AFAEE4222BB892CCE8E1084A4D80CB3DC5542CD5951991 |
SHA-512: | 80A610CE1B463D1C6CCE174A1F916245D574B97C2045C275F2ADC060726ABB5B644EAEA8EAE4916D2C96CF89AABAD0DFAB7DD8FD3A2CCB33DB8D67811748D65D |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 34473 |
Entropy (8bit): | 0.37064969110499696 |
Encrypted: | false |
SSDEEP: | 24:c9lLh9lLh9lIn9lIn9lRg9lRA9lTS9lTy9lSSd9lSSd9lwj99lwh9l2/9l2/9l/0:kBqoxKAuvScS+jeU+X7I7/VsfKX |
MD5: | 769971887C0E80852D82B8E877ED591F |
SHA1: | E3D8D3C9B1DD1D43B147EAE99F5825B6466DF1AC |
SHA-256: | 037B4F5461B2892FB601BB978FDFB7ACA309A2A72C8DC83492D6F967BF87BCE8 |
SHA-512: | 3470A8026DF9DDCD24EB5CAF26CF3622A5FD4AEF96DC63586EFB0C520039E5468C5A1D8F39544D1ECA0BC8FF2ED64F9D6AA003527B844AE674FF4A11950E2FC7 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 25441 |
Entropy (8bit): | 0.27918767598683664 |
Encrypted: | false |
SSDEEP: | 24:c9lLh9lLh9lIn9lIn9lRx/9lRJ9lTb9lTb9lSSU9lSSU9laAa/9laA:kBqoxxJhHWSVSEab |
MD5: | AB889A32AB9ACD33E816C2422337C69A |
SHA1: | 1190C6B34DED2D295827C2A88310D10A8B90B59B |
SHA-256: | 4D6EC54B8D244E63B0F04FBE2B97402A3DF722560AD12F218665BA440F4CEFDA |
SHA-512: | BD250855747BB4CEC61814D0E44F810156D390E3E9F120A12935EFDF80ACA33C4777AD66257CCA4E4003FEF0741692894980B9298F01C4CDD2D8A9C7BB522FB6 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 13125 |
Entropy (8bit): | 0.5451951693227013 |
Encrypted: | false |
SSDEEP: | 24:c9lLh9lLh9lIn9lIn9lodF9lo39lWuNqEqM6qBqKq:kBqoI4muNqEqM6qBqh |
MD5: | A920DA73E61CDDA9390E7D2162FB6B0A |
SHA1: | 402BFC37DA51392E415D3546B810903AB8518951 |
SHA-256: | 709FC76BC86194A6968B23FE65433D6925CD2980F2A95B51F8BF2F26E8172F04 |
SHA-512: | 7935E28FBD5D12E07FC5038A8244AD051DAD9FF97DE472D0E321E48625760E0B2444E1756EBF45A7C08633A7ACAB227A58117B2D16D69BD8FFF17DB9398D9D88 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Static File Info |
---|
No static file info |
---|
Network Behavior |
---|
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
May 11, 2021 20:33:45.599827051 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:45.599987984 CEST | 49716 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:45.761102915 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:45.761137962 CEST | 80 | 49716 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:45.761269093 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:45.761334896 CEST | 49716 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:45.763324976 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:45.923095942 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:45.937477112 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:45.937500954 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:45.937524080 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:45.937547922 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:45.937549114 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:45.937572002 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:45.937572956 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:45.937593937 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:45.937618017 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:45.937627077 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:45.937644958 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:45.937648058 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:45.937669992 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:45.937678099 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:45.937686920 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:45.937697887 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:45.937719107 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:45.937740088 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:46.101633072 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101658106 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101670027 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101682901 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101700068 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101717949 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101731062 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101735115 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:46.101751089 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101768970 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101775885 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:46.101784945 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101800919 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101815939 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101829052 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:46.101830959 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101847887 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101846933 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:46.101864100 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101878881 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:46.101883888 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101901054 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101908922 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:46.101917028 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101927996 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:46.101933002 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101949930 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:33:46.101959944 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:46.101990938 CEST | 49715 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:33:46.267220974 CEST | 80 | 49715 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:34:45.921159983 CEST | 80 | 49716 | 136.165.238.241 | 192.168.2.3 |
May 11, 2021 20:34:45.921361923 CEST | 49716 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:35:34.928066015 CEST | 49716 | 80 | 192.168.2.3 | 136.165.238.241 |
May 11, 2021 20:35:35.086971045 CEST | 80 | 49716 | 136.165.238.241 | 192.168.2.3 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
May 11, 2021 20:33:37.224772930 CEST | 50620 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:37.276420116 CEST | 53 | 50620 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:38.312508106 CEST | 64938 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:38.361545086 CEST | 53 | 64938 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:39.088257074 CEST | 60152 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:39.146723032 CEST | 53 | 60152 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:39.295406103 CEST | 57544 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:39.347206116 CEST | 53 | 57544 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:40.042587996 CEST | 55984 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:40.094602108 CEST | 53 | 55984 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:40.922749043 CEST | 64185 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:40.971935034 CEST | 53 | 64185 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:41.872699976 CEST | 65110 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:41.921628952 CEST | 53 | 65110 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:43.636934996 CEST | 58361 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:43.697138071 CEST | 53 | 58361 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:44.117597103 CEST | 63492 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:44.185013056 CEST | 53 | 63492 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:44.860064983 CEST | 60831 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:44.912158966 CEST | 53 | 60831 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:45.525552988 CEST | 60100 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:45.583208084 CEST | 53 | 60100 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:45.914628983 CEST | 53195 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:45.967145920 CEST | 53 | 53195 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:49.106151104 CEST | 50141 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:49.154844046 CEST | 53 | 50141 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:50.512593985 CEST | 53023 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:50.561570883 CEST | 53 | 53023 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:51.792617083 CEST | 49563 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:51.841552019 CEST | 53 | 49563 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:53.001874924 CEST | 51352 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:53.050693035 CEST | 53 | 51352 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:53.838274002 CEST | 59349 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:53.887079954 CEST | 53 | 59349 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:54.747421026 CEST | 57084 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:54.798157930 CEST | 53 | 57084 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:56.145703077 CEST | 58823 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:56.197326899 CEST | 53 | 58823 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:33:57.330096006 CEST | 57568 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:33:57.389296055 CEST | 53 | 57568 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:01.721692085 CEST | 50540 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:01.770529985 CEST | 53 | 50540 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:02.684662104 CEST | 54366 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:02.736207962 CEST | 53 | 54366 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:11.943348885 CEST | 53034 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:12.002760887 CEST | 53 | 53034 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:14.132914066 CEST | 57762 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:14.181756973 CEST | 53 | 57762 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:15.024446964 CEST | 55435 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:15.081799030 CEST | 53 | 55435 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:15.151463032 CEST | 57762 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:15.200406075 CEST | 53 | 57762 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:16.026624918 CEST | 55435 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:16.075609922 CEST | 53 | 55435 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:16.198246956 CEST | 57762 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:16.247097015 CEST | 53 | 57762 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:16.665625095 CEST | 50713 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:16.723833084 CEST | 53 | 50713 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:17.073093891 CEST | 55435 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:17.123318911 CEST | 53 | 55435 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:18.290467978 CEST | 57762 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:18.341634989 CEST | 53 | 57762 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:19.119632006 CEST | 55435 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:19.169595957 CEST | 53 | 55435 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:22.307642937 CEST | 57762 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:22.360076904 CEST | 53 | 57762 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:23.119786024 CEST | 55435 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:23.168530941 CEST | 53 | 55435 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:31.948184967 CEST | 56132 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:32.005697966 CEST | 53 | 56132 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:33.713370085 CEST | 58987 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:33.770751953 CEST | 53 | 58987 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:35.081949949 CEST | 56579 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:35.141115904 CEST | 53 | 56579 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:42.987179041 CEST | 60633 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:43.055875063 CEST | 53 | 60633 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:34:56.054220915 CEST | 61292 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:34:56.115648031 CEST | 53 | 61292 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:35:17.587557077 CEST | 63619 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:35:17.654825926 CEST | 53 | 63619 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:35:40.870258093 CEST | 64938 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:35:40.927452087 CEST | 53 | 64938 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:36:28.720570087 CEST | 61946 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:36:28.777877092 CEST | 53 | 61946 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:36:29.810992956 CEST | 64910 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:36:29.867907047 CEST | 53 | 64910 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:36:30.487509966 CEST | 52123 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:36:30.547513008 CEST | 53 | 52123 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:36:31.159152031 CEST | 56130 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:36:31.218460083 CEST | 53 | 56130 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:36:31.794131994 CEST | 56338 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:36:31.853203058 CEST | 53 | 56338 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:36:32.456187963 CEST | 59420 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:36:32.506105900 CEST | 53 | 59420 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:36:33.430186987 CEST | 58784 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:36:33.480163097 CEST | 53 | 58784 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:36:35.655929089 CEST | 63978 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:36:35.715584993 CEST | 53 | 63978 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:36:36.761265039 CEST | 62938 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:36:36.811424017 CEST | 53 | 62938 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:36:37.670710087 CEST | 55708 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:36:37.719393015 CEST | 53 | 55708 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:38:32.863888025 CEST | 56803 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:38:32.921166897 CEST | 53 | 56803 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:38:33.610927105 CEST | 57145 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:38:33.677917004 CEST | 53 | 57145 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:38:40.202306986 CEST | 55359 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:38:40.269273043 CEST | 53 | 55359 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:38:44.442126989 CEST | 58306 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:38:44.518428087 CEST | 53 | 58306 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:38:44.876787901 CEST | 64124 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:38:44.934597015 CEST | 53 | 64124 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:41:12.290935993 CEST | 49361 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:41:12.350517035 CEST | 53 | 49361 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:41:12.906342983 CEST | 63150 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:41:12.981420040 CEST | 53 | 63150 | 8.8.8.8 | 192.168.2.3 |
May 11, 2021 20:41:45.937783003 CEST | 53279 | 53 | 192.168.2.3 | 8.8.8.8 |
May 11, 2021 20:41:46.013698101 CEST | 53 | 53279 | 8.8.8.8 | 192.168.2.3 |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
May 11, 2021 20:33:45.525552988 CEST | 192.168.2.3 | 8.8.8.8 | 0x1eac | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
May 11, 2021 20:33:45.583208084 CEST | 8.8.8.8 | 192.168.2.3 | 0x1eac | No error (0) | 136.165.238.241 | A (IP address) | IN (0x0001) | ||
May 11, 2021 20:38:32.921166897 CEST | 8.8.8.8 | 192.168.2.3 | 0x6def | No error (0) | www.tm.a.prd.aadg.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | ||
May 11, 2021 20:41:12.350517035 CEST | 8.8.8.8 | 192.168.2.3 | 0x9cc3 | No error (0) | www.tm.a.prd.aadg.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) |
HTTP Request Dependency Graph |
---|
|
HTTP Packets |
---|
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
0 | 192.168.2.3 | 49715 | 136.165.238.241 | 80 | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
May 11, 2021 20:33:45.763324976 CEST | 716 | OUT | |
May 11, 2021 20:33:45.937477112 CEST | 938 | IN |